June 16, 2010, 1:35 PM — The 22nd annual Forum of Incident Response and Security Teams (FIRST) conference is meeting this week in Miami. While this is my first opportunity to participate in any FIRST activity, these conferences have obviously been ongoing since 1988. With a focus on detecting and responding to security incidents and the convention of moving to a different location each year -- last year in Kyoto, next in Vienna -- the conference in unsurprisingly international.
Yesterday, I lunched with a group of Norwegians. I've also overheard conversations in German, Dutch, Japanese, Polish, Spanish and Portuguese (Brazilian), not to mention those I wasn't able to clearly identify.
Conference themes include such things as:
- Why the bad guys win (and not just the obvious answers!)
- How international cooperation in cybercrime is picking up and helping out
- Mechanisms for characterizing the nature of security incidents
- DNS security vulnerabilities
- Security issues with embedded OSes and critical infrastructure
- How response teams can be better prepared
- Insights into insider threats that most IT teams would not have considered
- Security concerns of the peer-to-peer world
- Responding to big attacks (like Conficker)
All this and we're only halfway through the show.
FIRST is a global non-profit currently with 214 members -- a self-selected group of very serious security people. These members, however, are generally organizations, not individuals. And each member team can have many individual members. Joining the organization both requires two sponsors and a site visit (audit) just to ensure that the potential new member organization lines up with FIRST's raison d'etre.
The vendor show floor is pretty small and most of my coworkers will be disappointed with the number and variety of giveaways that I'll be bringing back to the office. At the same time, they are a select group of companies with a serious security focus and well worth my chat time.
The attendees number in the upper 400's. I'm told 470 people registered, but several dozen don't seem to have yet arrived. The group is overwhelmingly male. In my estimation, after looking around at the crowd in several days' worth of sessions, I'd say only 1% are female. Interesting statistic, but not especially surprising.
