LEO

A Cyber-as-a-Service Firm
  • Thomas Moore

“Shaking the Pillars of Government and Commerce: State-Sponsored Adversaries Target Public and Private Organizations in the US”
“Shaking the Pillars of Government and Commerce: State-Sponsored Adversaries Target Public and Private Organizations in the US” 2200 1464 Thomas Moore

By Thomas Moore  According to experts, cyber-attacks involving nation-states continue to increase.  In a previous blog post, the LEO team pointed out that the global pandemic has distracted attention and…

read more
  • Thomas Moore

“The China Syndrome: State-Sponsored Cyber Attacks are Alive and Well in the Midst of Global Upheaval”
“The China Syndrome: State-Sponsored Cyber Attacks are Alive and Well in the Midst of Global Upheaval” 2560 1760 Thomas Moore

By Thomas Moore  With the latest escalation of an already tenuous relationship, a few days ago, the United States government filed charges as part of an ongoing effort to stifle…

read more
  • Thomas Moore

 “Easy Button Series (Part Two) – The Anatomy of Cyber-as-a Service: Analyzing Security Posture”
 “Easy Button Series (Part Two) – The Anatomy of Cyber-as-a Service: Analyzing Security Posture” 2560 1707 Thomas Moore

by Thomas Moore  In our last post, we broke down how Cyber-as-a-Service (CaaS) provides an “easy button” to jump-start a cybersecurity program.  We established that leadership is the primary component…

read more
  • Thomas Moore

“Easy Button Series (Part One) – Cyber as a Service”
“Easy Button Series (Part One) – Cyber as a Service” 2560 1704 Thomas Moore

by David Deering and Thomas Moore While COVID-19 is dominating headlines for obvious reasons, there are implications for business operations exacerbated by the outbreak.  With a large number of employees…

read more
  • Thomas Moore

Grid Modernization – Protecting the Nation’s Electric Grid and Our Way of Life
Grid Modernization – Protecting the Nation’s Electric Grid and Our Way of Life 590 236 Thomas Moore

By Brian Foster The US Senate recently passed SEIA, Securing Energy Infrastructure Act, (it was wrapped into the 2019 Intelligence Authorization Act) which hopes to protect the Nation’s Electric Grid.…

read more
  • SethJaffe

Texas Narrows the Data Breach Notification Timeline
Texas Narrows the Data Breach Notification Timeline 1280 853 SethJaffe

By Seth Jaffe Last month, the Texas Legislature enacted H.B. 4390, which modified the Texas data breach notification law, narrowing the notification from “as quickly as possible,” to “without unreasonable…

read more
  • SethJaffe

Canada’s Breach Notification Regulation Goes into Effect Today
Canada’s Breach Notification Regulation Goes into Effect Today 848 476 SethJaffe
Back in April, Canada adopted additional regulations related to its cyber security law, the Personal Information Protection and Electronic Documents Act (“PIPEDA”). The new regulations dictate requirements for reporting a data breach and they go into effect November 1, 2018. Specifically, a report to Canada’s Office of the Privacy Commissioner must contain: a description of [...]read more
  • SethJaffe

Speed Warp – The Data Breach Notification Hustle
Speed Warp – The Data Breach Notification Hustle 1920 1080 SethJaffe
By Seth Jaffe. Companies are starting to feel the squeeze of compressed data breach notification time frames. Facebook is a prime example. Going by the wayside are the loose timelines for notifying agencies or data subjects, only to be replaced by concrete notification windows. At present, just under 20 states have injected specific time frame [...]read more
  • SethJaffe

Is Your Cybersecurity Program Protecting Against Hardware Threats?
Is Your Cybersecurity Program Protecting Against Hardware Threats? 1224 816 SethJaffe
By Seth Jaffe. Last week, Bloomberg exposed a hardware backdoor surreptitiously placed on circuit boards by operatives from a unit of the China People’s Liberation Army. This tactic is not new. Indeed, the article claimed that U.S. officials had caught China attempting this in the past. Edward Snowden, back in 2014, famously accused the NSA [...]read more
  • IsiahJones

Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST
Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST 1024 576 IsiahJones
By Isiah Jones VP, Global ICS Security Service Delivery & Brian Foster Sr ICS Cybersecurity Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages [...]read more
  • BrianFoster

Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL
Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL 752 435 BrianFoster
By Isiah Jones & Brian Foster Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages specific to programmable logic controllers (PLCs) that are defined in [...]read more
  • ClintBodungen

And The ICS Cybersecurity Debate Continues On…
And The ICS Cybersecurity Debate Continues On… 1791 1007 ClintBodungen
Recently I ran across a post on Linkedin in response to DHS statements and media reports pertaining to Russian hacking against the U.S. power grid. A central theme of the post cautions readers to guard against “deliberate or recklessly misleading” and “exaggerated” statements. One of the post’s claims generated significant concern, “I see no possibility [...]read more
Enter your
text here