Cybersecurity Blog: The Cyber Scene is evolving, are you?

The cyber-attack on Ukraine power centers last December — an event that took 30 substations offline and left more than 230,000 residents without power — was a rude awakening for power generation plants and distribution centers around the world. Despite being well-segmented from the control center business networks with robust firewalls — notably more secure than some U.S. operations — the network was still breached.

Read more

Insider crimes are a very real and costly problem for companies—often more costly than high profile cyberattacks. Despite continued investments in security measures to control and monitor access to sensitive data, more organizations feel vulnerable to breaches caused by insiders. In fact, according to a recent survey of security professionals conducted by LinkedIn’s Information Security Community and Crowd Research Partners, 74% of respondents say their organizations are vulnerable to insider threats, and 56% say insider threat incidents have become more frequent in their organization in the last 12 months.

Read more

An evolving threat landscape, persistent adversaries, and a shortage of talent and skills are some of the reasons security teams struggle to successfully defend their organizations. However, the biggest roadblock to a successful defense is often self-inflicted.

Read more

For security teams, monitoring the security status of an IT network is common practice, while the routers, switches, and gateways of industrial networks go largely unchecked. Fortunately, this is changing. With the rapid increase in cybersecurity incidents affecting industrial control systems (ICS), more and more organizations are adopting ICS security programs to keep their operations running and people safe. If your organization plans (or is already underway) to develop its own ICS security program, here are four foundational elements to help you build the most effective program possible.

Read more

Successful integration, motivated leaders, and driven employees propel Leidos to the #1 fastest growing cybersecurity consulting company


Coming in at the No. 1 spot with an astronomical growth rate of 82.1 percent year over year was Leidos. The company reported cybersecurity consulting revenues of $285 million in 2016, up from $157 million the year before. – CRN.com

Read more

Leidos Cyber UK is CREST certified for Penetration Testing, Incident Response and Cyber Essentials.

This accredits Leidos Penetration Testing programme as complying with CRESTs rigorous requirements for penetration testing providers, and gives organisations a level of assurance over the quality of testing that will be delivered.

Read more

Part 4: Training and defined management procedures are critical to program success.

Today’s insider risk programs typically rely solely on mitigation as the remedy to address every insider risk. But this approach leaves out critical measures to address all components of risk.

Read more

Today, organizations invest significant resources to harden their perimeters against exterior attacks. Unfortunately, many of these same companies invest far less to protect themselves against internal threats—individuals who have direct access to sensitive and proprietary information.

Read more

Part 3: Successful insider risk programs begin with good choices—prioritizing what to protect and how to protect it.

While often overlooked as a critical component to enterprise security, the insider threat is difficult to ignore when organizations increasingly lose critical assets (intellectual property, proprietary data, network infrastructure, financial assets, facilities, etc.) due to an individual's theft or negligence.

Read more

Part 2: Communication and documentation contribute to building a successful insider risk program.

When implementing an insider risk program, it is necessary to take foundational measures to integrate both technical and non-technical elements for a truly holistic defense.

Read more