The Threat Intel Coalition is a Special Interest Group (SIG) at the Forum for Incident Response and Security Teams (FIRST) that assists civil society in detecting and defending against targeted digital threats. Civil society organizations often lack information about the threats they face and the resources needed to prevent and mitigate intrusions. We aim to improve that situation and provide help in two ways. First, we link up civil society organizations facing a targeted threat to researchers at threat intelligence providers who provide assistance in a trusted and confidential setting. We have strong information sharing rules in place to protect the privacy of members and ensure civil society remains in control of who knows what about them. Second, we organize free training sessions and shared resources to support capacity building. Our members include researchers at all leading threat intelligence providers, civil society from around the world and academic experts. Membership is open to all civil society organizations and researchers willing to contribute.
The Threat Intel Coalition is a member of First
We create workshops, training and access to shared resources
We link civil society facing cyber threats to researchers who provide assistance and information in a trusted and confidential setting.
we aim to build a community of trust among civil society organizations, academics and industry member to foster long term cooperation.
Lennart Maschmeyer is a Senior Researcher at the Center for Security Studies at ETH Zurich. He holds a PhD in Political Science from the University of Toronto and an MPhil in International Relations from the University of Oxford. Lennart’s research examines how information technology impacts security competition and the exercise of power in world politics. Specifically, he explores the subversive nature of cyber operations and its strategic implications, as well as the role of non-state actors in cyber conflict.
Abir is the Director of Information Security at Human Rights Watch. She provides strategic and operational oversight for managing information security risks that HRW staff face in their work.
Abir’s work and research focuses on women rights, digital rights and the intersection of gender and tech. Abir sits on Article19‘s international board, OTF’s advisory council and the grant advisory board of AccessNow. She also founded HammamRadio, A feminist participatory radio, launched from Berlin where she is based.
Benjamin Read is the Senior Manager for Cyber Espionage Analysis in FireEye’s Intelligence unit. His team leads tracks and reports on espionage groups from China, Russia, North Korea and many other countries. He was an analyst on the same team at iSIGHT Partners before it was acquired by FireEye in January 2016. Prior to iSIGHT, Mr. Read worked as a special assistant at the National Security Council’s European Affairs Directorate. While there, he supported the numerous presidential trips and meetings including the 2012 NATO Summit in Chicago.
| Academia/Research | Civil Society | Industry |
|---|---|---|
| Debora Irene Christine, United Nations University Macao | Abir Ghattas, Human Rights Watch | Alexandru Ciobanu, Amgen |
| Ernesto Perez Estevez, CEDIA | Adli Wahid, APNIC | Anton Cherepanov, ESET |
| Florian Egloff, ETH Zurich | Alexandra, Digital Defenders | Ben Read, Mandiant |
| Gil Baram, Tel Aviv University | Andreas Muehlemann, Switch | BGen (ret.) Robert Mazzolin, RHEA Group |
| Irene Poetranto, CitizenLab | Andrej Petrovski, SHARE Foundation | Camille Francois, Graphika |
| James Shires, U Leiden | Andrew Cormack, JISC | Chetan Patel, Helaba |
| JD Work, Marine Corps University/Columbia U | Anthony Sule, CCHub | Christopher McCown, VMWare |
| John Scott-Railton, Citizen Lab | Artur Papyan, Media Diversity Institute | Cristiana Kittner, Mandiant |
| Lennart Maschmeyer, ETH Zurich | Carlos Alvarez, ICANN | Cilas Cutler, Institute for Security and Technology |
| Lilly Muller, Kings College London | Cooper Quintin, EFF | Dlshad Othman, AWS |
| Masashi Crete-Nishihata, CitizenLab | Daniel Bedoya, AccessNow | Greg Lesnewich, Recorded Future |
| Matteo Bonfanti, ETH Zurich | Danish Umar, Digital Rights Foundation | Jamie Collier, Mandiant |
| Myriam Dunn-Cavelty, ETH Zurich | Etienne Maynier, Amnesty International | Jayce Nichols, Mandiant |
| Ron Deibert, Citizen Lab | Hassen Selmi, AccessNow | Jeremy Haas, Looking Glass |
| Silas Cutler, Institute for Security and Technlogy | Ingrid Skoog, CDR | Jill Sopko, Verizon Media |
| Xander Bouwman, TU Delft | Jamie Lord, CERT | Joshua Saxe, Sophos/Covid-19 CTC |
| Jon Camfield, Internews | Juan Andres Guerrero-Saade, SentinelOne | |
| Laurie A Tyzenhaus, CERT | Lilian Teng, Verizon | |
| Lobsang Gyatso, TibCERT | Marten Van Hoorenbeck, Zendesk | |
| Neil Blazevich, Internews | Matt Dahl, CrowdStrike | |
| Neil Jenkins, CTA | Mayo Yamasaki, NTT-CERT | |
| Nighat Dad, Digital Rights Foundation | Mihai Chelalau, Amgen | |
| Paula Martins, APC | Mihai Molcuti, Amgen | |
| Peter Micek, AccessNow | Nart Villeneuve, TrendMicro | |
| Samuel Eibu, Defend Defenders | Pasquale Stirparo, Dragos | |
| Sani Abhilash, CERT-In | Rainer Ginsberg, BASF | |
| Sekuloski Milan, Geneva Centre for the Democratic | RamPrabhu Murugeshan, Diageo | |
| Control of Armed Forces | Roderick Mooi, Sanren | |
| Serge Droz, FIRST | Ryan P. Miller, Target | |
| Stéphane Labarthe, Fundacion Karisma | Shin Adachi, NTT-CERT | |
| Tonu Tammer, CERT-EE | Sylvain Martinez, Elysium Security | |
| Josh Levy, Center for Digital Resilience | Tim Preson, Bell Canada | |
| Runa Sandvik, Independent Security Researcher | Tobias Ellenberger, Oneconsult | |
| Thom Kaye, AccessNow | Vaman Amarjeet Gokuldas Kini, WorldBank | |
| Dustin Kramer, Independent | Winonna DeSombre | |
| Habeeb Adebisi, Co-Creation Hub, CiviCERT | Adam Caudle, Verizon | |
| Simbiat Sadiq, Co-Creation Hub, cyber safe foundation | James Motherway, GIAC | |
| Peter Lowe, DNS Filter | ||
| Evan Wolff, Crowell |
