The Forum of Incident Response and Security Teams (FIRST)

Slides:



Advertisements
Similar presentations
1 How to Start a Local User Group... and Keep It Going!
Advertisements

ClimDev-Africa Program & African Climate Policy Center (ACPC)
High level expert meeting to develop the Near East Regional Action Plan to Implement the Global Strategy to improve Agricultural and Rural Statistics.
DR MACIEJ JUNKIERT PRACOWNIA BADAŃ NAD TRADYCJĄ EUROPEJSKĄ Guide for Applicants.
Great Lakes Regional Pollution Prevention Roundtable An Overview of Services and Resources
What is itSMF Macedonia?  Non-profit organization affiliated to the itSMF International.  Established as a forum for: – IT service/product providers,
ASUG’s Roadmap to Influence QM Session. What Influence used to be... Submit written development requests to ASUG ASUG spent considerable resources organizing.
Behind the FIRST Rob Floodeen (Dell SecureWorks), Alex Jaeger (BASF), Michael Dwucet (CERT-Bund), John Kristoff (Team Cymru)
CCIRN meeting, Cairns, 3 July 2004 Computer security co-operation in Europe Karel Vietsch Based on materials provided by TERENA TF-CSIRT.
Members Meeting WINGSForum 2014 March 29, 2014 Istanbul, Turkey
“ Building a Global Community” ONCE Global Summit 2005 May 4 – 6, 2205 Milan, Italy Hosted by i-Faber ( Sponsored by:
2 Overview With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)
Supported by The Global Forum on Food Security and Nutrition an overview by Mauricio Rosales
Day 4-2 Inter-Network Cooperation 4-2.inter-network-cooperation 1 Cooperation and Coordination community, sharing, incident response, trust.
Introduction to PSMO Process Safety Management for Operations.
A New Start for EUTO Redruth, 29 September 2012 Henk Schüller.
Ggim.un.org. The United Nations initiative on Global Geospatial Information Management A formal mechanism under UN protocol to discuss, enhance and coordinate.
Discussion on HTASC Future Tobias Haas XV HTASC 3 October, 2003 CERN.
Besides learning how the JCI information system works, you will receive essential details on how to manage the database center application, as well as.
ISSA-BE Presentation Toon Mordijck Vice President ISSA-BE 14 September 2006.
This is Rotary Adapted from a presentation by The Rotary Club of Windsor-Roseland District 6400.
IETF and ISOC Internet Standardization Ole Jacobsen, Editor and Publisher The Internet Protocol Journal
The Internet Society (ISOC) Sebastián Bellagamba Manager – Regional Bureau for Latin America and the Caribbean
The Next Stage for Results in Africa. Context 2005 Paris Declaration on Aid Effectiveness 2006 Mutual Learning Events Uganda & Burkina Faso 2007 Hanoi.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
Overview of UN Initiative on Global Geospatial Information Management (GGIM) What, How and Why? Critical Issues Past Activities Present Status Future Plan.
Euro-IX update IX SIG APNIC17 Kuala Lumpur Feb 25 th Euro-IX update APNIC 17 - IX SIG 25 th February Kuala Lumpur Serge Radovcic Euro-IX.
Mirjam Kühne. AfNOG Conference, 11 May Operational Co-ordination in the RIPE Region presented by: Mirjam Kühne RIPE NCC.
Issue Date: Revision: APNIC Outreach Activities in Cyber Security Adli Wahid Security Specialist
APCERT Dr. Suguru Yamaguchi JPCERT/CC. What’s APCERT? “Asia Pacific Computer Emergency Response Team” –Regional forum of CSIRT in Asia Pacific –Established.
2 Overview With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)
The UN-REDD Programme: Capacity development for REDD+ readiness through partnerships Yemi Katerere, Head UN-REDD Programme Secretariat Briefing to Missions.
[Your Facility Name] is now a member of Passport to IHI Training!
WISE 2016 WISE: a global trust community where security experts share information and work together, creating collaboration among different e- infrastructures.
[Your Facility Name] is now a member of Passport to IHI Training!!
[Your Facility Name] is now a member of Passport to IHI Training!
Information Sharing for Integrated care A 5 Step Blueprint
Welcome to CFMA’s Chapter PresidentS’ Orientation
International Relations Sector and IR-ECO Group
Date and event name can go here
IHE Eye Care Process and Timeline
AGN INTERNATIONAL TAX COMMITTEE
SMEs and Insurance in Mongolia SMEs and Insurance in Mongolia
LEDS GP overview Africa LEDS Partnership Annual Event 4-5 October 2017 Abidjan, Côte d’Ivoire.
The Forum of Incident Response and Security Teams (FIRST)
HDM-4 Future Directions
National Operations Center of
2008 National Environmental Partnership Summit World Café ACC’s Responsible Care® Guiding Principles Implementation Assistance for Companies of All.
8 Building Blocks of National Cyber Strategies
The Maryland Association for Healthcare Quality (MAHQ)
Interaction with resource providers: selection, SLA, support
PhUSE Computational Science Working Groups
BioMedBridges – Work Packages 2 & 12
Leadership Development
AMEC Measurement Month 2018
CVE.
CLEAR Centers for Learning on Evaluation and Results
Core Competencies of a World Class Customer Advisory Board
Global Grants Breakout
S3P Agri-Food Working Committee Meeting
CUSTOMER ADVISORY BOARD.ORG
REALM Association Organization Chart Position Responsibilities
SHRM GA State Volunteer Leaders Summit:
Employee engagement Delivery guide
Corporate Program Update
The Forum of Incident Response and Security Teams (FIRST)
Based on the EPSO board Presentation in Porto, 12 April 2019
Chapter to Provide Title
ISACA IN 2019 Robin Lyons WHAT’S NEXT, NOW Technical Research Manager
Draft Charter Community of Practice for Direct Access Entities
Presentation transcript:

The Forum of Incident Response and Security Teams (FIRST)

Who are we? Association of Incident Response and Security Teams Founded in 1989 We enable incident responders To engage with their peers To have a shared understanding of security problems By developing technologies and standards 2

Global FIRST membership 409 teams in 84 countries Note to Presenter: You can obtain the latest map / stats here - http://www.first.org/members/map Today, FIRST is comprised of over 300 members in 70 countries. 3 3

Membership

Membership application process 05 04 03 02 01 IDENTIFY TWO SPONSORS Contact the FIRST Secretariat, and identify a primary and secondary sponsor among existing membership SITE VISIT Have the primary sponsor perform a site visit to assess CSIRT maturity SUBMIT APPLICATION File application forms Have PGP keys signed Obtain letters of support from sponsors FIRST MEMBER REVIEW Application is sent to members Members provide input Any concerns are addressed BOARD APPROVAL FIRST Board approves Pay membership fee

Fellowship Program FIRST funds participation by up to four new teams each year Open to CSIRT with some level of national responsibility Over five years of Fellowship program participation, we subsidize participation in the conference and organization. Subsidies decrease annually, from near total funding in the first year through to no subsidies by the end of the six year period. 6 6

FIRST as an organization Led by a 10-person Board of Directors, elected by Members No headquarters, but secretariat in Chicago 501c3 non-profit incorporated in the United States Funded primarily through membership fees 7

Events Conference Symposium Technical Colloquium Flagship event Once per year, travels between regions ~500-800 attendees Conference Organized by individual members National or regional event Typically 10-15 events per year Technical Colloquium Four per year Typically in each major region (Africa, Europe, Latin America, Asia) Hosted by FIRST and often a partner Symposium

Global events 2017 Events

Training and Education FIRST maintains a CSIRT and PSIRT Services Framework Details all services typically offered by CSIRT Offers a roadmap and guide for CSIRT as they expand capability FIRST develops training for individual services CSIRT Fundamentals, Incident Coordination, Information Sources All materials are Creative Commons licensed and available for free FIRST delivers training with partners and at events Roster of trainer-practitioners

Special Interest Groups Convene members around topics of common interest Often have a formal charter, timeline and deliverables Types of SIGs: Working groups: Big Data, Ethics, Red Team Standards groups: CVSS, IEP, TLP, Passive DNS exchange Discussion groups: Vendors, Metrics, Industrial Control Systems Bird of a Feather session: legal issues, specific temporary topics

Standards IEP Passive TLP DNS Passive DNS Traffic Light Protocol Scoring system for software vulnerabilities Allows integration of environmental factors Interactive training Common Vulnerability Scoring System Traffic Light Protocol Information Exchange Protocol Passive DNS IEP Enable easier sharing of passive DNS information Standard contributed to the IETF Allows data senders to encode how information may be distributed Focused on human sharing, simple to use More fine grained specification of Handling, Action, Sharing and Licensing policies Focused on machine sharing (JSON) Passive DNS TLP

Technical resources Membership database A FIRST member database with contact information for incident responders at other members. Including PGP keys. Poll information on other members using a public API. Share machine-parseable incident descriptions with members using the MISP platform. Immediate communications channels with other FIRST members. Membership database FIRST Incident Response Team API Malware Information Sharing Platform Mailing lists and IRC

Internet Governance and Policy Be a trusted security expert to the policy community FIRST regularly participates in policy forums, such as the Internet Governance Forum, Global Conference on Cyberspace to educate policy makers on incident response Lead experts to the IGF Best Practices Forum on Cybersecurity Help develop technology expertise and capability

Partners Partners share our vision of a strong incident response community

Questions? first-sec@first.org https://www.first.org 16

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.