ICS Security Solutions

Great cyber security in your ICS/OT environments starts with understanding your specific business priorities, operations, and technical infrastructure.

No two organizations are the same, which means that the challenges and priorities vary, especially amongst industrial and automation infrastructures across all industrial verticals. Our work starts at the point of greatest impact for our clients.

From compliance to threat hunting, assessments to full penetration tests, strategy to implementation, and all steps in between, LEO’s world-class team of ICS cyber security experts is equipped to address them all.

LEO’S ICS cyber security practice mission is to protect the resiliency, safety, security, and efficiency of automation and control systems.

LEO intends to be a long-term partner that can understand and advise on the ever-evolving threat landscape while fully understanding the consequences and impacts of each potential threat to operations and safety.

By leveraging our talent, LEO builds unique solutions and educates clients by providing guidance and resources in an environment where we thrive in with respect to operational risk management.

We help our clients build and mature their cyber security programs, and this starts by understanding their specific business, operations, and risks.

We help identify and assess the risk to your operations and business and then help build and deploy the most efficient and cost-effective risk mitigation, consequence and impact reduction strategies, and cyber security programs according to their specific needs and resources.

150+ years Experience

We have more than 150 years of combined experience specifically in ICS Cyber Security and each member of our staff possesses an average of 8 years of experience that includes experience in operational environments.

We are highly experienced, skilled, and uniquely qualified.

In order to properly secure, protect, and advise on ICS cyber security strategies, a trusted advisor and execution partner must truly understand their client – the industries they operate in, the challenges they face daily, and the associated risks of their business.

The ICS security team within LEO adds to this by bringing highly experienced, detailed focused ICS expertise that understands the consequences, impacts, and nuances within automation and control systems environments. We offer one of the largest ICS cyber security talent pools, comprised of some of the industry’s most skilled and tenured professionals.

Whether our personnel are Chief Information Security Officers (CISO), security architects, engineers, analysts, or penetration testers, all of our staff have extensive experience within organizations providing front-line security operations and management in both IT and ICS/OT environments. Our expertise has been cultivated from years of evaluating programs, assessing, monitoring, and implementing security controls in both IT and ICS/OT environments, including monitoring networks and systems, doing ICS system validation and acceptance testing and responding to incidents.

Our staff comes from recognized world-class industrial organizations including Idaho National Laboratory (INL), Federal Energy Regulatory Commission (FERC), Department of Defense (DoD), Electric Reliability Council of Texas (ERCOT), Shell, General Motors (GM), Marathon Oil, Phillips 66, Rockwell Collins, Comanche Peak Nuclear Power Plant, Department of Energy (DoE), Department of Homeland Security (DHS), Siemens, Portland General Electric, and more.

We are highly experienced, skilled, and uniquely qualified.

When you hire LEO, you have access to our entire team of world-class ICS cyber security experts throughout the duration of the entire project. LEO maximizes the efficiency and quality of every project by deploying a holistic team engagement strategy, rather than limiting the participation to a couple of specifically assigned personnel. Furthermore, all LEO staff are thoroughly vetted, full-time employees, not subcontractors.

LEO’s ICS Cyber Security Services

Some of the services our ICS team focuses on providing around the globe are but not limited to:
  • ICS Security Program Advisory, Creation and Maintenance
  • ICS Systems Security Engineering & Security Architecture (Including FAT, SAT, Commissioning)
  • ICS Cyber Security Assessments (Risk, Threat, Vulnerability, Consequence & Impact)
  • ICS Standards, Regulatory and Compliance Assessments
  • ICS Cyber Security Penetration Testing
  • ICS Cyber Security Training (Awareness, Tabletop Exercises, Advanced Security Methods)
  • ICS Cyber Security Monitoring, Detection, Threat Hunting
  • ICS Cyber Security Compromise Assessments
  • ICS Cyber Security Incident Response
  • ICS Security R&D and Thought Leadership
  • Community Outreach and Educational Programs
  • ICS Security Manager as a Service

Clint Bodungen

Trailblazers often leave their mark, but every now and then, some even help build an entire industry. Clint has done just that. With more than twenty years of experience, he is one of the original pioneers of the Industrial Control Systems Cyber Security industry. From the deep technical trenches to the “C-Suite”, few people in the world have been doing it longer. Now, Clint is a frequently requested public speaker, a published author in the iconic “Hacking Exposed” series, and is regarded as one of the industry’s leading experts. At LEO, he is our resident “industrial hacker” and heads up our Industrial Cyber Security Business.

ROD HOLMES

In cybersecurity, experience and passion for protecting information are crucial. Rod Holmes, one of our senior Chief Information Security Officers, has both. For nearly 30 years, Rod has worked in some form of cybersecurity. He started his career at Johnson Space Center, and he rose through the ranks to become a leading security leader at Marathon Oil. Rod has designed and managed many corporate information security programs, including multiple initiatives to integrate operational technology security in the industrial control systems (ICS) world with corporate IT security. Certifications? He has those, too. Rod is a Certified Information Systems Security Professional (CISSP) and has advanced degrees from Texas A&M University. We know our information is in good hands with Rod Holmes on our team.

JEREMY WILKINSON

Cybersecurity is a global issue, and no one understands this more than Cybersecurity Professional, Jeremy Wilkinson. Prior to joining LEO, Jeremy gained international experience supporting various U.S. Department of Defense teams in Afghanistan at HITT Exelis Geospatial Systems and DynCorp International. He has also held various security roles at Wilks Brothers LLC, Rockwell Collins, Comanche Peak Nuclear Power Plant, and Lightsource Systems, Inc. Jeremy is an experienced, educated, and certified cybersecurity professional with demonstrated success in cybersecurity, network engineering, project implementation, and quality assurance. His expertise in a diverse range of security and network technologies within a variety of industry settings makes him a valuable member of the LEO team.

KEVIN LACKEY

Kevin has been involved in the hacking scene since the early 1980’s, his elementary teachers will tell you that he wrote a disk protection system that locked school personnel out of the classroom Apple IIe. Kevin became involved in security for critical infrastructure in 2004 when he became a member of the National SCADA testbed for the DOE and worked in the national lab system for the next several years pursuing innovative approaches for researching and defending ICS systems for the DOE & DHS. Kevin then moved into defensive side of the house for the last 8 years helping to secure critical infrastructure for both ERCOT and General Motors. Kevin brings a unique perspective to cyber security being one of the original ICS security pioneers that has spent considerable time on both red team and blue team programs.

ALEXANDER CLAYTOR

Alexander has 20 years of IT experience, 12 of which in IT cybersecurity & 10 focusing on ICS cybersecurity. His expertise is in Enterprise IT infrastructure security with the past decade specializing in Industrial Operational Technology (ICS/SCADA/IIoT) security. His career goal is assisting enterprises to embed best security practices into their environment & culture via strategic implementation. Alex has owned multiple businesses, worked for some of the largest corporations in the world, & been a contractor for the federal government & various municipalities. He is most at home doing R&D of security-related best practices & being out in the field supervising deployment & commissioning of infrastructure he has often had a key role in architecting. He has been an IT Manager/Director, SCADA/HMI Integrator, Cybersecurity Consultant, owned his own IT consulting/MSP business, and a CISO/Solutions Architect for an MSP.

BRIAN FOSTER

In an industry populated by the unique and highly skilled, Brian stands out. While in a highly successful career as an Automation Engineer designing, building, and programming the devices he now protects he found himself driven to do more. Frustrated with the growing cultural divide between OT and IT resulting from the rapidly shrinking boundary between the technologies, he set out to bridge the gap. He now has 10 years of thriving experience in the young ICS/OT Cybersecurity industry. With an advanced understanding of the technology he is protecting and an Engineer’s approach, Brian directs the programs he manages with a focus on safe and secure operation. He actively engages the IT and OT teams to build bridges and tear down silos resulting in greater overall security. Brian believes leadership is an opportunity to help enable those around him to be the best versions of themselves. In a rapidly evolving industry, Brian’s passion for protecting all the necessities of daily life helps lead the way to a safer and more secure world.

TRAVIS FARRAL

Leader, designer, and accomplished writer. That is Chief Information Security Officer Travis Farral in a nutshell. Travis is an IT security professional at LEO, specializing in threat intelligence, incident response, and industrial control systems security. He has a background in computer and network forensics, architecture, and design, as well as project and program management. Travis has successfully led teams in a variety of management roles, including his time at ExxonMobil as Cybersecurity Intelligence & Strategic Services Supervisor. To top it all off, Travis is a contributing member of various open and closed security communities, keeping him at the forefront of all things cyber.