<!doctype html><html lang="en" class="web tlp-clear" data-studio-config="eyJ4aHJDcmVkZW50aWFscyI6ZmFsc2UsInhockhlYWRlcnMiOnt9fQo="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>FIRST Impressions Podcast</title><link rel="alternate" type="application/rss+xml" href="https://www.first.org/newsroom/news/first-impressions.xml" title="FIRST Impressions Podcast" /> <meta property="og:title" content="FIRST Impressions Podcast" /> <meta property="og:type" content="website" /> <meta property="og:image" content="https://www.first.org/_/img/1st-impressions-podcast.jpg" /> <meta property="og:url" content="https://www.first.org/newsroom/news/first-impressions/" /> <meta property="og:site_name" content="FIRST — Forum of Incident Response and Security Teams" /> <meta property="fb:profile_id" content="296983660669109" /> <meta property="twitter:card" content="summary_large_image" /> <meta property="twitter:site" content="@FIRSTdotOrg" /> <meta property="twitter:image" content="https://www.first.org/_/img/1st-impressions-podcast.jpg" /><meta name="viewport" content="initial-scale=1,maximum-scale=1.0,user-scalable=no" /><link rel="icon" type="image/png" href="/1st.png" /><link rel="apple-touch-icon" sizes="128x128" href="/favicon.png" /><link rel="stylesheet" type="text/css" href="/_/web.css?20250110194732" /><link rel="stylesheet" type="text/css" href="/_/web.css?20250110194732" /></head><body><header><div id="header" data-studio="CU52CV1W8g"><div id="c3" data-studio="Yu8FjCC11g"><div id="topbar"> <div class="sites right"> <ul> <li><a href="https://support.first.org" class="kb-datalist"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a></li> <li><a href="https://portal.first.org" class="button"><span class="no-tiny">Member </span>Portal</a></li> </ul> </div> <div class="first-logo"> <p><a href="/"><img src="/_/img/first-org-simple-negative.svg" alt="FIRST.Org" title="FIRST" /></a></p> </div> <div class="nav"> <ul class="navbar"><li><a href="/about">About FIRST</a><ul><li><a href="/about/mission">Mission Statement</a></li><li><a href="/about/history">History</a></li><li><a href="/about/sdg">Sustainable Development Goals</a></li><li><a href="/about/organization">Organization</a><ul><li><a href="/about/organization/directors">Board of Directors</a></li><li><a>Operations Team</a><ul><li><a href="/about/organization/ccb">Community &amp; Capacity Building</a></li><li><a href="/about/organization/events">Event Office</a></li><li><a href="/about/organization/executive-director">Executive Director</a></li><li><a href="/about/organization/infrastructure">Infrastructure</a></li><li><a href="/about/organization/secretariat">Secretariat</a></li></ul></li><li><a href="/about/organization/committees">Committees</a><ul><li><a href="/about/organization/committees/compensation-committee">Compensation Committee</a></li><li><a href="/about/organization/committees/conference-program-committee">Conference Program Committee</a></li><li><a href="/about/organization/committees/membership-committee">Membership Committee</a></li><li><a href="/about/organization/committees/rules-committee">Rules Committee</a></li><li><a href="/about/organization/committees/standards">Standards Committee</a></li></ul></li><li><a href="/events/agm">Annual General Meeting</a></li><li><a href="/about/organization/reports">Annual Reports and Tax Filings</a></li></ul></li><li><a href="/about/policies">FIRST Policies</a><ul><li><a href="/about/policies/anti-corruption">Anti-Corruption Policy</a></li><li><a href="/about/policies/antitrust">Antitrust Policy</a></li><li><a href="/about/policies/bylaws">Bylaws</a></li><li><a href="/about/policies/board-duties">Board duties</a></li><li><a href="/about/bugs">Bug Bounty Program</a></li><li><a href="/about/policies/code-of-conduct">Code of Conduct</a></li><li><a href="/about/policies/conflict-policy">Conflict of Interest Policy</a></li><li><a href="/about/policies/doc-rec-retention-policy">Document Record Retention and Destruction Policy</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li><li><a href="/about/policies/gen-event-reg-refund-policy">General Event Registration Refund Policy</a></li><li><a href="/about/policies/event-site-selection">Guidelines for Site Selection for all FIRST events</a></li><li><a href="/identity">Identity &amp; Logo Usage</a></li><li><a href="/about/policies/mailing-list">Mailing List Policy</a></li><li><a href="/about/policies/media">Media Policy</a></li><li><a href="/about/policies/privacy">Privacy Policy</a></li><li><a href="/about/policies/registration-terms-conditions">Registration Terms &amp; Conditions</a></li><li><a href="/about/policies/terms">Services Terms of Use</a></li><li><a href="/about/policies/standards">Standards Policy</a></li><li><a href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></li><li><a href="/about/policies/translation-policy">Translation Policy</a></li><li><a href="/about/policies/travel-policy">Travel Policy</a></li><li><a href="/about/policies/uniform-ipr">Uniform IPR Policy</a></li><li><a href="/about/policies/whistleblower-policy">Whistleblower Protection Policy</a></li></ul></li><li><a href="/about/partners">Partnerships</a><ul><li><a href="/global/partners">Partners</a></li><li><a href="/global/friends">Friends of FIRST</a></li><li><a href="/global/supporters/">FIRST Supporters</a></li><li><a href="/about/sponsors">FIRST Sponsors</a></li></ul></li><li><a href="/newsroom">Newsroom</a><ul><li><a href="/newsroom/news">What&#039;s New</a></li><li><a href="/newsroom/releases">Press Releases</a></li><li><a href="/newsroom/news/media">In the News</a></li><li><a href="/podcasts">Podcasts</a><ul><li><a href="/newsroom/news/first-impressions/">FIRST Impressions Podcast</a></li><li><a href="/newsroom/news/podcasts/">FIRSTCON Podcast</a></li></ul></li><li><a href="/newsroom/newsletters">Newsletters</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li></ul></li><li><a href="/about/procurement">Procurement</a></li><li><a href="/about/jobs/">Jobs</a></li><li><a href="/contact">Contact</a></li></ul></li><li><a href="/members">Membership</a><ul><li><a href="/membership/">Becoming a Member</a><ul><li><a href="/membership/process">Membership Process for Teams</a></li><li><a href="/membership/process-associates">Membership Process for Associates</a></li><li><a href="/membership/process-liaisons">Membership Process for Liaisons</a></li><li><a href="/membership/#Fees">Membership Fees</a></li></ul></li><li><a href="/members/teams">FIRST Teams</a></li><li><a href="/members/liaisons">FIRST Liaisons</a></li><li><a href="/members/map">Members around the world</a></li></ul></li><li><a href="/global">Initiatives</a><ul><li><a href="/global/sigs">Special Interest Groups (SIGs)</a><ul><li><a href="/global/sigs/framework">SIGs Framework</a></li><li><a href="/global/sigs/academicsec" class="borderb">Academic Security SIG</a></li><li><a href="/global/sigs/ai-security">AI Security SIG</a></li><li><a href="/global/sigs/automation">Automation SIG</a></li><li><a href="/global/sigs/bigdata">Big Data SIG</a></li><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a><ul><li><a href="/cvss/calculator/4.0">Calculator</a></li><li><a href="/cvss/v4.0/specification-document">Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">User Guide</a></li><li><a href="/cvss/v4.0/examples">Examples</a></li><li><a href="/cvss/v4.0/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v4-0">CVSS v4.0 Documentation &amp; Resources</a><ul><li><a href="/cvss/calculator/4.0">CVSS v4.0 Calculator</a></li><li><a href="/cvss/v4.0/specification-document">CVSS v4.0 Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">CVSS v4.0 User Guide</a></li><li><a href="/cvss/v4.0/examples">CVSS v4.0 Examples</a></li><li><a href="/cvss/v4.0/faq">CVSS v4.0 FAQ</a></li></ul></li><li><a href="/cvss/v3-1">CVSS v3.1 Archive</a><ul><li><a href="/cvss/calculator/3.1">CVSS v3.1 Calculator</a></li><li><a href="/cvss/v3.1/specification-document">CVSS v3.1 Specification Document</a></li><li><a href="/cvss/v3.1/user-guide">CVSS v3.1 User Guide</a></li><li><a href="/cvss/v3.1/examples">CVSS v3.1 Examples</a></li><li><a href="/cvss/v3.1/use-design">CVSS v3.1 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v3-0">CVSS v3.0 Archive</a><ul><li><a href="/cvss/calculator/3.0">CVSS v3.0 Calculator</a></li><li><a href="/cvss/v3.0/specification-document">CVSS v3.0 Specification Document</a></li><li><a href="/cvss/v3.0/user-guide">CVSS v3.0 User Guide</a></li><li><a href="/cvss/v3.0/examples">CVSS v3.0 Examples</a></li><li><a href="/cvss/v3.0/use-design">CVSS v3.0 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v2">CVSS v2 Archive</a><ul><li><a href="/cvss/v2/guide">CVSS v2 Complete Documentation</a></li><li><a href="/cvss/v2/history">CVSS v2 History</a></li><li><a href="/cvss/v2/team">CVSS-SIG team</a></li><li><a href="/cvss/v2/meetings">SIG Meetings</a></li><li><a href="/cvss/v2/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v2/adopters">CVSS Adopters</a></li><li><a href="/cvss/v2/links">CVSS Links</a></li></ul></li><li><a href="/cvss/v1">CVSS v1 Archive</a><ul><li><a href="/cvss/v1/intro">Introduction to CVSS</a></li><li><a href="/cvss/v1/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v1/guide">Complete CVSS v1 Guide</a></li></ul></li><li><a href="/cvss/data-representations">JSON &amp; XML Data Representations</a></li><li><a href="/cvss/training">CVSS On-Line Training Course</a></li><li><a href="/cvss/identity">Identity &amp; logo usage</a></li></ul></li><li><a href="/global/sigs/csirt">CSIRT Framework Development SIG</a></li><li><a href="/global/sigs/cyberinsurance">Cyber Insurance SIG</a><ul><li><a href="/global/sigs/cyberinsurance/events">Cyber Insurance SIG Webinars</a></li></ul></li><li><a href="/global/sigs/cti">Cyber Threat Intelligence SIG</a><ul><li><a href="/global/sigs/cti/curriculum/">Curriculum</a><ul><li><a href="/global/sigs/cti/curriculum/introduction">Introduction</a></li><li><a href="/global/sigs/cti/curriculum/cti-introduction">Introduction to CTI as a General topic</a></li><li><a href="/global/sigs/cti/curriculum/methods-methodology">Methods and Methodology</a></li><li><a href="/global/sigs/cti/curriculum/pir">Priority Intelligence Requirement (PIR)</a></li><li><a href="/global/sigs/cti/curriculum/source-evaluation">Source Evaluation and Information Reliability</a></li><li><a href="/global/sigs/cti/curriculum/machine-human">Machine and Human Analysis Techniques (and Intelligence Cycle)</a></li><li><a href="/global/sigs/cti/curriculum/threat-modelling">Threat Modelling</a></li><li><a href="/global/sigs/cti/curriculum/training">Training</a></li><li><a href="/global/sigs/cti/curriculum/standards">Standards</a></li><li><a href="/global/sigs/cti/curriculum/glossary">Glossary</a></li><li><a href="/global/sigs/cti/curriculum/cti-reporting/">Communicating Uncertainties in CTI Reporting</a></li></ul></li><li><a href="/global/sigs/cti/events/">Webinars and Online Training</a></li><li><a href="/global/sigs/cti/cti-program">Building a CTI program and team</a><ul><li><a href="/global/sigs/cti/cti-program/program-stages">Program maturity stages</a><ul><li><a href="/global/sigs/cti/cti-program/stage1">CTI Maturity model - Stage 1</a></li><li><a href="/global/sigs/cti/cti-program/stage2">CTI Maturity model - Stage 2</a></li><li><a href="/global/sigs/cti/cti-program/stage3">CTI Maturity model - Stage 3</a></li></ul></li><li><a href="/global/sigs/cti/cti-program/starter-kit">Program Starter Kit</a></li><li><a href="/global/sigs/cti/cti-program/resources">Resources and supporting materials</a></li></ul></li></ul></li><li><a href="/global/sigs/digital-safety">Digital Safety SIG</a></li><li><a href="/global/sigs/dns">DNS Abuse SIG</a><ul><li><a href="/global/sigs/dns/stakeholder-advice/">Stakeholder Advice</a><ul><li><a>Detection</a><ul><li><a href="/global/sigs/dns/stakeholder-advice/detection/cache-poisoning">Cache Poisoning</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dga">DGA Domains</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-as-a-vector-for-dos">DNS As a Vector for DoS</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-rebinding">DNS Rebinding</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-server-compromise">DNS Server Compromise</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dos-against-the-dns">DoS Against the DNS</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/domain-name-compromise">Domain Name Compromise</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/lame-delegations">Lame Delegations</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/local-resolver-hijacking">Local Resolver Hijacking</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/on-path-dns-attack">On-path DNS Attack</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/stub-resolver-hijacking">Stub Resolver Hijacking</a></li></ul></li></ul></li><li><a href="/global/sigs/dns/policies">Code of Conduct &amp; Other Policies</a></li><li><a href="/global/sigs/dns/dns-abuse-examples">Examples of DNS Abuse</a></li></ul></li><li><a href="/global/sigs/ethics">Ethics SIG</a><ul><li><a href="/global/sigs/ethics/ethics-first">Ethics for Incident Response Teams</a></li></ul></li><li><a href="/epss/">Exploit Prediction Scoring System (EPSS)</a><ul><li><a href="/epss/model">The EPSS Model</a></li><li><a href="/epss/data_stats">Data and Statistics</a></li><li><a href="/epss/user-guide">User Guide</a></li><li><a href="/epss/research">EPSS Research and Presentations</a></li><li><a href="/epss/faq">Frequently Asked Questions</a></li><li><a href="/epss/who_is_using">Who is using EPSS?</a></li><li><a href="/epss/epss_tools">Open-source EPSS Tools</a></li><li><a href="/epss/api">API</a></li><li><a href="/epss/papers">Related Exploit Research</a></li><li><a>Blog</a><ul><li><a href="/epss/articles/prob_percentile_bins">Understanding EPSS Probabilities and Percentiles</a></li><li><a href="/epss/articles/log4shell">Log4Shell Use Case</a></li><li><a href="/epss/articles/estimating_old_cvss">Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities</a></li></ul></li><li><a href="/epss/partners">Data Partners</a></li></ul></li><li><a href="/global/sigs/msr/">FIRST Multi-Stakeholder Ransomware SIG</a></li><li><a href="/global/sigs/hfs/">Human Factors in Security SIG</a></li><li><a href="/global/sigs/ics">Industrial Control Systems SIG (ICS-SIG)</a></li><li><a href="/global/sigs/iep">Information Exchange Policy SIG (IEP-SIG)</a></li><li><a href="/global/sigs/information-sharing">Information Sharing SIG</a><ul><li><a href="/global/sigs/information-sharing/misp">Malware Information Sharing Platform</a></li></ul></li><li><a href="/global/sigs/le">Law Enforcement SIG</a></li><li><a href="/global/sigs/malware">Malware Analysis SIG</a><ul><li><a href="/global/sigs/malware/ma-framework">Malware Analysis Framework</a></li><li><a href="/global/sigs/malware/ma-framework/malwaretools">Malware Analysis Tools</a></li></ul></li><li><a href="/global/sigs/metrics">Metrics SIG</a><ul><li><a href="/global/sigs/metrics/events">Metrics SIG Webinars</a></li></ul></li><li><a href="/global/sigs/netsec/">NETSEC SIG</a></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/global/sigs/policy">Policy SIG</a></li><li><a href="/global/sigs/psirt">PSIRT SIG</a></li><li><a href="/global/sigs/red-team">Red Team SIG</a></li><li><a href="/global/sigs/cpg">Retail and Consumer Packaged Goods (CPG) SIG</a></li><li><a href="/global/sigs/ctf">Security Lounge SIG</a></li><li><a href="/global/sigs/tic/">Threat Intel Coalition SIG</a><ul><li><a href="/global/sigs/tic/membership-rules">Membership Requirements and Veto Rules</a></li></ul></li><li><a href="/global/sigs/tlp">Traffic Light Protocol (TLP-SIG)</a></li><li><a href="/global/sigs/transport">Transportation and Mobility SIG</a></li><li><a href="/global/sigs/vulnerability-coordination">Vulnerability Coordination</a><ul><li><a href="/global/sigs/vulnerability-coordination/multiparty">Multi-Party Vulnerability Coordination and Disclosure</a></li><li><a href="/global/sigs/vulnerability-coordination/multiparty/guidelines">Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure</a></li></ul></li><li><a href="/global/sigs/vrdx">Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)</a><ul><li><a href="/global/sigs/vrdx/vdb-catalog">Vulnerability Database Catalog</a></li></ul></li><li><a href="/global/sigs/wof">Women of FIRST</a></li></ul></li><li><a href="/global/governance">Internet Governance</a></li><li><a href="/global/irt-database">IR Database</a></li><li><a href="/global/fellowship">Fellowship Program</a><ul><li><a href="https://portal.first.org/fellowship">Application Form</a></li></ul></li><li><a href="/global/mentorship">Mentorship Program</a></li><li><a href="/hof">IR Hall of Fame</a><ul><li><a href="/hof/inductees">Hall of Fame Inductees</a></li></ul></li><li><a href="/global/victim-notification">Victim Notification</a></li><li><a href="/volunteers/">Volunteers at FIRST</a><ul><li><a href="/volunteers/list">FIRST Volunteers</a></li><li><a href="/volunteers/participation">Volunteer Contribution Record</a></li></ul></li><li><a href="#new">Previous Activities</a><ul><li><a href="/global/practices">Best Practices Contest</a></li></ul></li></ul></li><li><a href="/standards">Standards &amp; Publications</a><ul><li><a href="/standards">Standards</a><ul><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a></li><li><a href="/tlp">Traffic Light Protocol (TLP)</a><ul><li><a href="/tlp/use-cases">TLP Use Cases</a></li></ul></li><li><a href="/standards/frameworks/">Service Frameworks</a><ul><li><a href="/standards/frameworks/csirts">CSIRT Services Framework</a></li><li><a href="/standards/frameworks/psirts">PSIRT Services Framework</a></li></ul></li><li><a href="/iep">Information Exchange Policy (IEP)</a><ul><li><a href="/iep/iep_framework_2_0">IEP 2.0 Framework</a></li><li><a href="/iep/iep-json-2_0">IEP 2.0 JSON Specification</a></li><li><a href="/iep/iep-polices">Standard IEP Policies</a><ul><li><a href="https://www.first.org/iep/2.0/first-tlp-iep.iepj">IEP TLP Policy File</a></li><li><a href="https://www.first.org/iep/2.0/first-unknown-iep.iepj">IEP Unknown Policy File</a></li></ul></li><li><a href="/iep/iep_v1_0">IEP 1.0 Archive</a></li></ul></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/epss">Exploit Prediction Scoring System (EPSS)</a></li></ul></li><li><a href="/resources/papers">Publications</a></li></ul></li><li><a href="/events">Events</a></li><li><a href="/education">Education</a><ul><li><a href="/education/first-training">FIRST Training</a><ul><li><a href="/education/trainings">Training Courses</a></li><li><a href="/education/trainers">FIRST Trainers</a></li></ul></li></ul></li><li><a href="/blog">Blog</a></li></ul> </div> </div> <div id="home-buttons"> <p><a href="/join" data-title="Join"><img alt="Join" src="/_/img/icon-join.svg"><span class="tt-join">Join<span>Details about FIRST membership and joining as a full member or liaison.</span></span></a> <a href="/learn" data-title="Learn"><img alt="Learn" src="/_/img/icon-learn.svg"><span class="tt-learn">Learn<span>Training and workshop opportunities, and details about the FIRST learning platform.</span></span></a> <a href="/participate" data-title="Participate"><img alt="Participate" src="/_/img/icon-participate.svg"><span class="tt-participate">Participate<span>Read about upcoming events, SIGs, and know what is going on.</span></span></a></p> </div></div></div></header><div id="body" data-studio="CU52CV1W8g"><div id="c1" data-studio="Yu8FjCC11g" class="p"><div class="section p tags" data-paginate="10"><h1>FIRST Impressions Podcast</h1> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Bukhari.mp3">Episode 47: Umair Bukhari, Ericsson, FIRSTCON24 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-09-09T09:20:00+00:00">Mon, 09 Sep 2024 09:20:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this FIRST Impressions podcast episode, we dive into the fascinating world of mobile network security with Umair Bukhari, Director and Head of Ericsson P-Cert. Umair shares insights on the evolution of telecom threat environments, from the early days of 1G to the cutting-edge advancements in 5G and beyond. In the interview, he highlights how these changes impact both users and network security, emphasizing the importance of secure, cloud-native technologies and zero-trust architecture. This episode is a must-listen for anyone interested in the future of telecom security and the ongoing battle between attackers and defenders in this critical field! Tune in to learn more.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Bukhari.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Bukhari.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Beardsley.mp3">Episode 46: Tod Beardsley, CISA, FIRSTCON24 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-07-12T00:00:00+00:00">Fri, 12 Jul 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join us on the First Impressions podcast for an exclusive interview with Todd Beardsley from CISA, recorded live at the 36th annual FIRST Conference in Fukuoka, Japan. Todd delves into the Known Exploited Vulnerability (KEV) list, explaining its critical role in cybersecurity and how even years-old vulnerabilities continue to be exploited. Learn about the detective work involved in validating exploitations and the importance of public-private partnerships. Don't miss this insightful episode—tune in now to stay ahead of cyber threats!</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Beardsley.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Beardsley.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Zimmerman.mp3">Episode 45: Carson Zimmerman, Ardalyst, FIRSTCON24 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-28T00:00:00+00:00">Fri, 28 Jun 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this special episode of the First Impressions podcast, recorded at the 36th annual FIRST Conference in Fukuoka, Japan, hosts interview Carson Zimmerman, a seasoned SOC expert. Zimmerman discusses his presentation, "14 Questions Are All You Need," which helps SOCs evaluate performance and address areas for improvement, emphasizing the importance of deep, insightful questions and the human element in security operations. He also highlights the challenges of aligning SOCs with compliance regimes and addresses the issue of burnout in the industry. Tune in to learn tips and tricks to SOC success! </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Zimmerman.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Zimmerman.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Codespaces.mp3">Episode 44: Nitesh Surana and Jaromir Horejsi, Trend Micro, FIRSTCON24 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-14T00:00:00+00:00">Fri, 14 Jun 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode of the First Impressions podcast, hosts Chris John Riley and Martin McKay interview Nitesh Surana and Jaromir Horejsi of Trend Micro to discuss their upcoming talk at the FIRST conference. Their session will explain how they discovered threat actors abusing GitHub's cloud-based development environment, Codespaces, to build and test infostealers. While Codespaces itself is secure, its features can be abused. In this episode, they recommend developers that use such services be aware of potential abuse tactics and share the goal of their FIRSTCON talk is to raise awareness and provide clarity on how cloud providers can improve incident response and quickly shut down reported abuse.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Codespaces.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Codespaces.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Toyo.mp3">Episode 43: Satoshi Okada and Takuho Mitsunaga, Toyo University, FIRSTCON24 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-07T00:00:00+00:00">Fri, 07 Jun 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode of the First Impressions podcast, hosts Chris John Riley and Martin McKay interview Satoshi Okada and Takuho Mitsunaga , researchers from Toyo University who will be speaking at FIRSTCON24. In the episode, they discuss artificial intelligence, specifically large language models (LLMs) like ChatGPT, and the importance of multi-stakeholder governance for safer AI development. Okada and Mitsunaga explain the pros and cons of LLMs and emphasize the need for governance. Tune in to learn more and be sure to attend their talk this June in Fukuoka! </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Toyo.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Toyo.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-LAC.mp3">Episode 42: LAC, FIRSTCON24 Diamond Sponsor</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-31T00:00:00+00:00">Fri, 31 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join the First Impressions Podcast hosts for a chat with FIRSTCON24 Diamond Sponsor representatives, Ko and Rick from LACERT! Explore LACERT's pioneering role in Japan's cybersecurity since 1995, including innovative tools like Falcon Nest, and their overall contributions to global cybersecurity standards. Don't miss the insights of this episode and learn more about the importance of international collaboration in incident response!</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-LAC.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-LAC.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-NewNormal.mp3">Episode 41: Raja Jasper and James Potter, Huntington National Bank, FIRSTCON24 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-24T00:00:00+00:00">Fri, 24 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join hosts Martin McKeay and Chris John Riley for the newest FIRST Impressions Podcast episode featuring FIRSTCON24 speakers, James Potter and Raja Jasper from Huntington National Bank. The pair discuss their upcoming conference talk and explore the challenges of remote work in cybersecurity. Tune in for expert insights on digital communication etiquette, global team collaboration, and the evolving landscape of cybersecurity in the age of remote work. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-NewNormal.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-NewNormal.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Cycraft.mp3">Episode 40: CyCraft, FIRSTCON24 Diamond Sponsor</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-17T00:00:00+00:00">Fri, 17 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>This First Impressions podcast features representatives from CyCraft, one of FIRSTCON24’s Diamond sponsors. Based in Taiwan, CyCraft utilizes cutting-edge AI and machine learning to tackle a myriad of security challenges, from threat hunting to identity analysis. Tune in to discover why CyCraft is passionate about community engagement and learn about the practical applications of machine learning in cybersecurity, including event triage and attack pattern recognition.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Cycraft.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Cycraft.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Kucherin.mp3">Episode 39: Georgy Kucherin, Kaspersky, FIRSTCON24 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-10T00:00:00+00:00">Fri, 10 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join hosts Martin McKeay and Chris John Riley in this episode of the First Impressions podcast as they chat with Georgy Kucherin from Kaspersky's Global Research and Analysis team. Together they discuss combating sophisticated spyware targeting mobile devices like Pegasus and Operation Triangulation, highlighting the challenges in protecting our digital lives. Kucherin shares strategies for analyzing mobile threats and adapting to evolving tactics, preparing listeners for his talk at the upcoming FIRST Conference in Fukuoka, Japan. Tune in for insights into the frontline of cybersecurity!</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Kucherin.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Kucherin.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-samford.mp3">Episode 38: Megan Samford, Schneider Electric, FIRSTCON24 Keynote </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-03T00:00:00+00:00">Fri, 03 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Tune in to the latest episode of the First Impressions podcast, where hosts Martin McKeay and Chris John Riley sit down with Megan Sanford, VP Chief Product Security Officer at Schneider Electric Energy Management Division. As a keynote speaker at the 36th annual FIRST Conference in Fukuoka, Japan, Sanford shares insights into the world of product security. Discover why a secure development lifecycle and integrating security features into products are crucial for resilience. Sanford introduces ICS for ICS, a concept bridging emergency management with cyber incident response, urging listeners to adopt this framework for enhanced efficiency in handling cyber threats. Don't miss out on this insightful discussion that could shape the future of incident response.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-samford.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-samford.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-fukuoka.mp3">Episode 37: Fukuoka Preview with Taki Uchiyama, FIRSTCON24 Program Chair</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-12-08T00:00:00+00:00">Fri, 08 Dec 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON24 Program chair, Taki Uchiyama about the upcoming 36th Annual FIRST Conference to be held in Fukuoka, Japan, June 9-14, 2024. Under the theme of “Bridging Security Response Gaps”, Taki shares the importance of communication and collaboration within the security community and his hopes for the 2024 conference. This episode shares an inside look at the challenges of scheduling keynote speakers and the anticipation of a rich selection of presentations. Taki also shares tidbits about the rich cultural and historical attractions of Fukuoka city. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-fukuoka.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-fukuoka.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-taki.mp3">Episode 36: Taki Uchiyama, FIRSTCON24 Program Chair </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-08-11T00:00:00+00:00">Fri, 11 Aug 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this short episode, the FIRST Podcasters interview FIRSTCON24 Program chair, Taki Uchiyama. The 36th Annual FIRST Conference will be held in Fukuoka, Japan, June 9-14, 2024, under the theme: “Bridging Security Response Gaps”. Taki shares some of the topics he hopes to highlight next year including improving industry diversity and showcasing emerging security teams. Tune in for details on how to get involved in FIRSTCON24!</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-taki.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-taki.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-carhart.mp3">Episode 35: Lesley Carhart, FIRSTCON23 Keynote Speaker, Dragos </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-08-04T00:00:00+00:00">Fri, 04 Aug 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 Keynote speaker, Lesley Carhart and discuss her session: “How Did We Get Here? The History and Future of Cyberattacks against Industrial Control Networks”. Lesley explains and explores the complicated history of Industrial incident response and just how cybersecurity affects physical systems.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-carhart.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-carhart.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Umair.mp3">Episode 34: Umair Bukhari, FIRSTCON23 Speaker, Ericsson PSIRT</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-07-28T00:00:00+00:00">Fri, 28 Jul 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Umair Bukhari and discuss his conference session: “Extra-Ordinary Vulnerability Coordination – A Method to the Madness”. Umair highlights Ericsson’s newly established PSIRT framework for Extra-Ordinary Vulnerability Coordination (EVC) and the necessary actions, work streams, and communication that must be put in place to efficiently handle such events. Umair shares thoughtful steps for others to adopt the model. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Umair.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Umair.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Spafford.mp3">Episode 33: Dr. Eugene Spafford, FIRSTCON23 Speaker, Purdue University; &amp; Dr. Pattie Spafford</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-07-21T00:00:00+00:00">Fri, 21 Jul 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Dr. Eugene Spafford and his partner, Dr. Pattie Spafford. Together they discuss their recently published book, “Cybersecurity Myths and Misconceptions” co-authored by Leigh Metcalf, and Josiah Dykstra. They touch on the importance of communication and clear terminology that surpasses cultural barriers. Cybersecurity is people-centric and yet so much has been done by tech specialists without the end user in mind, the book proposes steps to clear language with metaphoric illustrations by Pattie. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Spafford.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Spafford.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-cisco.mp3">Episode 32: Vinay Bansal, CTO of Cisco’s CSIRT, Diamond Sponsor of FIRSTCON23</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-07-14T00:00:00+00:00">Fri, 14 Jul 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 Diamond Sponsor Rep, Vinay Bansal, the CTO of Cisco’s CSIRT. Vinay discusses Cisco’s long history with FIRST and its Special Interest Groups (SIGs) and shares details on Cisco’s new initiative for Attack Surface Management. This episode highlights the importance of information sharing and mentoring and how FIRST conferences have been a platform to create invaluable global relationships.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-cisco.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-cisco.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-vmware.mp3">Episode 31: Kevin Hagopian and Emer O'Neill, FIRSTCON23 Speakers; VMware</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-06-30T00:00:00+00:00">Fri, 30 Jun 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 speakers, Kevin Hagopian and Emer O’Neill, and discuss their conference session: “Small But Mighty - The Crucial Role a PSIRT Plays in Customer Trust, Adoption and Renewal”. Kevin and Emer highlight the evolution of a PSIRT within a software company, and how to best adapt processes and policies to protect a company’s brand. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-vmware.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-vmware.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-JaromirHorejsi.mp3">Episode 30: Jaromir Horejsi, FIRSTCON23 Speaker; Senior Threat Researcher, Trend Micro</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-06-02T00:00:00+00:00">Fri, 02 Jun 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Jaromir Horejsi, and preview his upcoming conference session: “Abusing Electron-Based Applications in Targeted Attacks”. Jaromir provides an overview on Electron frameworks and how they are targeted and attacked by infection vectors.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-JaromirHorejsi.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-JaromirHorejsi.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-KoenvanHove.mp3">Episode 29: Koen van Hove, FIRSTCON23 Speaker, NLnet Labs, University of Twente, Dutch Institute for Vulnerability Disclosure</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-05-26T00:00:00+00:00">Fri, 26 May 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview FIRSTCON23 speaker, Koen van Hove, and preview his upcoming conference session: “SPooFd: How to Spoof Mails, Even with Full SPF and DMARC Protection”. Providing a brief history of the internet and email, Koen explains how email spoofing started and transformed. Koen spotlights big vendors and how they approach email security. In his talk, Koen will demonstrate how SPF and DMARC protections are bypassed and outline a path to better security. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-KoenvanHove.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-KoenvanHove.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-EPSS-SIG.mp3">Episode 28: Jay Jacobs, Co-Chair, EPSS SIG; Data Scientist, Cyentia</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-04-07T00:00:00+00:00">Fri, 07 Apr 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview Jay Jacobs, who is a co-chair of the Exploit Prediction Scoring System Special Interest Group (EPSS SIG) and one of the founders of the Cyentia Institute. Evolving over the last year and a half, EPSS works to gather as much data as possible on vulnerabilities and look for indicators that something will be exploited in the future. Scores are updated daily with new evidences gained on potential exploitations. It is nearly impossible for companies to keep up with all their vulnerabilities, so prioritization is a must. Exploitation activity helps narrow down what’s important. The EPSS SIG is constantly updating and improving models to close gaps.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-EPSS-SIG.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-EPSS-SIG.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-DNS-SIG.mp3">Episode 27: Peter Lowe, DNS Abuse SIG Co-Chair, FIRST’s DNS Abuse Ambassador </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-03-03T00:00:00+00:00">Fri, 03 Mar 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview Peter Lowe, co-chair of the DNS Abuse Special Interest Group (DNS SIG). SIG member turned chair, Peter was also appointed as FIRST’s DNS Abuse “Ambassador” and has been tasked with representing the Forum within the DNS space. Peter chats about how DNS has become a hot topic in the public consciousness. He also explains why the SIG is trying to better define DNS Abuse from the point of view of incident responders and security teams. The SIG is creating a model for DNS stakeholders which will classify the different kinds of DNS Abuse and lists who can help with mitigation, prevention, and detection. Peter also touches on the future goals of the SIG and how to become a member. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-DNS-SIG.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-DNS-SIG.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-CTI-SIG.mp3">Episode 26: James Chappell and Krassimir Tzvetanov, Cyber Threat Intelligence SIG Co-chairs </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-01-27T00:00:00+00:00">Fri, 27 Jan 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview James Chappell and Krassimir Tzvetanov, co-chairs of FIRST’s Cyber Threat Intelligence Special Interest Group (CTI SIG). Along with a third co-chair, Adrian Hendrik, this group focuses on creating best practices and CTI training materials. With the goal of education, the SIG focuses on creating a common body of Cyber Threat knowledge and terms. Filling the gaps with thoughtful curriculum and organizing presentations, the SIG hopes to be a guiding light in the often difficult to navigate Cyber Threat Intelligence landscape. Interested parties are encouraged to join these efforts by applying for SIG membership at: <a href="https://www.first.org/global/sigs/cti/">https://www.first.org/global/sigs/cti/</a>. The SIG also manages a CTI news mailing list, to join simply send an email to cti-sig-news-subscribe [at] first.org. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-CTI-SIG.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-CTI-SIG.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-DesireeSacherBoldewin.mp3">Episode 25: Désirée Sacher-Boldewin, FIRST Board of Directors, Special Interest Groups (SIG) Coordinator</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-01-06T00:00:00+00:00">Fri, 06 Jan 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview Désirée Sacher-Boldewin who joined the FIRST Board of Directors in June 2022. Désirée has also taken on the role of co-coordinator for FIRST’s Special Interest Groups (SIGs). The SIGs cover a variety of topics with efforts to create new standards, map existing protocols, and make best security practices accessible to all. In 2023, the FIRST Impressions Podcast will highlight several SIGs to spotlight their achievements and aspirations. In this episode, Désirée touches on FIRST’s infrastructure improvements and shares her excitement to have her new position to spearhead future endeavors. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-DesireeSacherBoldewin.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-DesireeSacherBoldewin.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-SentinelOne.mp3">Episode 24: SentinelOne Team Members, FIRSTCON22 Diamond Sponsor</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-09-09T00:00:00+00:00">Fri, 09 Sep 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Podcasters interview various team members of SentinelOne, a Diamond Sponsor of FIRSTCON22, which is a fully autonomous EDR solution for businesses and enables basic end point detection and response. The team shares insight into current investigations around the world as well as observable attacker patterns to stress the importance of taking a layered approach to security.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-SentinelOne.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-SentinelOne.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-MaddieStone.mp3">Episode 23: Maddie Stone, Security Researcher, Project Zero, Google, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-09-02T00:00:00+00:00">Fri, 02 Sep 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Podcasters interview Maddie Stone of Google Project Zero on the current 2022 threat landscape and past Zero Day patterns. Maddie shares insight into how security professionals should work to make exploitations more difficult for attackers. With an evolving approach to Zero Days, we can create continuous solutions that treat patches as an opportunity to dive deeper. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-MaddieStone.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-MaddieStone.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-RebeccaTaylor.mp3">Episode 22: Rebecca Taylor, Threat Intelligence Knowledge Manager, Secureworks, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-26T00:00:00+00:00">Fri, 26 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview Rebecca Taylor of Secureworks on the importance and structuring of knowledge management. Rebecca provides valuable insight into the processes, frameworks, and templates that must be incorporated to create a roadmap of understanding and interconnected relationships. She stresses the value of feedback loops, work streams, and ongoing evolution. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-RebeccaTaylor.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-RebeccaTaylor.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-diversity.mp3">Episode 21: Emma Jones, CrowdStrike, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-19T00:00:00+00:00">Fri, 19 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, the FIRST Podcasters interview Crowdstike’s Senior Consultant, Emma Jones, on the importance of diversity. The umbrella term describes all sorts of efforts, from belonging to inclusion to equality and representation. Emma discusses how every day actions build in processes of trust and how thinking differently isn’t wrong; it’s imperative. How do we create a stage where everyone is qualified to speak? How do we make and share information in a way that is consumable to everyone? Tune in to find out. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-diversity.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-diversity.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-lookyloo.mp3">Episode 20: Raphaël Vinot, CIRCL, and Quinn Norton, Independent, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-12T00:00:00+00:00">Fri, 12 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, FIRST Podcasters interview FIRSTCON22 Speakers Raphaël Vinot and Quinn Norton on their tool Lookyloo. This open-source project was made to capture and record all the happenings on a website in real time. After a news website fell victim of malvertising, Raphaël and Quinn were called in to investigate. After a failed search for a tool to monitor the page, they created their own. Users of Lookyloo will have access to all the contents of a webpage mapped onto file tree as well as a created database of content and relationships to better help monitor and protect their sites. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-lookyloo.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-lookyloo.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-CERTUA.mp3">Episode 19: Victor Zhora, Yevheniia Volivnyk, and Yevhen Bryksin, CERT-UA, FIRSTCON22 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-05T00:00:00+00:00">Fri, 05 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this heavy-hitting episode, FIRST Podcasters interview team Ukraine. The CERT-UA group share insights and revelations as they compare 2021 cyber incidents to 2022 and discuss attacker tactics. A large time frame of exploits came in early January, just as Ukrainians were receiving warnings of potential war. Sowing disorder, the disinformation campaign had a cyber component, as assailants attempted to convince the public that their government could not protect them or their data. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-CERTUA.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-CERTUA.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Vishal.mp3">Episode 18: Vishal Thakur, Director of DFIR at Ankura Consulting, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-29T00:00:00+00:00">Fri, 29 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, FIRST Podcasters interview FIRSTCON22 Speaker, Vishal Thakur, who is the Director of DFIR at Ankura Consulting. Together the group discusses how to live in the on-going “ransomware pandemic” and the importance of practicing good security hygiene. Tune in for tips on how to successfully communicate and streamline communication when attacked and how tabletop exercises can better prepare your team for the next one. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Vishal.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Vishal.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Uptycs.mp3">Episode 17: Ganesh Pai, Founder and CEO of Uptycs, FIRSTCON22 Diamond Sponsor</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-06-17T00:00:00+00:00">Fri, 17 Jun 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, FIRST Podcasters interview FIRSTCON22 Diamond Speaker and Sponsor, Ganesh Pai who is the Founder and CEO of Uptycs, a cloud-native security analytics platform. Ganesh reflects on the magic of past FIRSTCONs as he looks forward to Dublin. With the focus on people over tools, Ganesh marvels at the opportunity to watch new industry professionals grow and shares a deeper dive into Uptyc’s osquery. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Uptycs.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Uptycs.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Schmidt-Wiesner.mp3">Episode 16: Thomas Schmidt and Jens Wiesner, German Federal Office for Information Security (BSI), FIRSTCON22 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-06-03T00:00:00+00:00">Fri, 03 Jun 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Podcasters interview FIRSTCON22 Speakers, Thomas Schmidt and Jens Wiesner, on the subject of their conference session: "Securing the Supply Chain Together - Through Automation of Advisories and Vulnerability Management". Working in separate departments of the German Federal Office for Information Security (BSI), Schmidt and Wiesner are experts at standardizing advisories. Get a taste of their conference presentation as Martin and Chris grill them on remediation measures, mitigations, and what Common Security Advisory Framework (CSAF) does as a solution. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-Schmidt-Wiesner.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-Schmidt-Wiesner.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-HelenPatton.mp3">Episode 15: Helen Patton, Advisory CISO, Cisco, FIRSTCON22 Speaker</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-05-20T00:00:00+00:00">Fri, 20 May 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Podcasters interview FIRSTCON22 Speaker, Helen Patton, on the context of her conference session: "How to Talk to a Board so the Board will Talk Back". Helen explains how perspectives may differ between security practitioners in the weeds of vulnerabilities and an upper management’s big picture point of view. Get a taste of Helen's conference presentation as she discusses how to establish and maintain board relationships and explain the value of risk to non-experts.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-HelenPatton.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-HelenPatton.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-BrianHonan.mp3">Episode 14: Brian Honan, CEO of BH Consulting, 2022 FIRST Program Chair</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-05-06T00:00:00+00:00">Fri, 06 May 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>2022 Conference Chair, Brian Honan, talks all things FIRSTCON as we prepare to hold the next gathering in Dublin this June. The 34th Annual FIRST Conference: "Neart Le Chéile: Strength Together" will take place June 26 - July 1, 2022.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-BrianHonan.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-BrianHonan.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-NaamaBenDov.mp3">Episode 13: Naama Ben-Dov, Strategy Merger and Acquisition Manager</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-04-08T00:00:00+00:00">Fri, 08 Apr 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this episode, Naama Ben-Dov, a strategy merger and acquisition manager at Microsoft, discusses a developer’s journey and the importance of planning for the future. Together with the podcasters, she points out how what a customer may want is often in opposition to what they need and in turn, encourages difficult conversations. Tune in to hear how the human psyche drives innovation. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-NaamaBenDov.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-NaamaBenDov.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-IrenReznikov.mp3">Episode 12: Iren Reznikov, Venture Capitalist, Researcher, Economist </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-03-04T00:00:00+00:00">Fri, 04 Mar 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Iren Reznikov is a Cyber Investor based in Israel specializing in deep tech security startups. Together with the FIRST Impressions podcasters, she opens a dialogue into the lifecycle of acquisitions and how current political tensions may affect the cyber landscape.</p> <p>Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent. </p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions-IrenReznikov.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions-IrenReznikov.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Andy-Ellis.mp3">Episode 11: Andy Ellis, Advisory CISO, Orca Security &amp; Operating Partner, YL Ventures</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-02-04T00:00:00+00:00">Fri, 04 Feb 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join the interview in progress! Chris, Martin, and Andy chat building teams, navigating within organizations, career change, and interpretive dance.</p> <p>Andy Ellis is the Advisory CISO at Orca Security, where he helps companies embrace secure practices while leaping into the cloud era. He is a 2021 Inductee into the CSO Hall of Fame, an Operating Partner at YL Ventures, the CEO of leadership training company Duha, and was formerly a U.S. Air Force officer and the CSO at Akamai Technologies. You can find him on Twitter at @csoandy. Ellis has received The Spirit of Disneyland Award, The Wine Spectator's Award of Excellence, the Air Force Commendation Medal, and the CSO Compass Award.</p> <p>Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Andy-Ellis.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Andy-Ellis.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Neil-Craig.mp3">Episode 10: Neil Craig, Lead Architect in BBC Digital Distribution</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-01-07T00:00:00+00:00">Fri, 07 Jan 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Neil is Lead Architect in BBC Digital Distribution, focusing on website traffic management and supporting technologies. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Neil-Craig.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Neil-Craig.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Ed-Skoudis.mp3">Episode 9: Ed Skoudis, President, SANS Technology Institute</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-12-03T00:00:00+00:00">Fri, 03 Dec 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Chances are, you know Ed. Ed Skoudis is founder of the SANS Institute’s Penetration Testing Curriculum and creator of SANS NetWars, CyberCity, and the Holiday Hack Challenge. Learn more about the upcoming SANS Holiday Hack Challenge at <a href="https://www.sans.org/mlp/holiday-hack-challenge/">https://www.sans.org/mlp/holiday-hack-challenge/</a>. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Ed-Skoudis.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Ed-Skoudis.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Jen-Ellis.mp3">Episode 8: Jen Ellis - VP of Community and Public Affairs, Rapid7</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-11-05T00:00:00+00:00">Fri, 05 Nov 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Chris catches up with Jen Ellis, VP of Community and Public Affairs at Rapid7 and talk ransomware. Recorded October 2021. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Jen-Ellis.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Jen-Ellis.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Amanda-Berlin.mp3">Episode 7: Amanda Berlin - CEO, Mental Health Hackers </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-09-03T00:00:00+00:00">Fri, 03 Sep 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Amanda Berlin is the CEO of Mental Health Hackers - a not for profit organization dedicated to educate information security professionals about the unique mental health risks faced by those in the field. Recorded August 2021. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Amanda-Berlin.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Amanda-Berlin.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_IMPRESSIONS-KyleTobener.mp3">Episode 6: Kyle Tobener - VP and Head of Security &amp; IT at Copado</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-08-06T00:00:00+00:00">Fri, 06 Aug 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Kyle is a VP and Head of Security &amp; IT at Copado. Kyle, Martin, and Chris talk security careers and share their own personal experiences. Recorded July 2021. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST_IMPRESSIONS-KyleTobener.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_IMPRESSIONS-KyleTobener.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions_Allan_Friedman.mp3">Episode 5: SBOM &amp; Twinkies? Allan Friedman, Dir. of Cybersecurity Initiatives, US Department of Commerce</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-02T00:00:00+00:00">Fri, 02 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Featuring Dr. Allan Friedman, Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of Commerce. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST_Impressions_Allan_Friedman.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_Impressions_Allan_Friedman.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_IMPRESSIONS-ChrisGibson.mp3">Episode 4: Chris Gibson - Executive Director at FIRST</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-06-04T00:00:00+00:00">Fri, 04 Jun 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Chris Gibson chats all things FIRST and how the organization is and has approached change during the pandemic. Recorded February 2021. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST_IMPRESSIONS-ChrisGibson.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST_IMPRESSIONS-ChrisGibson.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Traci.mp3">Episode 3: Traci Wei - Planning Virtual Events During COVID</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-05-07T00:00:00+00:00">Fri, 07 May 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Traci Wei, owner of CAPS, LLC and the meetings and conference director for FIRST, shares her experiences of transitioning events to virtual during the pandemic. Recorded November 2020. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Traci.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Traci.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Eireann.mp3">Episode 2: Eireann Leverett and Desiree Sacher</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-04-02T00:00:00+00:00">Fri, 02 Apr 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Desiree Sacher is a Security Architect for a Security Operation Center in the financial industry. Eireann Leverett is a Senior Scientist at Airbus Operations, co-author of Solving Cyber Risk, and Founder of Concinnity Risks. He is co-chair of the Cyber Insurance SIG, and the EPSS SIG. Recorded in December 2020. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Eireann.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Eireann.mp3">Download MP3</a></audio></article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Serge.mp3">Episode 1: Serge Droz - Reflections on 2020 and Thinking Ahead to 2021</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-03-01T00:00:00+00:00">Mon, 01 Mar 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Serge is the chair of the board of directors of FIRST (Forum for Incident Response and Security Teams), the premier organisation of recognised global leaders in incident response. In this role he actively participates in discussion relating to cyber security at various policy bodies, in particular related to norm building. Episode recorded in December 2020. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.</p></div> <audio src="https://media.first.org/podcasts/FIRST-Impressions-Serge.mp3" preload="none" controls><a class="p-url" itemprop="url" href="https://media.first.org/podcasts/FIRST-Impressions-Serge.mp3">Download MP3</a></audio></article> </div> <ul class="years page-control"> <li><a href="/newsroom/news/first-impressions/2024">2024</a></li> <li><a href="/newsroom/news/first-impressions/2023">2023</a></li> <li><a href="/newsroom/news/first-impressions/2022">2022</a></li> <li><a href="/newsroom/news/first-impressions/2021">2021</a></li> </ul></div></div><div id="navbar" data-studio="CU52CV1W8g"><div id="c4" data-studio="Yu8FjCC11g"><ul class="navbar"><li><a href="/about">About FIRST</a><ul><li><a href="/about/mission">Mission Statement</a></li><li><a href="/about/history">History</a></li><li><a href="/about/sdg">Sustainable Development Goals</a></li><li><a href="/about/organization">Organization</a><ul><li><a href="/about/organization/directors">Board of Directors</a></li><li><a>Operations Team</a><ul><li><a href="/about/organization/ccb">Community &amp; Capacity Building</a></li><li><a href="/about/organization/events">Event Office</a></li><li><a href="/about/organization/executive-director">Executive Director</a></li><li><a href="/about/organization/infrastructure">Infrastructure</a></li><li><a href="/about/organization/secretariat">Secretariat</a></li></ul></li><li><a href="/about/organization/committees">Committees</a><ul><li><a href="/about/organization/committees/compensation-committee">Compensation Committee</a></li><li><a href="/about/organization/committees/conference-program-committee">Conference Program Committee</a></li><li><a href="/about/organization/committees/membership-committee">Membership Committee</a></li><li><a href="/about/organization/committees/rules-committee">Rules Committee</a></li><li><a href="/about/organization/committees/standards">Standards Committee</a></li></ul></li><li><a href="/events/agm">Annual General Meeting</a></li><li><a href="/about/organization/reports">Annual Reports and Tax Filings</a></li></ul></li><li><a href="/about/policies">FIRST Policies</a><ul><li><a href="/about/policies/anti-corruption">Anti-Corruption Policy</a></li><li><a href="/about/policies/antitrust">Antitrust Policy</a></li><li><a href="/about/policies/bylaws">Bylaws</a></li><li><a href="/about/policies/board-duties">Board duties</a></li><li><a href="/about/bugs">Bug Bounty Program</a></li><li><a href="/about/policies/code-of-conduct">Code of Conduct</a></li><li><a href="/about/policies/conflict-policy">Conflict of Interest Policy</a></li><li><a href="/about/policies/doc-rec-retention-policy">Document Record Retention and Destruction Policy</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li><li><a href="/about/policies/gen-event-reg-refund-policy">General Event Registration Refund Policy</a></li><li><a href="/about/policies/event-site-selection">Guidelines for Site Selection for all FIRST events</a></li><li><a href="/identity">Identity &amp; Logo Usage</a></li><li><a href="/about/policies/mailing-list">Mailing List Policy</a></li><li><a href="/about/policies/media">Media Policy</a></li><li><a href="/about/policies/privacy">Privacy Policy</a></li><li><a href="/about/policies/registration-terms-conditions">Registration Terms &amp; Conditions</a></li><li><a href="/about/policies/terms">Services Terms of Use</a></li><li><a href="/about/policies/standards">Standards Policy</a></li><li><a href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></li><li><a href="/about/policies/translation-policy">Translation Policy</a></li><li><a href="/about/policies/travel-policy">Travel Policy</a></li><li><a href="/about/policies/uniform-ipr">Uniform IPR Policy</a></li><li><a href="/about/policies/whistleblower-policy">Whistleblower Protection Policy</a></li></ul></li><li><a href="/about/partners">Partnerships</a><ul><li><a href="/global/partners">Partners</a></li><li><a href="/global/friends">Friends of FIRST</a></li><li><a href="/global/supporters/">FIRST Supporters</a></li><li><a href="/about/sponsors">FIRST Sponsors</a></li></ul></li><li><a href="/newsroom">Newsroom</a><ul><li><a href="/newsroom/news">What&#039;s New</a></li><li><a href="/newsroom/releases">Press Releases</a></li><li><a href="/newsroom/news/media">In the News</a></li><li><a href="/podcasts">Podcasts</a><ul><li><a href="/newsroom/news/first-impressions/">FIRST Impressions Podcast</a></li><li><a href="/newsroom/news/podcasts/">FIRSTCON Podcast</a></li></ul></li><li><a href="/newsroom/newsletters">Newsletters</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li></ul></li><li><a href="/about/procurement">Procurement</a></li><li><a href="/about/jobs/">Jobs</a></li><li><a href="/contact">Contact</a></li></ul></li></ul></div><div id="c5" data-studio="Yu8FjCC11g" class="list-banner"><p><img src="/_/img/1st-impressions-podcast.png" alt="FIRST Impressions Podcast" /></p> <h4 id="Also-available-on">Also available on</h4> <ul> <li><a href="https://podcasts.apple.com/us/podcast/first-impressions-podcast/id1556127848?l=en"><img src="/_/img/apple-podcast.png" alt="FIRSTCON Podcast Apple" /></a></li> <li><a href="https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuZmlyc3Qub3JnL25ld3Nyb29tL25ld3MvZmlyc3QtaW1wcmVzc2lvbnMueG1s"><img src="/_/img/google-podcast.png" alt="FIRSTCON Podcast Google" /></a></li> <li><a href="https://open.spotify.com/show/6mdVBCDxhGKuULeca9psdl"><img src="/_/img/spotify-podcast.png" alt="FIRSTCON Podcast Spotify" /></a></li> </ul> <!-- - [](https://www.stitcher.com/s?fid=470775&refid=asa) - [](http://tun.in/pjzCu) --></div></div><div id="sidebar" data-studio="CU52CV1W8g"><div id="c6" data-studio="Yu8FjCC11g"><h3 id="Hosts">Hosts</h3> <h4 class="clear-both picture-circle image-center" id="Chris-John-Riley"><img src="/_/img/photos/chris-john-riley.jpg" alt="Chris John Riley" /> <br />Chris John Riley</h4> <p>Chris John Riley is a Senior Security Engineer, and has been attending FIRST events for over 12 years. In his spare time, Chris collects books (that he never finds time to read), spends his weekend taking long romantic walks from the sofa to the kitchen (mostly for snacks), and enjoys playing Dungeons and Dragons.</p> <h4 class="clear-both picture-circle image-center" id="Martin-McKeay"><img src="/_/img/photos/martin-mckeay.jpg" alt="Martin McKeay" /> <br />Martin McKeay</h4> <p>With nearly two decades of experience in the IT and security field, Martin is a well-seasoned professional dedicated to spreading awareness about security and privacy. He is the senior editor of Akamai's State of the Internet / Security report, his attempt to provide intelligence on attacks to the industry and make up for the time he spent as a QSA. He's also just a pretty nice guy in general, with a wicked sense of humor and a finely honed blade of sarcasm.</p> <p><br /></p> <div class="h3labels orange subbox clear-both"> <h3 id="Subscribe-via-RSS">Subscribe via RSS</h3> <p>RDF Site Summary (RSS) is a lightweight multipurpose extensible metadata description and syndication format.</p> <p>Subscribe to the <strong>FIRST Impressions Podcast</strong> using our RSS feed:<br /> <a href="/newsroom/news/first-impressions.xml"><span class="icon-feed"></span> RSS 2.0</a></p> </div></div></div><footer><div id="footer" data-studio="CU52CV1W8g"><div id="c2" data-studio="Yu8FjCC11g"><div class="content"> <div class="support"> <div class="kbsearch bottom"> <p><a href="https://support.first.org"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a> <input class="kb-search" type="search" placeholder="Do you need help?"></p> </div> </div> <div id="socialnetworks"><a href="/about/sdg" title="FIRST Supported Sustainable Development Goals (SDG)" class="icon-sdg"></a><a rel="me" href="https://bsky.app/profile/first.org" target="_blank" title="BlueSky @first.org" class="icon-bluesky"></a><a rel="me" href="https://infosec.exchange/@firstdotorg" target="_blank" title="@FIRSTdotOrg@infosec.exchange" class="icon-mastodon"></a><a href="https://twitter.com/FIRSTdotOrg" target="_blank" title="Twitter @FIRSTdotOrg" class="icon-tw"></a><a href="https://www.linkedin.com/company/firstdotorg" target="_blank" title="FIRST.Org at LinkedIn" class="icon-linkedin"></a><a href="https://www.facebook.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Facebook" class="icon-fb"></a><a href="https://github.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Github" class="icon-github"></a><a href="https://www.youtube.com/c/FIRSTdotorg" target="_blank" title="FIRST.Org at Youtube" class="icon-youtube"></a><a href="/podcasts" title="FIRST.Org Podcasts" class="icon-podcast"></a></div> <p><a href="/copyright">Copyright</a> © 2015—2025 by Forum of Incident Response and Security Teams, Inc. All Rights Reserved.</p> </div> <p><span class="tlp"></span></p></div></div></footer><script nonce="m-Ay77YgGAzeTN93B6IL4A" async="async" src="/_/web.js?20250108234724"></script><script nonce="m-Ay77YgGAzeTN93B6IL4A" async="async" src="/_/web.js?20250108234724"></script><script nonce="m-Ay77YgGAzeTN93B6IL4A" async="async" src="/_/s.js?20250103-103952"></script></body></html>