LEO

A Cyber Security Concern

Texas Narrows the Data Breach Notification Timeline

Texas Narrows the Data Breach Notification Timeline 1280 853 SethJaffe

By Seth Jaffe Last month, the Texas Legislature enacted H.B. 4390, which modified the Texas data breach notification law, narrowing the notification from “as quickly as possible,” to “without unreasonable…

read more

Canada’s Breach Notification Regulation Goes into Effect Today

Canada’s Breach Notification Regulation Goes into Effect Today 848 476 SethJaffe
Back in April, Canada adopted additional regulations related to its cyber security law, the Personal Information Protection and Electronic Documents Act (“PIPEDA”). The new regulations dictate requirements for reporting a data breach and they go into effect November 1, 2018. Specifically, a report to Canada’s Office of the Privacy Commissioner must contain: a description of [...]read more

Speed Warp – The Data Breach Notification Hustle

Speed Warp – The Data Breach Notification Hustle 1920 1080 SethJaffe
By Seth Jaffe. Companies are starting to feel the squeeze of compressed data breach notification time frames. Facebook is a prime example. Going by the wayside are the loose timelines for notifying agencies or data subjects, only to be replaced by concrete notification windows. At present, just under 20 states have injected specific time frame [...]read more

Is Your Cybersecurity Program Protecting Against Hardware Threats?

Is Your Cybersecurity Program Protecting Against Hardware Threats? 1224 816 SethJaffe
By Seth Jaffe. Last week, Bloomberg exposed a hardware backdoor surreptitiously placed on circuit boards by operatives from a unit of the China People’s Liberation Army. This tactic is not new. Indeed, the article claimed that U.S. officials had caught China attempting this in the past. Edward Snowden, back in 2014, famously accused the NSA [...]read more

Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST

Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST 1024 576 IsiahJones
By Isiah Jones VP, Global ICS Security Service Delivery & Brian Foster Sr ICS Cybersecurity Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages [...]read more

Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL

Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL 752 435 BrianFoster
By Isiah Jones & Brian Foster Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages specific to programmable logic controllers (PLCs) that are defined in [...]read more

And The ICS Cybersecurity Debate Continues On…

And The ICS Cybersecurity Debate Continues On… 1791 1007 ClintBodungen
Recently I ran across a post on Linkedin in response to DHS statements and media reports pertaining to Russian hacking against the U.S. power grid. A central theme of the post cautions readers to guard against “deliberate or recklessly misleading” and “exaggerated” statements. One of the post’s claims generated significant concern, “I see no possibility [...]read more

Security Practices for IEC 61131-3 PLC Programming Languages Part 3: FBD

Security Practices for IEC 61131-3 PLC Programming Languages Part 3: FBD 721 298 IsiahJones
By Isiah Jones VP, Global ICS Security Service Delivery & Brian Foster Sr ICS Cybersecurity Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages [...]read more

Business Email Compromise and the Importance of Being Earnest

Business Email Compromise and the Importance of Being Earnest 1400 893 JustinSilbert
By Justin Silbert. Business Email Compromise (BEC), along with all cyber crime, is continuing to thrive.  The FBI is now estimating that the cost of BEC has reached $12 billion since October 2013 and the losses continue to grow.  When talking about financial cyber crimes, BEC is one of the simplest and most effective scams. [...]read more

Cyber Security ROI: It may happen sooner than you think

Cyber Security ROI: It may happen sooner than you think 1280 724 SethJaffe
By Seth Jaffe. You’ve heard it before. Companies are slow to invest in cyber security because they see few returns.[1]  But that is likely to change, and it may occur sooner than we expected. Let’s first set the context. An executive recently made the comment to me that “cyber security is just another cost of [...]read more

Security Practices for IEC 61131-3 PLC Programming Languages Part 2: Ladder Logic

Security Practices for IEC 61131-3 PLC Programming Languages Part 2: Ladder Logic 900 550 BrianFoster
By Isiah Jones & Brian Foster Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages specific to programmable logic controllers (PLCs) that are defined in [...]read more

Security Practices for IEC 61131-3 PLC Programming Languages Part 1: SFC

Security Practices for IEC 61131-3 PLC Programming Languages Part 1: SFC 808 324 IsiahJones
By Isiah Jones, Director & Principal ICS Cyber Security Engineering & Brian Foster, Senior ICS Cyber Security Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary [...]read more