Organization:Forum of Incident Response and Security Teams

From HandWiki
Short description: Engineering societies based in the United States
Forum of Incident Response and Security Teams
First1.org.svg
AbbreviationFIRST.org
FormationJuly 8, 1995
Type501(c)(3) not-for-profit public charity
HeadquartersCary, North Carolina
Members
650+ organizations from more than 100 countries
Chair of the board
Tracy Bills
Key people
  • Tracy Bills, President
  • Chris Gibson, Executive Director
Websitewww.first.org

The Forum of Incident Response and Security Teams (FIRST) is a global forum of incident response and security teams. They aim to improve cooperation between security teams on handling major cybersecurity incidents.[1] FIRST is an association of incident response teams with global coverage.[2]

The 2018 Report of the United Nations Secretary-General's High-Level Panel on Digital Cooperation noted FIRST as a neutral third party which can help build trust and exchange best practices and tools during cybersecurity incidents.[3]

History

FIRST was founded as an informal group by a number of incident response teams after the WANK (computer worm) highlighted the need for better coordination of incident response activities between organizations, during major incidents.[4] It was formally incorporated in California on August 7, 1995, and moved to North Carolina on May 14, 2014.[5]

Activities

In 2020, FIRST launched EthicsFIRST, a code of Ethics for Incident Response teams.[6]

Annually, FIRST offers a Suguru Yamaguchi Fellowship, which helps incident response teams with national responsibility gain further integration with the international incident response community.[7] It also maintains an Incident Response Hall of Fame, highlighting individuals who contributed significantly to the Incident Response community.[8]

FIRST maintains several international standards, including the Common Vulnerability Scoring System, a standard for expressing impact of security vulnerabilities;[9] the Traffic light protocol for classifying sensitive information;[10] and the Exploit Prediction Scoring System, an effort for predicting when software vulnerabilities will be exploited.[11]

FIRST is a partner of the International Telecommunication Union[12] (ITU) and the Department of Foreign Affairs and Trade of Australia on Cybersecurity.[13] The ITU co-organizes with FIRST the Women in Cyber Mentorship Programme, which engages cybersecurity leaders in the field, and connects them with women worldwide.[14]

Together with the National Telecommunications and Information Administration, FIRST also publishes guidelines for multi-party vulnerability disclosure, in scenarios such as the Heartbleed vulnerability in OpenSSL.[15]

In 2019, the Wall Street Journal reported Huawei Technologies Co. had been suspended from the Forum of Incident Response and Security Teams due to changes to US technology export restrictions.[16] In 2017, a NATO-style coalition of 41 states, including all Gulf Cooperation Council states, intended to work closely with FIRST to heighten levels of cybersecurity cooperation.[17]

Internet governance implications

In his study of Internet Governance, Joseph Nye identified FIRST as an "incident response regime", supporting global cyber activities.[18]

Political scientists focused on international security have considered organizations such as FIRST to be transparency and confidence-building measures in cyberspace, "elements of international policy that reduce threats, build trust, and make relationships between states more predictable".[19]

The FIRST community has also been considered an example of "science diplomacy", as its technical community offers a means of navigating tensions in a way political actors re not able to.[20]

References

  1. "FIRST - ICANNWiki". https://icannwiki.org/FIRST. 
  2. "OECD - GUIDANCE FOR IMPROVING THE COMPARABILITY OF STATISTICS PRODUCED BY COMPUTER SECURITY INCIDENT RESPONSE TEAMS". https://www.oecd.org/officialdocuments/publicdisplaydocumentpdf/?cote=DSTI/ICCP/REG(2013)9/FINAL&doclanguage=en. 
  3. "The age of digital interdependence". https://www.un.org/en/pdfs/DigitalCooperation-report-for%20web.pdf. 
  4. Slayton, Rebecca; Clarke, Brian (2020). "Trusting Infrastructure: The Emergence of Computer Security Incident Response". Technology and Culture 61 (1): 173–206. doi:10.1353/tech.2020.0036. PMID 32249219. https://muse.jhu.edu/article/752964/pdf. 
  5. "North Carolina Secretary of State Search Results". https://www.sosnc.gov/online_services/Search/Business_Registration_profile?Id=10529500. 
  6. "FIRST launches new code of ethics for incident response and security teams on Global Ethics Day" (in en). https://www.securitymagazine.com/articles/93703-first-launches-new-code-of-ethics-for-incident-response-and-security-teams-on-global-ethics-day. 
  7. "FIRST conference focuses on handling security breaches" (in en-US). News Is My Business. 2017-06-13. https://newsismybusiness.com/conference-security-breaches/. 
  8. "Ian Cook and Don Stikvoort receive Incident Response Hall of Fame awards" (in en). https://www.securitymagazine.com/articles/93468-ian-cook-and-don-stikvoort-receive-incident-response-hall-of-fame-awards. 
  9. "What is the CVSS (Common Vulnerability Scoring System)?" (in en). https://www.techtarget.com/searchsecurity/definition/CVSS-Common-Vulnerability-Scoring-System. 
  10. Darley, Trey; Schreck, Thomas (2018-02-12). "Why is Cyber Threat Intelligence Sharing Important?". https://www.infosecurity-magazine.com/opinions/cyber-intelligence-sharing/. 
  11. Pompon, Raymond (2021-10-12). "Prioritizing Vulnerability Management Using Machine Learning" (in en). https://www.f5.com/labs/articles/cisotociso/prioritizing-vulnerability-management-using-machine-learning. 
  12. "First" (in en-US). https://www.itu.int:443/en/ITU-D/Cybersecurity/Pages/Global-Partners/first.aspx. 
  13. "Forum of Incident Response and Security Teams" (in en). https://www.dfat.gov.au/international-relations/themes/cyber-affairs/cyber-cooperation-program/Pages/forum-of-incident-response-and-security-teams. 
  14. "Women in Cyber Mentorship Programme" (in en-US). https://www.itu.int:443/en/ITU-D/Cybersecurity/Pages/Women-in-Cyber/Women-in-Cyber-Mentorship-Programme.aspx. 
  15. "FIRST updates guidelines for multi-party vulnerability disclosure" (in en). 2020-05-18. https://portswigger.net/daily-swig/first-updates-guidelines-for-multi-party-vulnerability-disclosure. 
  16. Isaac, Anna (2019-09-18). "WSJ News Exclusive | Huawei Suspended From Global Forum Aimed at Combating Cybersecurity Breaches" (in en-US). Wall Street Journal. ISSN 0099-9660. https://www.wsj.com/articles/huawei-suspended-from-global-forum-aimed-at-combating-cyber-security-breaches-11568805324. 
  17. Seener, Barak (8 June 2017). "Trump's Saudi pivot is a golden opportunity in terror fight". https://www.cnn.com/2017/06/08/opinions/qatar-terrorism-fight-seener/index.html. 
  18. Nye, Joseph S. (2014). "The Regime Complex for Managing Global Cyber Activities" (in en-US). Global Commission on Internet Governance. https://dash.harvard.edu/handle/1/12308565. 
  19. Baseley-Walker, Ben. "Transparency and confidence-building measures in cyberspace: towards norms of behaviour". https://citizenlab.ca/cybernorms2012/BaseleyWalker2011.pdf. 
  20. Tanczer, Leonie Maria; Brass, Irina; Carr, Madeline (2018). "CSIRTs and Global Cybersecurity: How Technical Experts Support Science Diplomacy" (in en). Global Policy 9 (S3): 60–66. doi:10.1111/1758-5899.12625. ISSN 1758-5899. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Organization:Forum_of_Incident_Response_and_Security_Teams&oldid=3388744"