Meeting in person at the FIRST Oslo Technical Colloquium

By Mona Østvang, FIRST Board Director
Tuesday, November 29th, 2021

Last month, I was honored to be one of the planners and participants of the FIRST Technical Colloquium (TC) in Norway. Organized by FIRST members, the event was held just outside of Oslo at the Telenor Expo, Telenor headquarters in Fornebu.

We were delighted to see nearly 180 incident response and security individuals attend the three-day conference. The biggest highlight was, of course, being able to hold it in person. It was a gratifying experience for our community to come together for the first time in a long time, network, and do business face-to-face. The vast majority of our speakers could also do their presentations on-site, with only three talks held remotely. So all in all, it was a great experience.

We secured a diverse range of speakers. These included Nina Sunde from the Norwegian Police University College, who talked about the challenges and solutions around the bias in forensics, the Norwegian parliament administration whose talk 'When Democracy is under Attack' was of great interest, and Visma/Coop who spoke about how the ransomware attack involving Kaseya affected them and their customers. Attendees were also able to participate in a Microsoft Security workshop.

We had keynote speakers, too - Andy Snowball, Head of Cyber Incident Response at BAE Systems, and Angela Wong, Incident Response Lead at Telenor CERT (TCERT). Andy spoke about the ransomware landscape, how it has shifted in recent years, with attackers using additional techniques to extort money from target organizations and how to prevent ransomware attacks. Angela's presentation was entitled Comparative Studies in Remediation: Lessons from 3 years of APT Remediation. Angela provided insight into how to remediate serious APT incidents. Her talk compared several incident response cases from across the globe, highlighting the challenges faced in these different environments while identifying the most crucial factors for success in remediation.

I personally had the opportunity to promote the work of FIRST, the benefits of our membership, our Special Interest Groups, and the new Ransomware SIG.

We want to thank everyone involved in organizing this event, the speakers for being so open with their experiences, and especially the sponsors who made the conference possible: DNB, Defendable, KraftCERT, mnemonic, Nordic Financial CERT, Norsk Helsenett, Sopra Steria, Telenor, and Visma.

We look forward to running a similar colloquium next year, tentatively scheduled for late October 2022.