Incident response: a first principle idea.
Rick discusses incident response as a best practice for the network defender community, talks briefly about Zoom and how well their communications plan worked earlier this year when the network defender community called their web conferencing app out on several security issues, and how poorly OPM handled their incident response when the Chinese stole the PII of every person that worked in the U.S. government. Finally, he talks about the birth of incident response and the most influential cybersecurity book ever: “The Cuckoo’s Egg.”
Resources:
- “A Tour of the Worm,” by Donn Seeley, Department of Computer Science, University of Utah, February 1989.
- "Computer Security Incident Handling Guide: Special Publication 800-61 Revision 2,” by Paul Cichonski, Tom Millar, Tim Grance, and Karen Scarfone, NIST - National Institute of Standards and Technology, U.S. Department of Commerce, August 2012.
- “Framework for Improving Critical Infrastructure Cybersecurity,” National Institute of Standards and Technology, Version 1.1, 16 April 2018, Last visited 17 June 2020.
- “Robert Tappan Morris – The Morris Worm,”Hackers, Crackers And Thieves: An Index Of Cyber Good Guys, Bad Guys, And Some In-Between.
- “STALKING THE WILY HACKER,” by CLIFFORD STOLL, COMMUNICATION OF THE ACM, May 1988 vol. 31. No. 5.
- “The Cornell Commission: On Morris and the Worm,” Communications of the ACM, June 1989.
- “The Cuckoo's Egg,” Brian Lamb, Book Notes, C-SPAN, 3 December 1989.
- “The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage,” by Clifford Stoll, Gallery Books, 1989.
- “The Cybersecurity Canon: The Cuckoo’s Egg,” By Rick Howard, Cybersecurity Canon Project, 24 December 2013.
- “The KGB, the Computer and Me,” by Robin Bates, WGBH, 3 October 1990.
- “The Morris Worm: 30 Years Since First Major Attack on the Internet,” FBI, 2 November 2018.
- “The OPM Breach: Timeline of a Hack,” by David Bisson, Tripwire, 29 June 2015.
- “The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation,” Committee on Oversight and Government Reform U.S. House of Representatives 114th Congress, 7 September 2016.
- “USIS contracts for federal background security checks won’t be renewed,” By Christian Davenport, Washington Post, 9 September 2014.
- “USIS, security firm that backgrounded Snowden, also checked Navy Yard shooter,” By Michael Isikoff, NBCNews, 19 September 2013.