FIRST launches global cybersecurity drive with new forums & SIGs

The Forum of Incident Response and Security Teams has announced a series of new initiatives aimed at improving global cybersecurity and enhancing collaboration among its international membership.

Chief among these is the 2025 Vulnerability Forecasting Technical Colloquium, set to be held at Darwin College in Cambridge. The event is intended to bring together vulnerability researchers, data scientists, and security practitioners to deepen discussions on predictive cybersecurity methods and address ongoing challenges in patch prioritisation and risk management.

The Colloquium will feature speakers including Jen Ellis, a recognised advocate in the cybersecurity sector and a member of the CVE Board. Presentations will focus on the measurement of vulnerabilities, forecasting exploits, applying decision science in vulnerability management, and the use of data sources relevant to exploited vulnerabilities.

Éireann Leverett, FIRST Liaison and Lead Member of FIRST's Vulnerability Forecasting Special Interest Group (SIG), is also scheduled to speak. Leverett explained the core purpose of this event:

"Incident response and vulnerability management is stressful because it requires balancing both uncertainty and expectations while building trust," said Éireann Leverett, FIRST Liaison and Lead Member of FIRST's Vulnerability Forecasting SIG, as well as, the Founder and CTO of Killara Cyber. "By working together to make the vulnerability ecosystem more predictable, we can reduce that uncertainty and ultimately strengthen global cybersecurity."

Student participation will be supported through complimentary tickets sponsored by corporate partners, with the aim of fostering early-career engagement in cybersecurity research and practice.

Detection engineering focus

FIRST has also announced the formation of a Detection Engineering & Threat Hunting Special Interest Group (SIG), led by experts from Europe, the Asia-Pacific region, and North America. This SIG will use a collaborative model to develop shared frameworks for detection engineering and threat hunting, mirroring the approach of other FIRST SIGs such as those dedicated to vulnerability disclosure and malware analysis.

Chris Gibson, Chief Executive Officer of FIRST, described the goals of this new initiative:

"Our goal is to move the industry forward by giving teams common frameworks they can adapt, rather than reinventing the wheel in isolation," said Chris Gibson, CEO of FIRST. "This collaboration will accelerate learning and raise the baseline for detection engineering globally."

The SIG aims to reduce duplication of effort and support more consistent and coordinated responses to emerging threats in the cybersecurity community worldwide.

Cyber diplomacy and inclusion

The Women of FIRST (WoF) Special Interest Group has continued to build on the organisation's engagement in the field of cyber diplomacy, recently collaborating with the United Nations Cyber Open-Ended Working Group. As part of this cooperation, WoF Chair Khushali Dalal facilitated a cyber incident simulation in New York, offering participants training in both incident response and the broader policy context of cyber events.

Dalal detailed the nature of the simulation:

"Together with my colleague Klée Aiken, we presented a dynamic, hands-on simulation: 'Cyber Incident Simulation Through a Public Policy Lens: Can You Piece Together the Attack?' This wasn't just another tabletop. It was an opportunity to step into the shoes of both incident responders and policymakers - blending technical clues with geopolitical realities," said Khushali Dalal.

This activity formed part of the Women in International Security and Cyberspace Fellowship, drawing upon resources provided by the FIRST CORE programme. The collaboration reflects a growing emphasis within FIRST on bringing technical expertise into the sphere of international policy and cyber diplomacy.

Board membership and regional growth

In a move signalling deeper regional engagement, FIRST members have elected Graciela Martinez Giordano to its Board of Directors. Martinez Giordano's work in Latin America and the Caribbean includes the training of over 1,000 cybersecurity professionals, the co-organisation of nine FIRST Symposiums in the region, and leadership in the establishment of LACNIC CSIRT, leveraging FIRST's frameworks.

Martinez Giordano has played a prominent role in the development of the LAC-CSIRTs community since 2014. On her recent board appointment, she commented:

"I hope my journey can inspire other women and young professionals, showing them that it is possible to build a successful and fulfilling career in cybersecurity," Martinez Giordano stated.

Her election is intended to further strengthen FIRST's representation and activities across Latin America and the Caribbean, supporting capacity-building and local expertise.

FIRST represents more than 800 organisations spanning in excess of 110 countries and continues to engage partners from academia, government, and the private sector in addressing global cybersecurity challenges through technical events, partnership programmes, and leadership development initiatives.