Ethics SIG


As a premier organization and recognized global leader in incident response, FIRST functions similar to a professional association for CSIRT and PSIRT members as well as other cybersecurity professionals with training and experience related to the work of incident response and security teams.

The world around FIRST is becoming increasingly aware of the importance of cybersecurity issues and the important work of security incident response teams in keeping the Internet safe and trustworthy. As a result, more and more activities and efforts are being expected of SIRTs, and more and more questions arise regarding the proper role and expected behaviors of SIRTs. These questions could potentially be answered by a definitive set of statements of what SIRTs will or will not do: A FIRST Code of Ethics.

It is quite typical for professional organisations to have a published code of conduct or code of ethics that their members are required to live up to. Even in computer science, many organisations have these. Examples include:

The establishment of a Code of Ethics for FIRST members would further the professionalization of the FIRST community and its practitioners, increase the prominence of FIRST as a unique professional association for SIRT members, and help to greatly improve the world’s understanding of SIRTs and how they operate.

Goals & Deliverables

During 2019, the Ethics SIG completed the FIRST Code of Ethics framework, known as EthicsfIRST. The Board has approved the publication, and it is available on the Ethics SIG page. The framework can be used by security teams, PSIRTs and CERTs.

EthicsfIRST is a living document that welcomes the feedback and discussion of ethical scenarios from other security teams with the aim to develop more practical advice and support the incident response community.