Last month I travelled to Puerto Rico to attend the 29th FIRST Annual Conference and Annual General Meeting. As always, the conference drew a capacity crowd; more than 700 participants, most of who are working for security response teams around the world.
There were plenty of great keynote presentations across the five days, many of which you can watch recordings of — I recommend watching all of them. It was hard to say that there was a single, specific theme to the talks, but what I liked about most of them is that they are derived from real experience.
In addition to the talks, there were many side events including training (basic incident response, DDoS mitigation, Sinkholing), PGP key signing, BoF sessions, Security Jam (Challenge by Amazon) and a Hackathon.
Most importantly, it was a good opportunity to meet face-to-face with other security professionals and to plan future collaboration.
Congratulations to the Program Chair, Program Committee, and all the contributors. I’m looking forward to welcoming the 30th FIRST Annual Conference and AGM to the region in 2018, with the event to be held in Kuala Lumpur, Malaysia.
FIRST, a bit of history
I’ve been an active member of the CSIRT (Computer Security Incident Response Team) community for many years, having worked closely with many of its regional members and organizations like APCERT when working for Malaysia CERT and MUFG-CERT. It was during these early years that I also started to get involved in FIRST, helping to organize several FIRST activities, including their annual conference in Bangkok in 2013, as well as some training for new teams in the region.
Upon joining APNIC in 2014, I was invited to be part of the FIRST Board of Directors. Supporting this great cause is in line with APNIC’s vision of having a global, open, stable and secure Internet that serves the entire Asia Pacific community. I see my role at FIRST as helping to fulfil that vision and I am very grateful for the trust of the FIRST community, who re-elected me to the board at the recent AGM.
There are a few reasons that make me enjoy contributing to the CSIRT community through FIRST. At the top of the list is the culture of helping one another, something that is ‘hard coded’ in the community. This is not restricted to incident-response work but also in many other areas such as training, Special Interest Groups (SIGs), developing standards and guidelines, outreach, and engagement with wider Internet communities including the Internet Governance Forum.
Another thing I like about this community is the diversity of the membership. Security teams are not only from different regions but also come from various sectors, including banking, services, network providers, governments and health care — to name a few. As a result, there is a wealth of knowledge and experience, and of course different problems to solve together.
APNIC and FIRST strengthen collaboration
In our joint efforts to have a global, open, stable and secure Internet, FIRST and APNIC recently signed a Memorandum of Understanding (MoU) that builds on the collaboration between the organizations over the past two years.
I believe this is a very important milestone for APNIC’s security initiatives and this collaboration will continue to benefit APNIC Members and stakeholders by improving their security awareness and, hopefully, resiliency.
Since 2016, APNIC has helped to arrange a one-day security seminar (known as FIRST Technical Colloquia or FIRST-TC) at every APRICOT and APNIC Conference — you can check out the APNIC blog for summaries of some of the TCs organized at APRICOT 2016 (Auckland) and APRICOT 2017 (Ho Chi Minh City).
These seminars have created the opportunity for both the security and APNIC communities to have conversations and share insights about security issues affecting organizations, economies and end-users. The event also helps attendees to build trust relationships, so that actual sharing and collaboration can happen. It should be mentioned that the TCs are supported by APCERT members and have attracted speakers from around the world.
Apart from continuing these seminars, the MoU also includes furthering our capacity-building work, FIRST initiatives on the CSIRT Services Framework, developing training content, and a fellowship program — all of which are geared towards helping organizations and nations to have CERT/CSIRT capabilities.
APNIC looks forward to integrating this quality content into APNIC’s training program and security outreach activities with Members.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.