The Cybersecurity Canon: The Florentine Deception

Jul 22, 2015
8 minutes
... views

cybersec canon red

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite

The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!

Book Review by Canon Committee Member, Jon Oltsik: The Florentine Deception (2015) by Carey Nachenberg

Executive Summary

The Florentine Deception by Carey Nachenberg is a recently published novel grounded in cybersecurity.  The book begins when cybersecurity expert, Alex Fife, is asked to clean up an old PC his father purchased at an estate sale, only to discover a piece of rather sophisticated malware that captures the user’s keystrokes and sends them to an email server in Russia.  To Fife, this situation doesn’t compute; and after a bit of forensic analysis and some sleuthing about the PC’s previous owner, he determines that this system compromise is no accident.  In his investigation, Fife also discovers a mysterious detail he can’t quite figure out – something about an item known as Florentine.

The Florentine Deception is a picaresque novel in that it follows Fife’s investigation from beginning to end.  Through this journey, Alex gets increasingly engaged as his investigation evolves from the obsessive hobby of a rich, out-of-work technology executive to an international incident with potentially devastating national security implications.

While The Florentine Deception is most certainly a fun read, it also has educational value for cybersecurity professionals.  The author is an experience cybersecurity professional and Symantec Fellow who certainly has in-depth experience with cyberattacks, and this knowledge is clearly evident in his descriptions of social engineering techniques, threat actors, and malware.  Yet he is able to weave cybersecurity themes throughout the book without overwhelming less erudite readers with technical gobbledygook.  The story also includes a credible, albeit frightening cyberwar-like conclusion.  In this way, the book is enlightening and entertaining.

Cybersecurity professionals who enjoy reading books by authors like Dan Brown (Digital Fortress) and Mark Russinovitch (Trojan Horse, Zero Day) will find this book particularly worthwhile.


As I walked across the halls of Moscone North during this year’s RSA Security Conference, I saw a friend from Symantec coming toward me, accompanied by another person.  I stopped the pair in order to exchange pleasantries and discuss RSA happenings.  That’s when I was introduced to my friend’s colleague, Carey Nachenberg, who holds the distinguished position of Symantec Fellow.

I can’t remember the exact flow of the conversation, but somehow, Carey mentioned that he had just published his first novel, The Florentine Deception and told me that, if I liked reading cybersecurity-centric fiction, I would thoroughly enjoy his book.  Being an avid reader of all things InfoSec, I enthusiastically accepted this offer and responded that I would welcome the opportunity to peruse his first work.  Nachenberg then took my card and vowed to send me a copy soon after RSA.  About a week later, I received a FedEx package from Symantec, as promised, containing a paperback edition.  I proceeded to motor through the entire book a few weeks hence.

The Florentine Deception is a first-person narrative about a cybersecurity professional named Alex Fife, and the entire story takes place in the Greater Los Angeles area of Southern California.  While in college, Fife starts a cybersecurity company based upon a crowdsourcing model for anti-malware.  Eventually the company gains market success and is then sold to the 800-pound antivirus gorilla, ViruTrax, for nearly $300 million.

After remaining with ViruTrax for a year subsequent to the acquisition, Fife leaves the company a rich man, but quickly finds that he is bored by his new freedom.  He spends his free time partying with his techie friends and getting into serious rock climbing with another group, but something is missing in his life, and he longs for some type of new adventure.

Unbeknownst to Fife at the time, his life would take an unexpected turn, based upon a rather innocuous incident.  Fife’s father purchases an old PC at an estate sale, hoping to donate it to a church charity.  Alex receives a call from his dad, asking him if he will clean up the PC and bring it back to a state of usability – a mundane task for someone with his technical skills.  Fife proceeds with this PC-recovery routine only to discover a piece of unknown malware on the system – a keylogger linked to a Russian email address.

Now most PC technicians would simply re-image the system at this point, but as a cybersecurity nerd, Fife can’t help but follow up with additional malware research, and a forensic investigation, to get a better understanding as to why this malware had found its way to an ancient PC acquired at an estate sale.  He then proceeds with his forensic investigations and discovers the identity of the PC’s previous owner, a recently deceased antiquities dealer from nearby Malibu named Richard Lister, Fife’s combs the Internet to gather any intelligence he can about this person.  When he stumbles upon a Los Angeles Times article with the headline, “Malibu Man Acquitted of Antiquities Smuggling,” Fife’s instincts tell him that this malware is no coincidence and he quickly suspects something bigger involving cybercrime or some type of Russian state-sponsored espionage.  Through his investigation, he also learns of an item that seems to be at the center of the mystery, something with the name Florentine.

Alex is intrigued and becomes engrossed in discovering the identity, location, and personalities involved in this elusive Florentine, and thus, his exploration proceeds through a series of twists and turns that develop throughout the remainder of the book.

Fair warning to more impatient types: you may be unimpressed by the first few dozen pages of this book (as I admit I was) and wonder where all the cybersecurity intrigue is, but I assure you that it is worthwhile to keep reading.  Through the course of Fife’s picaresque journey, his role evolves from that of a bored and wealthy technologist acting as amateur detective to a cybersecurity expert, deeply involved a potential national security incident.  This evolutionary transition is what makes The Florentine Deception so entertaining.  Just when you think you understand what’s happening and where things are going, Nachenberg takes you in a completely different direction, ending with a truly credible (and frightening) cyberterrorism/cyberwarfare scenario that will have any InfoSec devotee reading as fast as they possibly can.

It’s also worthwhile to note that, in addition to its entertainment factor, The Florentine Deception has value as a vehicle for cybersecurity education, which is why I chose to review and expose it as part of the Cybersecurity Canon.  First, the story takes the reader through the intricacies of things like social engineering, phishing, cyber-attacker tactics, techniques, and procedures (TTPs), computer forensics and advanced malware.  Nachenberg does a great job of highlighting these cybersecurity topics without too much of a geeky description, helping to guide less technically savvy readers and keep them engaged.  In spite of this writing style, however, cybersecurity professionals will appreciate the tasks, details, and workflow undertaken by the protagonist.  This book is also built upon a foundation of international intrigue, realistic geopolitical relationships, and actual good guys and bad guys with distinct agendas from different countries, cultures, and belief systems.  This makes the notion of cyberterrorism and cyberwarfare a convincing, yet engaging component of the novel.


I absolutely recommend The Florentine Deception by Carey Nachenberg to those who enjoy reading books by authors like Dan Brown (Digital Fortress) and Mark Russinovitch (Trojan Horse, Zero Day).  In fact, Russinovitch’s books are good analogues to The Florentine Deception, so if you found them educational and entertaining (as I did), than this one is worth picking up.  It is also worth noting that the Foreword section of The Florentine Deception was written by Eugene H. Spafford (“Spaf”), a leading InfoSec expert and longtime faculty member at Purdue University.  If you know Spaf, you know that his contribution provides enormous cybersecurity “street cred,” making The Florentine Deception that much more enticing.

In closing, I mentioned previously that this book may be a bit slow at first, but readers will be rewarded for their patience and perseverance.  I truly believe that curious InfoSec professionals will find The Florentine Deception fun and informative, making it a logical addition to the Cybersecurity Canon.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.