FIRST Security conference opens in Malaysia with a record attendance
By Dzof Azmi June 27, 2018
- To promote coordination, cooperation among Computer Security Incident Response Teams
- One of the objectives is to advise policy makers about cyber-security threats
THE 30th annual conference of The Forum of Incident Response and Security Teams (FIRST) began on June 26 in Malaysia, boasting a record-breaking 829 attendees from 79 countries, including 55 from Malaysia from both the private and public sector.
These numbers auger well for host Malaysia, given that one of the objectives that local host Cybersecurity Malaysia (MyCERT) intended was to use the global conference's reputation and networks to promote awareness and knowledge-knowledge among local IT communities. The five-day event is aimed at promoting worldwide coordination and cooperation among Computer Security Incident Response Teams (CSIRTs)
"We are very glad that Malaysia was chosen," said Dr Amirudin Abdul Wahab (pic, above), CyberSecurity Malaysia CEO, who had proposed to the FIRST board last year that MyCert would be able to support a full conference held in the country. (Malaysia had also previously hosted a FIRST Technical Colloquium in 2009.)
The location of the FIRST conference is rotated every year and as evidenced by this year's record attendance, Kuala Lumpur's selection helped provide access to improve participation among its members.
"If you look at our teams and composition of people who come to these events, you need resources to attend conferences like this and therefore location (and) value for money comes into the picture," explained Adli Wahid, FIRST's Malaysian conference liaison.
The location certainly helped to swell the number of Malaysians participants to its highest ever number. "We want that to happen, (for) more Malaysians to be part of FIRST," said Dr Amirudin.
A channel to inform policymakers
FIRST was started in 1989 and is currently composed of 428 members from 88 countries, including two from Malaysia.
"Our members’ responsibility is to stand up if there are attacks happening in cyber-space," said Thomas Schreck (pic, above), the current FIRST Chair, "The goal of our community is that we make the life of these Internet responders globally easier".
This collaborative network also provides access to best practices and tools, as well as reaching out to other communities such a policy makers to build capability through knowledge sharing.
"A lot of times you know when governments are communicating with each other we have to go through all these channels and one of the things that FIRST allows is a lot of informal communication very quickly with respect to incidents," clarified Christopher Painter (pic, above), Global Commission on the Stability of Cyberspace Commissioner, and formerly with the US State Department.
Painter pointed out that when the first government CSIRT meeting convened in 2003, there were only 10 CSIRTs. Now there are 124 nation CSIRTS worldwide. "That just shows you the amount of progress (made)."
He stressed that it's important for the technical community to continue building bridges with policy makers, who are sometimes need help about the details.
"They know (security) is important, which is great but hey, don't know why," continued Painter. "This is the role the technical community can play to really demystify it a little bit for them."
Dr Amirudin also pointed that Malaysia launched its national cyber-security policy in 2006. "After 10 years we felt there's need to look at new developments, and new changes," he said, referring to MyCERT's collaboration with the National Security Council to develop the national Cybersecurity strategy due to be ready by the end of the year.
"It is being seen as critical in all sectors in the country because Malaysia is pushing for digitalisation in many aspects of the economy," he clarified. "Our role is to do the necessary intervention, to provide the necessary input, so that cyber is seen to be important."
MyCert is also providing two out of the four Malaysians presenting this year. "Specifically, from my team we talk about threat intelligence, (and) data leakage response," said Dr Amirudin. "These are topics that Malaysia is experiencing and trying to tackle."
The five-day event will run from June 25 to 29, 2018, and include Incident Response, Management and Technical tracks. The 2018 conference will explore privacy issues at a deeper level, partly due to Europe's GDPR having come into effect earlier this year.
There will also be a national CSIRT meeting held on Friday and Saturday after the conference.
Companies participating this year in the forum and Vendor Showcase include Microsoft, AWS, Alibaba, Polyswarm, VMRay, NC4, BitSight, Google, Booz Allen Hamilton, Rapid7, Anomali, and OneTrust.