Patrick Kelley to Speak at IAEC IT Fall Conference 2024

Patrick Kelley, CEO of Leargas Security, will be a featured speaker at the IAEC IT Fall Conference, hosted by the Iowa Association of Electric Cooperatives. The event is set for October 8-9, 2024, at The Rewind by Hilton in West Des Moines, Iowa. The conference brings together IT and cybersecurity leaders to tackle the pressing challenges in protecting critical infrastructure within the energy sector.

Continue reading

Léargas Returns to NASCAR Xfinity Series with Driver Ryan Vargas!

This past weekend was an exciting one for Léargas Security as we were proud to see our brand represented in the NASCAR Xfinity Series by driver Ryan Vargas. After a challenging year for the Mike Harmon Racing (MHR) #74 team, Ryan had the opportunity to get back behind the wheel at Kansas Speedway-showcasing both his racing skills and our Léargas Security fire-suit throughout the weekend.

Continue reading

Patrick Kelley to Speak at the MRO Security Conference 2024

Patrick Kelley, CEO of Léargas Security, will be a featured speaker at the 2024 MRO Security Conference, scheduled to take place on October 1-2, 2024, in St. Paul, Minnesota. This annual conference brings together experts in the energy and security sectors to discuss pressing issues in cybersecurity, particularly as they relate to the protection of critical infrastructure.

Continue reading

Race Report: EuroNASCAR PRO Round 9 at Autodrom Most, Czech Republic

The 2024 NASCAR Whelen Euro Series season finale at Autodrom Most, Czech Republic, presented a weekend full of challenges and perseverance for Ryan Vargas and the Leargas Security team. Despite a tough start during practice, where the team battled a persistent tight-center handling issue due to a failing left-front shock, the crew’s dedication and hard work set the stage for a remarkable comeback.

Continue reading

Empowering Cybersecurity: A Special Workshop by Patrick Kelley at E-ISAC’s CRISP

We are thrilled to announce that our founder, Patrick Kelley of Léargas Security, will be leading a profound workshop titled “In the Trenches of Cybersecurity: A Practical Guide to Incident Response” at the forthcoming Cybersecurity Risk Information Sharing Program (CRISP) event hosted by E-ISAC. This event is scheduled for May 14th in Chicago, IL, and is set to be an essential learning opportunity for cybersecurity experts.

Continue reading

Ryan Vargas Claims First Euro Series Podium, Leads 3F Racing and Léargas Security Racing to Top Team Honors

After a 5-year wait, the Euro series finally returned to racing on an oval. The anticipation leading up to this weekend’s races was unlike anything seen before in NASCAR on this side of the Atlantic. Many wondered if the event would meet the high expectations, and those concerns were quickly dispelled by a thrilling NASCAR 2 race on Saturday, delivering an unforgettable experience for the fans.

Continue reading

Léargas to participate in the Georgia EMC Technology Association’s Fall Meeting

In a fast-evolving world where technology stands as the backbone of numerous sectors, bringing together industry professionals to foster collaboration and growth is not just a necessity, but a mission to advance the industry further. The Georgia EMC Technology Association, an esteemed body with a focused approach to fostering excellence in the field of information technology, continues its long-standing tradition of promoting learning and collaboration with its upcoming Fall Meeting scheduled for September 20-22, 2023. This year, we are thrilled to announce Leargas Security as the proud sponsor of this promising event.

Continue reading

Léargas Security Sponsors NRECA 2023 Co-op Cyber Tech

Léargas Security, a leading cybersecurity firm, has made a name for itself by providing top-notch security solutions and services to clients worldwide. With a focus on innovation, Léargas Security stays ahead of emerging threats by continuously updating its strategies and techniques. The company’s dedication to excellence has made it the perfect partner for NRECA in the 2023 Co-Op Cyber Tech Conference.

Continue reading

Visibility and Log Fidelity – Recommendations

In the world of cybersecurity, adequate visibility and log fidelity are critical components in ensuring the necessary security of your organization’s assets. As cyber threats continue to evolve and become more sophisticated, it’s essential to have a comprehensive view of your many networks, cloud assets, and endpoints, provides and the ability to identify potential security incidents quickly.

LeargasCloud

Breaking these components down, “Visibility” refers to the level of insight you have into your organization’s activity. This insight includes understanding how your network operates, what devices are connected to it, and the types of traffic flowing through it. In essence, visibility provides a complete picture of your organization’s landscape, allowing you to identify and address potential security issues proactively. Adequate amounts of log fidelity will be required to raise the confidence in the assertions made by the analyst.

“Log fidelity”, on the other hand, refers to the accuracy and completeness of the data collected. It’s essential to collect logs from various devices in your organization to ensure that you have a complete picture of the activity. Log fidelity allows you to trace activity and identify potential security incidents with precision and speed.

Adequate amounts of log fidelity will be required to raise the confidence in the assertions made by the analyst, and more will always be better.

One might desire to collect the highest-fidelity of logs, but there are significant pros and cons to be considered.  Some of the most important ones are outlined below.

Pros

  1. Improved troubleshooting
    Increasing log verbosity can provide more detailed information about system operations, making it easier to identify and diagnose issues.
  2. Better understanding of system behavior
    With more detailed logs, it’s easier to understand how a system is behaving, providing valuable insights into its operation.
  3. Improved security
    Detailed logs can provide security teams with more information about potential security incidents, making it easier to identify and respond to them.
  4. Improved performance
    In some cases, increasing log verbosity can help identify performance issues that might have gone unnoticed with less detailed logs. This is effectively implementing a SNR (Signal-To-Noise Ratio).

Cons

  1. Increased storage requirements
    More detailed logs require more storage space, which can be a concern for systems with limited disk space.
  2. Licensing costs
    Many SIEMs are built on a pricing model that could significantly increase the cost of platform, as the total volume of logs will increase.
  3. Increased processing overhead
    Generating more detailed logs can require additional processing overhead, which can impact system performance.
  4. Reduced performance
    In some cases, increasing log verbosity can cause a system to slow down, especially if there is a high volume of log data.
  5. Privacy concerns
    Detailed logs can contain sensitive information, which can pose privacy concerns if not handled properly.

Together, visibility and log fidelity provide a powerful tool for cybersecurity professionals to protect their organization from potential threats, but they must be properly tuned. Without adequate visibility, it’s challenging to know what’s happening within your organization, making it difficult to identify potential security incidents and manage the security posture. Similarly, without log fidelity, it’s challenging to trace activity and identify the root cause of a security incident.

Here are some recommendations for log levels in cybersecurity:

  1. Use a consistent log level system
    It’s essential to use a consistent log level system across all devices and applications in your network. This ensures that all logs are categorized and prioritized in a consistent manner, making it easier to identify potential security incidents. Normalizing the log data in the earlier stages of collection will likely reduce the TCO (Total Cost of Ownership) of the platform.
  2. Use a minimum of three log levels
    It’s recommended to use a minimum of three log levels: information, warning, and error. This provides a basic framework for identifying potential issues while keeping log files manageable. Where possible, consider formatting the logs in JSON (JavaScript Object Notation) as it can lower the cost of normalization between other logs.
  3. Define log levels based on severity
    Define log levels based on the severity of an event or activity being logged. This ensures that the most critical events are identified and addressed promptly.
  4. Define thresholds for log levels
    Define thresholds for each log level based on the severity of the event or activity being logged. For example, a warning log may be generated when a device is running low on storage space, and an error log may be generated when a device has encountered an error.
  5. Define retention
    Define the period of time that log data is kept and available for analysis. Retention policies define the length of time that log data is stored and are typically based on compliance requirements or organizational needs.
  6. Monitor logs in real-time
    It’s recommended to monitor logs in real-time to detect potential security incidents promptly. This can be done using Léargas Security, which can alert security teams when critical events occur.
  7. Regularly review and analyze logs
    Regularly reviewing and analyzing logs can help identify potential security incidents that may have gone unnoticed. This can help security teams identify and address vulnerabilities and threats before they cause significant damage.

Log levels play a critical role in cybersecurity by providing information on the severity of an event or activity being logged. By using a consistent log level system, defining log levels based on severity, and regularly reviewing and analyzing logs, security teams can identify and address potential security incidents proactively. By monitoring logs in real-time and using automated tools, security teams can detect and respond to potential security incidents promptly, minimizing the impact of a security breach or data loss incident.

At Léargas Security, our goal is to work with our customers to determine their operational and regulatory needs, because it helps the organizations identify and manage security risks, comply with legal and regulatory requirements, establish effective security practices, and allocate resources effectively. By understanding their operational and regulatory needs, organizations can establish appropriate policies, procedures, and technical controls that mitigate risks and protect critical assets.

Need help? Contact us today at, [email protected]!