LEO

A Cyber Security Concern

SWIFT Security Controls Framework Goes into Effect

SWIFT Security Controls Framework Goes into Effect 1920 720 SethJaffe
By Seth Jaffe. For banks and financial institutions using the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) network, the new year brought a requirement to self-attest compliance against new mandatory and, optionally, advisory controls promulgated by SWIFT through its Customer Security Controls Framework. Security professionals will recognize these controls as generally standard in the industry, [...]read more

Why Your Incident Response Plan Needs Procedures

Why Your Incident Response Plan Needs Procedures 1200 450 SethJaffe
By Seth Jaffe. When I’m boarding an aircraft, I always glance in the cockpit to see the dials, switches, and flight crew. The captain and first officer do not have time to say hello, however, because they are running through their pre-flight checklists. It is something they do up to five times per day for [...]read more

Dev Overflow – Part 2

Dev Overflow – Part 2 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 1 Like all areas of security, software security is a state of mind and a way of thinking. It should not be a goal to be achieved or a checkbox to be checked. Developers must weave it into their software from [...]read more

Risk Assessments Should Build Credibility, Not Destroy It

Risk Assessments Should Build Credibility, Not Destroy It 640 240 JustinSilbert
By: Justin Silbert There are many different types of risk assessments. Some organizations adhere to an industry standard such as Risk Management Framework (RMF), COBIT, or ISO. Other organizations perform a penetration test, fix their holes (or not), and then assume they are secure. Few assessments, however, achieve the stated purpose, to convey risk information [...]read more

Dev Overflow – Part 1

Dev Overflow – Part 1 640 426 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Typical computer science graduates (our software engineers of tomorrow) may be fair logicians and problem solvers; alas, they have at best very little knowledge of software security. Unsafe computer instruction blunders are seen left and right unfortunately. Today's machines are as powerful as they are dumb. [...]read more

Benefit of Cross-Training Incident Response Team Members

Benefit of Cross-Training Incident Response Team Members 852 319 SethJaffe
By Seth Jaffe. WARNING – Fire onboard the Space Shuttle. That’s the scenario that former Mission Operations Director Paul Hill leads off with in describing a great exchange between NASA flight controllers that demonstrates the importance of effective cross-training.[1] Paul is filling the role of Flight Director during a Shuttle simulation (during training simulations, NASA [...]read more

NASA’s Flight Director – Why Your Incident Response Team Should Have One

NASA’s Flight Director – Why Your Incident Response Team Should Have One 640 240 SethJaffe
  By Seth Jaffe. CNN’s Danielle Wiener-Bronner penned an article recently chronicling Equifax’s data breach missteps. One statement in particular caught my attention as being sage wisdom, and worth fleshing out: “Too many decision makers yield a slow response, which results in negative attention.” The importance of an empowered incident response director cannot be understated. Consistent with our theme on incident [...]read more

The Importance of an Executable Incident Response Plan, and How NASA Can Help

The Importance of an Executable Incident Response Plan, and How NASA Can Help 2560 1700 SethJaffe
By Seth Jaffe. Brian Harrell had a good piece this week on improving cybersecurity governance in the boardroom, a topic that we routinely blog about in our Cyber Governance Corner Series. So why am I mentioning a governance article in the Incident Response Series? Because Brian opines, in his article, that “[c]ompliance is a regulatory minimum that one must [...]read more

The Evolutional Leap from a Basic Incident Response Plan to an Executable Incident Response Program

The Evolutional Leap from a Basic Incident Response Plan to an Executable Incident Response Program 1280 512 SethJaffe
By Seth Jaffe. In the wake of the Equifax data breach, the time is right to revisit incident response. Dozens of authorities recommend incident response plans (you may have seen lists on my twitter feed or LinkedIn posts), but what does it really mean to have an incident response plan? Is it simply to check [...]read more

Board of Director’s Obligations to Understand Cyber Risk

Board of Director’s Obligations to Understand Cyber Risk 1024 683 SethJaffe
By Seth Jaffe for the Cyber Governance Corner. It is no secret that, as an industry, information security suffers from a worker shortage. The Center for Cyber Safety and Education’s 2017 Global Information Security Workforce Study concluded that the most common reason is a lack of qualified personnel. But the next most common reason is [...]read more

Emergency Response after Harvey

Emergency Response after Harvey 640 240 SethJaffe
By Seth Jaffe. In the wake of Harvey here in Houston, I took a few minutes to pull up FEMA’s Emergency Management Guide to see how it compares with #incidentresponse.  Originally penned in 1993, the Guide offers a number of lessons for the average cyber incident response plan. For example, it begins with review of [...]read more

Hiring the Wrong Leader Could Sabotage your Cybersecurity Program

Hiring the Wrong Leader Could Sabotage your Cybersecurity Program 640 240 JustinSilbert
By Justin Silbert. Hiring for cybersecurity positions may seem the same as any other profession. Create job description, solicit resumes, interview, and hire the best candidate. But too often, the wrong person is placed into a critical leadership position of securing the organization. The most critical problem is the inability of managers to assess cybersecurity [...]read more