- Categories:
- Financial Services
- Governance
- Healthcare
- Incident Response
- Industrial Control Systems
- LEO In The News
- NASA Framework
- News
- Software Security
- Training
- vCISO
- Webinar
Show all
-
Security Practices for IEC 61131-3 PLC Programming Languages Part 1: SFC
By Isiah Jones, Director & Principal ICS Cyber Security Engineering & Brian Foster, Senior ICS Cyber Security Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary … Continue reading Security Practices for IEC 61131-3 PLC Programming Languages Part 1: SFC READ MORE >
-
Alabama Requires Entities to Safeguard Sensitive Information
By Seth Jaffe. Alabama recently became the 50th state to pass a data breach notification law, but in doing so, the state upped the ante by including security obligations generally found in industry-specific cyber security laws. I’ve written about the Eight Principles of Cyber Security Laws in a prior blog post. Alabama adopted seven of … Continue reading Alabama Requires Entities to Safeguard Sensitive Information READ MORE >
-
Upcoming LEO Red Team/Blue Team Training in Houston
Join LEO Cyber Security on Wednesday, July 11, 2018 from 8:00 AM to 6:00 PM (CDT) for our highly interactive Red Team/Blue Team Training in Houston, TX, taught by “Hacking Exposed: ICS” author, Clint Bodungen. What is Red Team/Blue Team Training? Security aware and knowledgeable users serve as the “front line” of your overall security … Continue reading Upcoming LEO Red Team/Blue Team Training in Houston READ MORE >
-
The 8 Principles of Cyber Security Laws
By Seth Jaffe. The United States has yet to promulgate a comprehensive federal cyber security law aimed at improving the cyber hygiene of companies serving its citizens. But a collation of industry-specific laws (both federal and state), proposed bills, guidance documents, and cyber strategies yields a fair indication of where our nation is headed. This … Continue reading The 8 Principles of Cyber Security Laws READ MORE >
-
Top 10 Universal Best Practices for Critical Infrastructure Security & Resilience
By Isiah Jones, Director & Principal – ICS Cyber Security Engineering While attending the EnergySec Electric Distribution Security Forum March 22 – 23, 2018 in Washington, DC, the topic of best practices came up between trade organizations and state utility commission speakers and attendees. I informed them that in security “best practices” are already defined … Continue reading Top 10 Universal Best Practices for Critical Infrastructure Security & Resilience READ MORE >
-
Upcoming Webinar: Enabling IaaS in your Enterprise
By Andrew Hay, Co-Founder and CTO, LEO Cyber Security This Thursday, May 24, 2018 at 13:00 EDT, 10:00 PDT I will be presenting on an Infosecurity webinar entitled Enabling IaaS in your Enterprise, and Security and Visibility in Azure and AWS. Moderated by Dan Raywood, Contributing Editor, Infosecurity Magazine, the webinar will look at this extension of Shadow … Continue reading Upcoming Webinar: Enabling IaaS in your Enterprise READ MORE >
-
Radical Idea in ICS Cybersecurity?
Idaho National Laboratory recently published an article, Internet Insecurity, by Andy Bochman. Many of the ideas in this article are shared by other thought leaders in the industry. The main theme from the article is that due to the inherent flawed design of the Internet, there will be a resulting lack of assurance for industrial control … Continue reading Radical Idea in ICS Cybersecurity? READ MORE >
-
Lowering Risk By Putting Response Before Incident
Justin Silbert As individuals, some people are good at improvisation, that is, dealing with things as they come and creating the best outcome for it. But, organizations in the midst of an incident are notoriously terrible at improvising. There is no better example than Equifax, whose initial response was fraught with missteps. First, it downplayed … Continue reading Lowering Risk By Putting Response Before Incident READ MORE >
-
When It Comes to Cyber Security, Lack of Vendor Oversight Can Lead to Legal Trouble
By Seth Jaffe. Third-party cyber security programs got a shot in the arm this week in the form of two legal actions. The first, well summarized by Sue Ross over at Norton Rose Fulbright, is a proposed consent agreement by the Federal Trade Commission against mobile phone manufacturer BLU Products, Inc., alleging that BLU’s failure … Continue reading When It Comes to Cyber Security, Lack of Vendor Oversight Can Lead to Legal Trouble READ MORE >
-
Just How Prolific is Ransomware?
Our friends over at Bromium recently published a study entitled “into the web of profit” that focussed on revenue flow and profit distribution as it pertains to ransomware. The annual revenue from the ransomware supply chain – $1.5 trillion (no, this isn’t a typo). The amount of money involved is staggering when you consider that … Continue reading Just How Prolific is Ransomware? READ MORE >
read moreLEO Cyber Security provides the content on this blog as commentary on current issues. Your review of this content does not establish an attorney-client relationship, nor should the content be considered legal advice, which depends on the facts of each situation. LEO makes NO WARRANTIES OR REPRESENTATIONS OF ANY SORT with respect to the content of the blog, including any warranties or representations as to the accuracy or completeness of any of the information, facts, or opinions contained herein.
