Carnegie Mellon University cmu-wordmark

NatCSIRT 2026

Jun 12-13, 2026 Denver, Colorado, USA

Technical Meeting for CSIRTs with National Responsibility (NatCSIRT) 2026

Participate in Call for Presentations (CFP).

Registration is now open!

NatCSIRT is an invitation-only meeting restricted to technical and managerial staff members of National CSIRTs. It will be held in person before the 38th annual FIRST conference.

The meeting provides a forum for National CSIRTs to share information, tools, techniques, and strategies that address problems unique to CSIRTs that are responsible for a nation or economy.

Questions? Contact Us

We look forward to seeing you at NatCSIRT 2026!

Call for Presentations (CFP)

The CERT® Division of the Software Engineering Institute at Carnegie Mellon University and the NatCSIRT 2026 Program Committee invite you to submit a presentation for the 21st Annual Technical Meeting for CSIRTs with National Responsibility (NatCSIRT 2026). The meeting will be held in person on June 12-13, 2026, before the annual FIRST conference. This invitation-only meeting is restricted to technical and managerial staff members of National CSIRTs.

The meeting provides a forum for National CSIRTs to share information, tools, techniques, and strategies that address problems unique to CSIRTs that are responsible for a nation or economy. More information about this meeting can be found at https://resources.sei.cmu.edu/news-events/events/natcsirt/index.cfm.

Focus Areas

The Call for Presentations (CFP) is now open! The Program Committee has selected the following Focus Areas for this year’s CFP.

Artificial Intelligence

  • AI-powered attacks, defenses, and responsible AI use
  • AI-related cyber threats and incident response strategies

Critical Infrastructure

  • Securing IoT, OT, 5G, and national infrastructure
  • Public and private collaboration: incident response and crisis management
  • Supply Chain Security: Securing digital supply chains and third-party vendors
  • How to identify critical infrastructure and the most critical/high value assets

CSIRT Development

  • Building human capacity with small budgets
  • Vulnerability Management: Rapid exploitation, patching, disclosure practices, and relevant regulations
  • Dealing with advisories at-scale
  • Collaboration despite diverse interests of nations

Policy & Governance

  • Regulatory and standards trends
  • Operational independence
  • Legal basis for national setup and strategic approach
  • Trust building and cyber diplomacy

Ransomware

  • Prevention and response strategies
  • What teams should really focus on
  • Lessons learned from National CSIRTs that handled significant ransomware incidents
  • Insights into the activities of ransomware groups
  • Pros and cons of paying ransoms
  • Role of international cooperation/coordination for ransomware

Tools, Response Plans, Case studies

  • APT campaigns that may impact other regions. IOCs, IOAs and scam campaigns.
  • Management and incident response of sports and other major events
  • Updates from teams who presented their tools last year: findings from their operation for the past year

Lightning Talks

Do you have a 5-minute talk that the National CSIRT community could benefit from hearing about? Follow the submission instructions and list “Lightning Talk” as the type (leave Focus Area blank).

Note: If you have a topic that you are not sure fits into any of the focus areas, please submit it anyway! Also, when developing your abstract, please consider whether it is relevant to teams of all sizes and capability levels. If it is not, look for ways to identify how those other teams can still benefit from the information and include that in the abstract.

Submission Instructions

Limit your presentation to 20 minutes (including time for questions). Limit panels/facilitated discussions or other formats to 40-60 minutes (including time for questions).

Abstracts for panels, facilitated discussions, and other formats are also encouraged. For formats other than presentations, feel free to suggest countries/teams to be participants (or let us know if you need assistance in getting participants), the number of panelists, and a topic/question list and other details as needed to demonstrate how the time will be used.

Include:

  • Title
  • Presenter Name(s)
  • Type (presentation, panel, demo, etc.)
  • Focus Area (from the list provided)
  • Abstract – thoroughly describe what your presentation will cover

Send your submission by Friday, February 20, 2026 to natcsirt-meeting@cert.org.