Tune in to the latest episode of the First Impressions podcast, where hosts Martin McKeay and Chris John Riley sit down with Megan Sanford, VP Chief Product Security Officer at Schneider Electric Energy Management Division. As a keynote speaker at the 36th annual FIRST Conference in Fukuoka, Japan, Sanford shares insights into the world of product security. Discover why a secure development lifecycle and integrating security features into products are crucial for resilience. Sanford introduces ICS for ICS, a concept bridging emergency management with cyber incident response, urging listeners t ..read more

In this episode, the FIRST Podcasters interview FIRSTCON24 Program chair, Taki Uchiyama about the upcoming 36th Annual FIRST Conference to be held in Fukuoka, Japan, June 9-14, 2024. Under the theme of “Bridging Security Response Gaps”, Taki shares the importance of communication and collaboration within the security community and his hopes for the 2024 conference. This episode shares an inside look at the challenges of scheduling keynote speakers and the anticipation of a rich selection of presentations. Taki also shares tidbits about the rich cultural and historical attractions of Fukuoka ci ..read more

In this episode, the FIRST Podcasters interview FIRSTCON23 Keynote speaker, Lesley Carhart and discuss her session: “How Did We Get Here? The History and Future of Cyberattacks against Industrial Control Networks”. Lesley explains and explores the complicated history of Industrial incident response and just how cybersecurity affects physical systems ..read more

In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Umair Bukhari and discuss his conference session: “Extra-Ordinary Vulnerability Coordination – A Method to the Madness”. Umair highlights Ericsson’s newly established PSIRT framework for Extra-Ordinary Vulnerability Coordination (EVC) and the necessary actions, work streams, and communication that must be put in place to efficiently handle such events. Umair shares thoughtful steps for others to adopt the model ..read more

In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Dr. Eugene Spafford and his partner, Dr. Patty Spafford. Together they discuss their recently published book, “Cybersecurity Myths and Misconceptions” co-authored by Leigh Metcalf, and Josiah Dykstra. They touch on the importance of communication and clear terminology that surpasses cultural barriers. Cybersecurity is people-centric and yet so much has been done by tech specialists without the end user in mind, the book proposes steps to clear language with metaphoric illustrations by Patty ..read more

In this episode, the FIRST Podcasters interview FIRSTCON23 Diamond Sponsor Rep, Vinay Bansal, the CTO of Cisco’s CSIRT. Vinay discusses Cisco’s long history with FIRST and its Special Interest Groups (SIGs) and shares details on Cisco’s new initiative for Attack Surface Management. This episode highlights the importance of information sharing and mentoring and how FIRST conferences have been a platform to create invaluable global relationships ..read more

In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Jaromir Horejsi, and preview his upcoming conference session: “Abusing Electron-Based Applications in Targeted Attacks”. Jaromir provides an overview on Electron frameworks and how they are targeted and attacked by infection vectors ..read more

In this episode, the FIRST Podcasters interview Jay Jacobs, who is a co-chair of the Exploit Prediction Scoring System Special Interest Group (EPSS SIG) and one of the founders of the Cyentia Institute. Evolving over the last year and a half, EPSS works to gather as much data as possible on vulnerabilities and look for indicators that something will be exploited in the future. Scores are updated daily with new evidences gained on potential exploitations. It is nearly impossible for companies to keep up with all their vulnerabilities, so prioritization is a must. Exploitation activity helps nar ..read more

In this episode, the FIRST Podcasters interview Peter Lowe, co-chair of the DNS Abuse Special Interest Group (DNS SIG). SIG member turned chair, Peter was also appointed as FIRST’s DNS Abuse “Ambassador” and has been tasked with representing the Forum within the DNS space. Peter chats about how DNS has become a hot topic in the public consciousness. He also explains why the SIG is trying to better define DNS Abuse from the point of view of incident responders and security teams. The SIG is creating a model for DNS stakeholders which will classify the different kinds of DNS Abuse and lists who ..read more

In this episode, the FIRST Podcasters interview James Chappell and Krassimir Tzvetanov, co-chairs of FIRST’s Cyber Threat Intelligence Special Interest Group (CTI SIG). Along with a third co-chair, Adrian Hendrik, this group focuses on creating best practices and CTI training materials. With the goal of education, the SIG focuses on creating a common body of Cyber Threat knowledge and terms. Filling the gaps with thoughtful curriculum and organizing presentations, the SIG hopes to be a guiding light in the often difficult to navigate Cyber Threat Intelligence landscape. Interested parties are ..read more