Credit Union Solutions

LEO is dedicated to helping clients build custom, effective and cost-efficient cyber security programs. Just as each person is unique, so is each organization, which means that the challenges and priorities vary. From compliance to threat hunting and all steps in between, our work starts at the point of greatest impact.

Governance, Risk & Compliance (GRC)

NCUA Rules and Regulations, Part 748 define specific requirements that are challenging to implement and maintain. LEO professionals have extensive experience in testing and measuring GRC, ensuring that credit unions are protected from legal liability.

Compliance Audits
Strategic Risk Assessments
Business Impact Analysis

Chief Information Security Officer (CISO) Services

Operational Cyber Security and CISO On-Demand
Strategic Planning and Secure Architecture
Report to the Board of Directors
Security Metrics

LEO provides seasoned, world-class, cyber security consultants, engineers and
practitioners to assist credit unions in some or all aspects of their Cyber Security programs, at a fraction of the cost.

Security Monitoring & Threat Hunting

LEO’s Security Monitoring platform incorporates comprehensive visibility through analyzing network traffic as well as endpoint activity, painting a contextualized picture of the network. Our analysts take a proactive approach, hunting for attackers before they can inflict damage.

Detect, Contain, and Eradicate Adversaries Targeting Your Organization
Network and Host Forensics
Insider Threat Detection

Incident Response & Crisis Management

Simulations - From Tabletops to Full Scale Exercises
Incident Response Plans and Procedures
Threat Assessment with Predetermined Decision Matrix

While it may not seem obvious, incident response is a function of many domains including legal, business, public affairs, security, and IT. Anticipation and preparation is critical to ensuring responsibilities are understood and coordinated effort is implemented. LEO borrows the methods employed by NASA to ensure the quickest and most effective incident response.

Penetration Testing

LEO works to design custom pen tests, discerning all of the variables that will positively or negatively influence the results. Just as important, we assist the CU in applying the results to permanently lower risk, not just patch holes.

Network, Application, Physical Penetration Tests
Audit Finding Validation and Quantification
Various Models for Blue Team Interaction

Security Education & Training

Leadership Briefs
Role Specific Training
Organizational Security IQ

Strengthen security education and training for your whole organization to make it harder for attackers to infiltrate your CU. They will move onto easier targets.

Third Party Risk

In many cases, adversaries target our supply chain to reach us. LEO has a process for managing third-party partners that will mitigate the risks associated with provisioning them access to your data networks. LEO focuses specifically on operational security and contractual components to these engagements, ensuring legally enforceable requirements, as well as, sound security practices to protect you from risky partners.

Compromise Assessment

LEO’s Compromise Assessment is designed to identify signs of active, dormant, or past security breach. We gather telemetry from our proprietary security platform and apply advanced threat hunting analytics to investigate for signs of attacker recon, unauthorized network access, pivot signaling, and identification of persistence mechanisms used by attackers to remain hidden within a target network.

No technology solution is enough to stop the threat. You need the right people and process.

Credit Union Cyber Security Experts

Andrew Hay
LEOs are legends. They accumulate years of experience filled with noteworthy ideas. Take Andrew Hay for example, with 20 years in the field he held important roles in a number of internationally recognized companies - including having worked in the information security office (ISO) of Capital G Bank, Ltd. (now Clarien Bank Bermuda) in Hamilton, Bermuda. He is a Co-Founder of LEO and currently serves as the Chief Technology Officer (CTO). The sparks trailblazers leave grab the attention of major media stories and Andrew has been the lead of most. Featured in periodicals like Forbes, Bloomberg, USA Today and several others.
Charles Roberts
Regional Vice President
Charles "Charlie" Roberts is a seasoned senior executive with broad experience in all aspects of Operations, Management, Business Development, Insurance, and Marketing with over 30 years of experience in the credit union industry. Prior to joining LEO, he held various roles at American Share Insurance, Open Lending, Auto Financial Group, Austin Telco FCU, The Texas Credit Union League, Members Insurance and CUNA Mutual Insurance Group. Charlie also served as the CEO of Credit Union Loanstar Resources, providing creative lending solutions to Credit Unions that helped them expand their auto lending landscape.

Charlie understands the uniqueness of credit unions and how important it is to protect their member's assets, from compliance to threat hunting and all points in between. With the help of LEO’s World Class Cybersecurity Engineers and Practitioners, Charlie plans to help credit unions across the country build, strengthen and manage their cybersecurity operations.
Heath Renfrow
Mr. Heath Renfrow has served the Chief Information Security Officer for multiple global organizations, and most recently as the CISO for United States Army Medicine, where he was awarded the 2017 Global CISO of the year by EC-COUNCIL, the largest cyber training body in the world. Mr. Renfrow has 19 years of global cyber security professional experience, and is considered one of the leading cyber experts in the world. He holds Bachelors in Science in Information Technology and a Master’s of Science in Cyber Studies. He also serves on the following boards: National Cyberwatch Center Foundation, Association for Executives in Healthcare Information Security, University of Indiana Cyber Advisory Council, and Cyber Patriot Program Advisory Council.
Rod Holmes
Rod Holmes has worked in some form of cybersecurity for nearly 30 years and has a healthy passion for protecting information. Beginning his career at Johnson Space Center, Rod rose through the ranks to become a leading security leader at Marathon Oil. Rod has designed and managed corporate information security programs, including multiple initiatives to integrate operational technology security in the industrial control systems (ICS) world with corporate IT security. Rod is a Certified Information Systems Security Professional (CISSP) and has advanced degrees from Texas A&M University.
David Tompkins
David is our mountaineer and growth-master. He’s been to the summit and back multiple times holding leadership and founding roles in some of the industry’s most respected cyber advisory and technology providers. His last trek was with FireEye-Mandiant as an original member of the founding team resulting in one of the biggest IPOs in InfoSec history. Following the acquisition of Mandiant, David jumped in to the real fight going behind enemy lines helping companies and governments battle through some of the greatest breaches in history.


  • Please complete the following form and one of our team members will get back to you as soon as possible.


LEO is a seasoned team of cyber trailblazers and creative practitioners who have the deep experience and operational knowledge to combat the cyber skills gap. From information security program / policy development to virtual security experts to on-demand threat hunting and response, LEO delivers tailored security solutions to your organization through creativity, experience, and commitment.