As a premier organization and recognized global leader in incident response, FIRST functions similar to a professional association for CSIRT and PSIRT members as well as other cybersecurity professionals with training and experience related to the work of incident response and security teams.
The world around FIRST is becoming increasingly aware of the importance of cybersecurity issues and the important work of security incident response teams in keeping the Internet safe and trustworthy. As a result, more and more activities and efforts are being expected of SIRTs, and more and more questions arise regarding the proper role and expected behaviors of SIRTs. These questions could potentially be answered by a definitive set of statements of what SIRTs will or will not do: A FIRST Code of Ethics.
It is quite typical for professional organisations to have a published code of conduct or code of ethics that their members are required to live up to. Even in computer science, many organisations have these. Examples include:
The establishment of a Code of Ethics for FIRST members would further the professionalization of the FIRST community and its practitioners, increase the prominence of FIRST as a unique professional association for SIRT members, and help to greatly improve the world’s understanding of SIRTs and how they operate.
Read the full SIG charter at https://www.first.org/global/sigs/ethics/