Suguru Yamaguchi Fellowship Program

Effective digital resilience and incident response is dependent on a strong network of capable partners and practitioners across local, regional, and the global communities. Recognizing this need, FIRST launched the Suguru Yamaguchi (SY) Fellowship Program to assist teams from underrepresented regions and with national responsibility to engage with and join the global FIRST community.

Named to honor the late Dr. Suguru Yamaguchi, a founding member of JPCERT/CC, former FIRST Board member, and initiator of the Fellowship Program, the program reflects his dedication to supporting Internet development and outreach, partnership, and education across the incident response community.

The SY Fellowship Program

The SY fellowship program is a four-year opportunity for CSIRTs with national coordination responsibility, including national teams and teams with national-level sector responsibility.

Participating teams will have the opportunity to:

• Engage with other fellowship teams, to learn from each other’s experiences, and share solutions to common challenges
• Build strong relationships and trust with regional and international incident response partners to facilitate information and good practice sharing and build the foundation for future incident response collaboration
• Receive support to join the Annual FIRST Conference; participate in hands-on training; and meet with community mentors during the conference week
• Be supported to join the FIRST community as a full member team

The opportunity to join the FIRST Conference is at the core of the SY Fellowship Program. SY Fellowship support includes:

• Heavily discounted passes and travel support for two team members to attend the annual FIRST Conference, over the course of the program.
• Reduced FIRST membership costs over the fellowship period, provided they meet the minimum membership requirements.

How to Apply:

Each year FIRST selects one to two teams to join the SY Fellowship for the four year duration of the program. To be considered for the Fellowship, teams must formally apply and will be selected based on their maturity and ability to grow into a successful incident response team, able to participate in the FIRST programs and community.

Deadlines:

• FIRST will accept applications to the Fellowship Program year round. The earlier you submit, the more opportunity you will have for feedback and to make updates if requested
  • Applications due by: October 15, 2025
  • Decision/Notification to be sent out by: December 15, 2025

Eligibility:

• Applicant teams must have national coordination responsibility including national teams and teams with national-level sector responsibility, including all-of-government, private networks, educational networks, or a combination of these areas.
• Applicant teams cannot be a current member of FIRST at the time of application and cannot have participated in the SY fellowship in the past.

How to Apply:

• Teams can apply for the program using the FIRST Fellowship Application Form
  • Please note: You will first be asked to register with the FIRST Portal prior to completing the application form. If you need assistance with the FIRST Portal, kindly contact FIRST Support.

If you have questions about the fellowship program, please contact fellowship@first.org.

Current SY Fellowship Teams

• MOreNET (Mozambique) – since 2020
• MKD-CIRT (Republic of North Macedonia) – since 2020
• CERT VU (Vanuatu) – since 2020
• CIRT CM (Cameroon) – since 2020
• AKCESK (Albania) – since 2020
• MwCERT (Malawi) – since 2021
• gmCSIRT (Gambia) – since 2022
• CERT PH (Philippines) – since 2022
• CIRT BS (Bahamas) – since 2023
• nCSIRT.MZ (Mozambique) – since 2023
• TT-CSIRT (Trinidad and Tobago) – since 2024
• RIM-CERT (Mauritania) – since 2025
• Nam-CSIRT (Namibia) – since 2025

SY Fellowship Alumni

• bdCERT (Bangladesh) – 2014 to 2016
• PacCERT (Pacific) – 2014 to 2015
• MonCERT (Mongolia) – 2015 to 2019
• TZ-CERT (Tanzania) – 2015 to 2019
• UG-CERT (Uganda) – 2015 to 2019
• CIRT-GY (Guyana) – 2015 to 2019
• CERT GH (Ghana) – 2016 to 2022
• BD e-GovCERT (Bangladesh) – 2016 to 2022
• CERT CI (Côte d’Ivoire) – 2016 to 2022
• mmCERT (Myanmar) – 2016 to 2022
• VNCERT (Vietnam) – 2017 to 2023
• CSIRT Panama (Panama) – 2017 to 2023
• CSIRT CEDIA (Ecuador) – 2017 to 2023
• CERT Moldova (Moldova) – 2017 to 2023
• CGII Bolivia (Bolivia) – 2020 to 2023
• CERT Tonga (Tonga) – 2018 to 2024
• SANREN (South Africa) – 2019 to 2025
• SRB-CERT (Serbia) – 2019 to 2025
• bjCSIRT (Benin) – 2019 to 2025
• ANSSI (Burkina Faso) – 2019 to 2025
• UzCERT (Uzbekistan) – 2019 to 2025

• Initiatives
  • Special Interest Groups (SIGs)
    • SIGs Framework
    • Academic Security SIG
    • AI Security SIG
    • Automation SIG
    • Cybersecurity Communications SIG
    • Common Vulnerability Scoring System (CVSS-SIG)
      • Calculator
      • Specification Document
      • User Guide
      • Examples
      • Frequently Asked Questions
      • CVSS v4.0 Documentation & Resources
        • CVSS v4.0 Calculator
        • CVSS v4.0 Specification Document
        • CVSS v4.0 User Guide
        • CVSS v4.0 Examples
        • CVSS v4.0 FAQ
      • CVSS v3.1 Archive
        • CVSS v3.1 Calculator
        • CVSS v3.1 Specification Document
        • CVSS v3.1 User Guide
        • CVSS v3.1 Examples
        • CVSS v3.1 Calculator Use & Design
      • CVSS v3.0 Archive
        • CVSS v3.0 Calculator
        • CVSS v3.0 Specification Document
        • CVSS v3.0 User Guide
        • CVSS v3.0 Examples
        • CVSS v3.0 Calculator Use & Design
      • CVSS v2 Archive
        • CVSS v2 Complete Documentation
        • CVSS v2 History
        • CVSS-SIG team
        • SIG Meetings
        • Frequently Asked Questions
        • CVSS Adopters
        • CVSS Links
      • CVSS v1 Archive
        • Introduction to CVSS
        • Frequently Asked Questions
        • Complete CVSS v1 Guide
      • JSON & XML Data Representations
      • CVSS On-Line Training Course
      • Identity & logo usage
    • CSIRT Framework Development SIG
    • Cyber Insurance SIG
      • Cyber Insurance SIG Webinars
    • Cyber Threat Intelligence SIG
      • Curriculum
        • Introduction
        • Introduction to CTI as a General topic
        • Methods and Methodology
        • Priority Intelligence Requirement (PIR)
        • Source Evaluation and Information Reliability
        • Machine and Human Analysis Techniques (and Intelligence Cycle)
        • Threat Modelling
        • Training
        • Standards
        • Glossary
        • Communicating Uncertainties in CTI Reporting
      • Webinars and Online Training
      • Building a CTI program and team
        • Program maturity stages
          • CTI Maturity model - Stage 1
          • CTI Maturity model - Stage 2
          • CTI Maturity model - Stage 3
        • Program Starter Kit
        • Resources and supporting materials
    • Detection Engineering & Threat Hunting SIG
    • Digital Safety SIG
    • DNS Abuse SIG
      • Stakeholder Advice
        • Detection
          • Cache Poisoning
          • Creation of Malicious Subdomains Under Dynamic DNS Providers
          • DGA Domains
          • DNS As a Vector for DoS
          • DNS Beacons - C2 Communication
          • DNS Rebinding
          • DNS Server Compromise
          • DNS Tunneling
          • DoS Against the DNS
          • Domain Name Compromise
          • Dynamic DNS (as obfuscation technique)
          • Fast Flux (as obfuscation technique)
          • Infiltration and exfiltration via the DNS
          • Lame Delegations
          • Local Resolver Hijacking
          • Malicious registration of (effective) second level domains
          • On-path DNS Attack
          • Stub Resolver Hijacking
      • Code of Conduct & Other Policies
      • Examples of DNS Abuse
    • Ethics SIG
      • Ethics for Incident Response Teams
    • Exploit Prediction Scoring System (EPSS)
      • The EPSS Model
      • Data and Statistics
      • User Guide
      • EPSS Research and Presentations
      • Frequently Asked Questions
      • Who is using EPSS?
      • Open-source EPSS Tools
      • API
      • Related Exploit Research
      • Blog
        • Understanding EPSS Probabilities and Percentiles
        • Log4Shell Use Case
        • Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities
      • Data Partners
    • FIRST Multi-Stakeholder Ransomware SIG
    • Human Factors in Security SIG
    • Industrial Control Systems SIG (ICS-SIG)
    • Information Exchange Policy SIG (IEP-SIG)
    • Information Sharing SIG
      • Malware Information Sharing Platform
    • Law Enforcement SIG
    • Malware Analysis SIG
      • Malware Analysis Framework
      • Malware Analysis Tools
    • Metrics SIG
      • Metrics SIG Webinars
    • NETSEC SIG
    • Public Policy SIG
    • PSIRT SIG
    • Red Team SIG
    • Security Lounge SIG
    • Security Operations Center SIG
    • Threat Intel Coalition SIG
      • Membership Requirements and Veto Rules
    • Traffic Light Protocol (TLP-SIG)
    • Transportation and Mobility SIG
    • Vulnerability Coordination
      • Multi-Party Vulnerability Coordination and Disclosure
      • Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure
    • Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)
      • Vulnerability Database Catalog
    • Women of FIRST
  • CCB Initiatives
  • FIRST CORE
    • Sponsorship Opportunities
  • Internet Governance
  • IR Database
  • Fellowship Program
    • Application Form
  • Mentorship Program
  • IR Hall of Fame
    • Hall of Fame Inductees
  • Victim Notification
  • Volunteers at FIRST
    • FIRST Volunteers
  • Previous Activities
    • Best Practices Contest