TelcoNews Asia - Telecommunications news for ICT decision-makers
Asia

Guides

#
5g & beyond
#
internet of things
#
software-defined networking
#
space technologies
#
unified communications

Search

Global cybersecurity network taiwan shielded datacenter response
#
Firewalls
#
DevOps
#
Network Security

Zyxel joins FIRST, boosting global product security role

Fri, 19th Dec 2025
Author image
By Catherine Knowles, News Editor

Zyxel Group has secured full membership in the Forum of Incident Response and Security Teams (FIRST), becoming the first Taiwan-based networking provider whose Product Security Incident Response Team (PSIRT) has joined the global incident response body.

The move places Zyxel inside a closed information-sharing network that links 830 member teams in 113 countries. Members include government agencies, telecommunications operators, technology firms and research institutions.

FIRST is widely described as an international coordination hub for cyber incident response. Its members exchange information on emerging threats and vulnerabilities and coordinate responses to major security events.

Zyxel said its PSIRT will now participate in structured sharing of threat intelligence and vulnerability data with other members. The company will also draw on joint analysis and practical guidance during significant cyber incidents.

The group expects this arrangement to shorten its response times in security crises. It also expects more systematic access to global detection and mitigation practices.

"Being the first PSIRT of a Taiwan networking provider to be recognized by FIRST is a significant milestone in our long-term commitment to product security," said Edward Yu, Chief Information Security Officer of Zyxel. "This recognition signifies that Zyxel is not only continuously strengthening its product security resilience but also actively collaborating with the international security community to jointly elevate global defense capabilities."

Taiwan first

Zyxel's admission highlights the growing role of Taiwan's networking sector in global technology supply chains. The company said recognition of its PSIRT inside FIRST signals rising expectations on vendors that sit deep in the infrastructure layer.

The membership gives Zyxel direct access to shared threat data that member teams circulate in near real time. The firm said this data flow will inform its own analysis of attack patterns and emerging vulnerabilities across routers, switches and other network equipment.

The company also expects the membership to support security assurance discussions with operators, corporate buyers and channel partners. These stakeholders increasingly ask vendors to demonstrate alignment with global incident response norms.

Security lifecycle

Zyxel described its PSIRT as the central unit for product vulnerability handling across the group. The team tracks, verifies and documents security issues in shipped products. It coordinates publishing of advisories and patches.

The PSIRT works with Zyxel's internal Computer Security Incident Response Team (CSIRT). It also works with Black Cat Information, a Zyxel subsidiary that runs a security laboratory accredited under the TAF 17025 standard.

According to the company, this structure creates a defined workflow for product security. The workflow covers early detection of flaws, notification to customers and partners, development of fixes, and technical verification of remediated products.

Zyxel said it has expanded its collaboration with external security researchers in recent years. It engages with independent experts who scan for weaknesses in networking hardware and software.

The firm also runs a Vulnerability Disclosure Programme. This provides a formal channel where researchers can report newly discovered issues in Zyxel products.

In addition, Zyxel holds CVE numbering authorisation. This allows the company to assign standardised Common Vulnerabilities and Exposures identifiers to issues in its products and contributes to transparent tracking of known flaws across the wider industry.

Supply chain trust

Vendors based in Taiwan occupy a central position in the manufacturing and design of networking equipment used worldwide. Security issues in these products can ripple across telecoms carriers, enterprises and public sector networks.

Zyxel said expectations on product security have shifted. It described security not only as a subject of regulatory compliance but also as a factor in brand trust and competitive positioning in bids.

Joining FIRST gives the company a view of changes in global attack techniques and defensive tools. It also connects Zyxel with response teams at major customers and partners through a common coordination framework.

The firm said this connection supports more structured information exchange along the supply chain. It expects that shared processes around disclosure and incident handling will underpin a stronger security baseline for interconnected networks.

Zyxel plans to continue work on its internal security processes alongside the FIRST membership. The company said it will expand engagement with international researchers and organisations that focus on vulnerability research and coordinated disclosure.

The group expects its role inside FIRST to evolve as it participates in joint activities and working groups over time.

Related stories
Submer buys Radian Arc to build sovereign telco AI cloud
Calero unveils AI assistant for telecom invoice insight
Submer buys Radian Arc to build sovereign telco AI edge
Myriota debuts AssetHawk satellite tracker for remote assets
Telehouse Europe appoints Chris Lamb as Enterprise Director

Top stories

Netmore unveils Pulse partner push for global IoT scale
Viasat survey shows surge in industrial D2D IoT demand
StarHub taps Totogi AI to boost enterprise sales deals
Ericsson unveils 5G router to power connected fleets
Most homes never change router passwords, guide warns