Cooking the Cuckoo's Egg

In February I spoke at the DoJ Cybersecurity Conference. My abstract for the talk was the following:

In 1989 Berkeley astronomer Cliff Stoll wrote the most important book in the history of computer incident response, The Cuckoo's Egg. Twenty years after first reading the book, Richard Bejtlich, [then] Director of Incident Response for General Electric, re-read The Cuckoo's Egg in search of lessons for his Computer Incident Response Team (GE-CIRT). In the first ten pages, Bejtlich identified seven lessons for his team, and in the next twenty pages, ten more lessons. By the time he finished re-reading the book, Bejtlich identified dozens of lessons that are key to the incident response process, whether it's 1990, 2000, 2010, or beyond. In this presentation, Bejtlich will share the keys to professional incident response, originally documented by an unintentional computer pioneer.

Since several of you asked for the slides, I uploaded them here (.pdf, 60 slides). I don't usually use slides like this, but I told a story using screen captures from the really old NOVA episode about Cliff Stoll.

Comments

Bryan said…
Thanks for sharing. It is always nice to be reminded of history. I remember when this first broke, not many paid attention. It is a great case and relavent today.
Anonymous said…
This book is what got me interested in security as a kid. I've read it at least 6 times. Highly recommend!
Also met him in person - cool guy!!
Anonymous said…
An excellent book, and an excellent summary of the story. I too have read the book multiple times, each time astonished to see how little has changed with respect to users, management, and government.
Steven Andres said…
Cuckoo's Egg is the first book I have my students read in the Cybersecurity course for a Masters of Science in Homeland Security at SDSU. Throughout the semester, it's amazing how many times I have gone back and referenced sections of the Cliff Stoll book. Students are amazed that something that happened decades ago is completely relevant today.
Tyler said…
Funny, thats the NOVA episode that started my interest in info sec. Very cool presentation.
Unknown said…
Is it just me or does Cliff look exactly like Fred Mastripo? Weird.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics