LEO

A Cyber-as-a-Service Firm
  • Thomas Moore

 “The Anatomy of Cyber-as-a Service – Analyzing Security Posture”
 “The Anatomy of Cyber-as-a Service – Analyzing Security Posture” 2560 1707 Thomas Moore

by Thomas Moore  In our last post, we broke down how Cyber-as-a-Service (CaaS) provides an “easy button” to jump-start a cybersecurity program.  We established that leadership is the primary component…

read more
  • Thomas Moore

“An Easy Button for Cyber Security – Cyber as a Service”
“An Easy Button for Cyber Security – Cyber as a Service” 2560 1704 Thomas Moore

by David Deering and Thomas Moore While COVID-19 is dominating headlines for obvious reasons, there are implications for business operations exacerbated by the outbreak.  With a large number of employees…

read more
  • admin

Grid Modernization – Protecting the Nation’s Electric Grid and Our Way of Life
Grid Modernization – Protecting the Nation’s Electric Grid and Our Way of Life 590 236 admin

By Brian Foster The US Senate recently passed SEIA, Securing Energy Infrastructure Act, (it was wrapped into the 2019 Intelligence Authorization Act) which hopes to protect the Nation’s Electric Grid.…

read more
  • SethJaffe

Texas Narrows the Data Breach Notification Timeline
Texas Narrows the Data Breach Notification Timeline 1280 853 SethJaffe

By Seth Jaffe Last month, the Texas Legislature enacted H.B. 4390, which modified the Texas data breach notification law, narrowing the notification from “as quickly as possible,” to “without unreasonable…

read more
  • SethJaffe

Canada’s Breach Notification Regulation Goes into Effect Today
Canada’s Breach Notification Regulation Goes into Effect Today 848 476 SethJaffe
Back in April, Canada adopted additional regulations related to its cyber security law, the Personal Information Protection and Electronic Documents Act (“PIPEDA”). The new regulations dictate requirements for reporting a data breach and they go into effect November 1, 2018. Specifically, a report to Canada’s Office of the Privacy Commissioner must contain: a description of [...]read more
  • SethJaffe

Speed Warp – The Data Breach Notification Hustle
Speed Warp – The Data Breach Notification Hustle 1920 1080 SethJaffe
By Seth Jaffe. Companies are starting to feel the squeeze of compressed data breach notification time frames. Facebook is a prime example. Going by the wayside are the loose timelines for notifying agencies or data subjects, only to be replaced by concrete notification windows. At present, just under 20 states have injected specific time frame [...]read more
  • SethJaffe

Is Your Cybersecurity Program Protecting Against Hardware Threats?
Is Your Cybersecurity Program Protecting Against Hardware Threats? 1224 816 SethJaffe
By Seth Jaffe. Last week, Bloomberg exposed a hardware backdoor surreptitiously placed on circuit boards by operatives from a unit of the China People’s Liberation Army. This tactic is not new. Indeed, the article claimed that U.S. officials had caught China attempting this in the past. Edward Snowden, back in 2014, famously accused the NSA [...]read more
  • IsiahJones

Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST
Security Practices for IEC 61131-3 PLC Programming Languages Part 5: ST 1024 576 IsiahJones
By Isiah Jones VP, Global ICS Security Service Delivery & Brian Foster Sr ICS Cybersecurity Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages [...]read more
  • BrianFoster

Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL
Security Practices for IEC 61131-3 PLC Programming Languages Part 4: IL 752 435 BrianFoster
By Isiah Jones & Brian Foster Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages specific to programmable logic controllers (PLCs) that are defined in [...]read more
  • ClintBodungen

And The ICS Cybersecurity Debate Continues On…
And The ICS Cybersecurity Debate Continues On… 1791 1007 ClintBodungen
Recently I ran across a post on Linkedin in response to DHS statements and media reports pertaining to Russian hacking against the U.S. power grid. A central theme of the post cautions readers to guard against “deliberate or recklessly misleading” and “exaggerated” statements. One of the post’s claims generated significant concern, “I see no possibility [...]read more
  • IsiahJones

Security Practices for IEC 61131-3 PLC Programming Languages Part 3: FBD
Security Practices for IEC 61131-3 PLC Programming Languages Part 3: FBD 721 298 IsiahJones
By Isiah Jones VP, Global ICS Security Service Delivery & Brian Foster Sr ICS Cybersecurity Engineer Within the industrial control systems (ICS), automation, operational technology (OT), cyber-physical systems (CPS), industrial internet of things (IIoT) and instrumentation communities many of the devices with some form of computing and logical capabilities rely on 5 primary programming languages [...]read more
  • JustinSilbert

Business Email Compromise and the Importance of Being Earnest
Business Email Compromise and the Importance of Being Earnest 1400 893 JustinSilbert
By Justin Silbert. Business Email Compromise (BEC), along with all cyber crime, is continuing to thrive.  The FBI is now estimating that the cost of BEC has reached $12 billion since October 2013 and the losses continue to grow.  When talking about financial cyber crimes, BEC is one of the simplest and most effective scams. [...]read more
Enter your
text here