Leargas Security Welcomes Jordan Rogers as VP of Operations

I am pleased to announce the addition of Jordan Rogers to the Leargas Security team. Jordan joins us as Vice President of Operations, bringing a wealth of experience in cybersecurity incident response, threat intelligence, and risk management.

Jordan’s impressive background includes 10+ years of experience in managing complex security operations, developing and implementing effective security strategies, and leading cross-functional teams to achieve outstanding results. His expertise in incident response, threat hunting, and vulnerability assessment will be invaluable in helping us strengthen our clients’ defenses against emerging threats.

Please join me in extending a warm welcome to Jordan as he embarks on this exciting new chapter with Leargas Security.

-Patrick Kelley

Visibility Across Generations: Leveraging Advanced Technologies for Proactive Cybersecurity

Background

A mid-sized regional electric cooperative serving rural communities faced an existential cybersecurity challenge. Their operational technology (OT) network represented a technological time capsule: critical power distribution equipment from the late 1990s and early 2000s coexisting with newer digital management systems.

The Vulnerability Landscape

The cooperative’s network infrastructure included:

  • Programmable Logic Controllers (PLCs) manufactured by Siemens in 1998
  • SCADA systems dating from early 2000s
  • Limited firmware update capabilities
  • No native encryption or modern security protocols
  • Critical communication systems connecting substations across 17 rural counties

Most critically, these systems controlled power distribution for approximately 45,000 rural residents—making any potential compromise a direct threat to community safety and infrastructure reliability.

Technical Challenge

Traditional cybersecurity approaches were fundamentally incompatible with this environment. The legacy devices:

  • Cannot receive standard security patches
  • Lack modern authentication mechanisms
  • Generate minimal diagnostic data
  • Operate on proprietary communication protocols

Network traffic analysis emerged as the sole viable visibility mechanism, making network-level intelligence paramount.

Léargas Security Intervention

Our solution focused on extracting maximal intelligence from network traffic patterns, leveraging Zeek’s advanced analytical capabilities:

Detailed Network Mapping

  • Comprehensive inventory of all network communication paths
  • Identification of communication anomalies across legacy and modern systems
  • Baseline establishment of “normal” operational behaviors

Threat Detection Methodology

  • Granular protocol analysis
  • Behavioral pattern recognition
  • Anomaly detection without system interruption
  • Zero-touch monitoring of critical infrastructure

Quantifiable Outcomes

Within six months of implementation, our approach detected:

  • 3 previously unidentified communication irregularities
  • 2 potential lateral movement attempts
  • 1 misconfigured network segment exposing critical infrastructure

Critical Prevention: A detected communication anomaly revealed an unauthorized remote access attempt through an outdated SCADA system interface—a potential catastrophic breach that traditional security tools would have missed.

Financial and Operational Impact

Implementing our network-centric security approach cost approximately 40% less than proposed system-wide equipment replacement. More importantly, it provided continuous monitoring without disrupting critical power distribution infrastructure.

Conclusion

In environments where legacy technology meets modern threat landscapes, network-level intelligence becomes the ultimate security perimeter. By treating network traffic as a comprehensive sensor platform, organizations can secure seemingly unsecurable infrastructure.

The electric cooperative maintained uninterrupted service, protected critical infrastructure, and gained unprecedented visibility into their technological ecosystem—all without replacing a single piece of equipment.

Léargas Security & Critical Path Security at CGA Energy Summit 2025

Ottawa, Ontario | March 24-27, 2025

Léargas Security and Critical Path Security are headed to the CGA Energy Summit in Ottawa, Ontario! Our own Patrick Kelley and Ben Estephan will be on-site, engaging with attendees to discuss two critical topics at the intersection of energy, cybersecurity, and mental health.

While not speaking this time, Patrick and Ben will be available throughout the event to meet with industry leaders, energy professionals, and security experts to address some of the most pressing challenges in the field.

🔹 Cybersecurity in Energy Infrastructure – As cyber threats continue to evolve, we’ll be exchanging insights on how organizations can strengthen their defenses, improve visibility, and implement actionable strategies to protect critical energy assets.

🔹 Mental Health in High-Stakes Industries – The cybersecurity and energy sectors both demand constant vigilance and resilience. We’ll be discussing the importance of mental health, stress management, and work-life balance in maintaining peak performance in high-pressure environments.

The CGA Energy Summit brings together top minds in energy, security, and innovation, making it an ideal space to collaborate, share knowledge, and work toward a more secure future.

If you’re attending the CGA Energy Summit 2025, let’s connect! We’re looking forward to insightful conversations and meaningful engagements that drive real impact.

📅 March 24-27, 2025
📍 Ottawa, Ontario, Canada
🔗 Event Details

#CGAEnergySummit #Cybersecurity #MentalHealth #LéargasSecurity #CriticalPathSecurity #EnergySecurity #Resilience

Patrick Kelley, Founder and CEO, to Keynote Georgia EMC Technology Association Meeting

Leargas Security and Critical Path Security are proud to announce our founder and CEO, Patrick Kelley, will deliver the keynote presentation at the Georgia EMC Technology Association Spring Meeting, April 16-18, at the scenic Brasstown Valley Resort.

Patrick will speak on “Mental Health in Cooperatives: Balancing the Scales,” addressing the critical challenges of burnout and imposter syndrome faced by cybersecurity professionals within electric cooperatives.

At Leargas Security and Critical Path Security, we deeply understand the intense pressure cybersecurity teams experience—often understaffed, overwhelmed, and managing multiple roles simultaneously. Patrick’s keynote will offer candid insights into these struggles and discuss strategies to foster resilience, improve mental health, and strengthen overall cybersecurity practices within cooperatives.

We look forward to meaningful discussions that promote awareness, support well-being, and enhance cyber resilience in our industry.

Special thanks to the Georgia EMC Technology Association for hosting this important event and to Brasstown Valley Resort for providing the perfect backdrop.

#Cybersecurity #MentalHealth #BurnoutAwareness #EMC #GeorgiaEMC #CyberResilience #BrasstownValleyResort #LeargasSecurity #CriticalPathSecurity

Léargas Security’s Patrick Kelley to Speak at 2025 Co-op Cyber Tech on Mental Health in Cybersecurity

We’re thrilled to share some exciting news! Our very own Patrick Kelley has been selected to speak at the upcoming 2025 Co-op Cyber Tech conference, taking place June 24–26 in Denver, Colorado, at the Hyatt Regency Denver at Colorado Convention Center. This conference brings together cybersecurity professionals from around the globe for three days of in-depth discussions, workshops, and networking opportunities—and we’re honored that Patrick will be part of the speaker lineup.

Patrick’s session, “Mental Health in Cybersecurity: Leveraging the Maslach Burnout Inventory (MBI),” tackles one of the most critical but often overlooked issues in our field: the toll that high-stakes cybersecurity work can take on mental well-being. By utilizing the MBI—an industry-standard tool for measuring occupational burnout—cybersecurity teams can better identify and address the unique pressures they face, such as intense workloads and the need for around-the-clock incident response.

Why This Topic Matters
Cybersecurity professionals operate in fast-paced, high-pressure settings where attacks can escalate quickly. The constant vigilance and rapid-fire problem solving that keep our digital world safe can also lead to stress, fatigue, and burnout if not managed properly. Patrick will explore how the Maslach Burnout Inventory offers a structured way to evaluate burnout risk and implement targeted solutions that keep cybersecurity teams both motivated and mentally healthy.

What to Expect from the Session

  • A Deep Dive into the MBI: Understand how the Maslach Burnout Inventory can be used to gauge burnout levels, pinpoint causes, and track improvements over time.
  • Early Detection and Prevention: Learn how to spot the warning signs of burnout in yourself and your team before they escalate.
  • Practical Interventions and Strategies: Discover evidence-based methods to foster a healthy work environment and build resilience against stress.
  • Case Studies and Real-World Stories: Hear examples of how cybersecurity practitioners have implemented wellness initiatives to maintain a high-performing culture.

Join Us in Denver
If you’re heading to the 2025 Co-op Cyber Tech conference, be sure to reserve a spot for Patrick’s session. By shedding light on the psychological aspect of cybersecurity work, Patrick aims to equip organizations with the tools needed to support their teams effectively.

At Léargas Security, we believe that caring for our people is essential to delivering top-tier cybersecurity services. That’s why we’re especially proud to see Patrick champion this crucial topic on a global stage. For those who can’t attend in person, we’ll share follow-up materials and insights after the conference, ensuring everyone has access to these valuable takeaways.

Feel free to reach out if you have any questions or want more details about Patrick’s talk or our work at Léargas Security. We look forward to connecting with the cybersecurity community in Denver—and to continuing our mission of protecting both digital assets and the well-being of the teams who safeguard them every day.

Stay tuned for more updates—and congratulations to Patrick on this exciting opportunity!


Léargas Security – Illuminating the Path to Cyber Defense.

Speaking Event: Mental Health in Cooperatives: Balancing the Scales

At Léargas Security, we understand that cybersecurity isn’t just about technology—it’s about people. The pressure to defend critical infrastructure against relentless threats is breaking teams down. Burnout, imposter syndrome, and the weight of impossible expectations are leaving cybersecurity professionals—and the cooperatives they protect—at risk.

Next week, Patrick Kelley be speaking at the Alabama Rural Electric Association Accounting Update Annual Meeting about the hidden cost of burnout in cybersecurity and cooperatives.

This isn’t just a conversation about mental health; it’s about the business impact—from increased turnover costs and cyber insurance hikes to the financial ripple effects of security fatigue.

Key takeaways:

✔ The “Accidental CISO” Problem – Why so many cybersecurity professionals in cooperatives never planned for the role they’re now in.

✔ Burnout & Finance – How stress translates into real financial loss, from regulatory fines to delayed security improvements.

✔ Coping Mechanisms That Work – Practical strategies to manage the unique stressors of cybersecurity and leadership in the cooperative space.

The goal? To change the conversation from “just deal with it” to real solutions that create sustainable teams and secure infrastructure.

The Case for Log Retention: Why MDR Limitations Put Your Business at Risk

It’s critical to make informed decisions about the tools and services that safeguard your environment. One recurring challenge we’ve encountered is the misunderstanding surrounding Managed Detection and Response (MDR) providers that claim to include advanced features like log management. 

The catch? Many of these solutions delete your logs after 30 days, leaving your organization exposed to compliance violations, investigative dead-ends, and potential legal liabilities.

Log Retention: More Than Just a Checkbox
Logs are more than just lines of code. They’re a detailed map of your network’s activity, an essential resource for:

  • Forensic Investigations: Re-analyzing past activity during incident investigations.
  • Regulatory Compliance: Many regulations, such as GDPR, HIPAA, and PCI-DSS, require organizations to maintain logs for specific periods.
  • Legal Holds: During litigation, your ability to produce historical data can be the difference between resolving a case quickly or facing prolonged legal challenges.
  • Continuous Improvement: Detecting advanced threats often requires applying new threat intelligence to historical logs.

When your MDR provider deletes logs after 30 days, you’re left in the dark, unable to meet these critical needs.

Perpetual Legal Holds: A Non-Negotiable
As cybersecurity professionals, we’ve repeatedly emphasized the importance of perpetual legal holds to our customers. Whether you’re responding to a breach, ensuring compliance, or navigating legal disputes, having full access to historical logs is indispensable. 

Here are the key reasons to adopt robust log retention practices:

  • Incident Response: Without historical logs, tracing the origin and scope of a breach becomes nearly impossible.
  • Compliance Audits: Regulatory audits often demand records that span months, if not years.
  • Litigation Support: Your ability to defend against legal claims or regulatory inquiries hinges on your data retention practices.

The Léargas Difference: A Comprehensive Cybersecurity Platform
At Léargas Security, we’ve built a Comprehensive Cybersecurity Platform that eliminates the limitations imposed by traditional MDRs. Our platform is designed to prioritize extended log retention and ensure your organization has the tools to secure its data and meet compliance requirements. 

Here’s how we address this critical need:

  • Tailored Retention Policies: Customized to meet your industry’s regulatory requirements.
  • Scalable Storage Solutions: Ensuring you never run out of space for critical logs.
  • Legal Hold Capabilities: Enabling you to flag and retain specific logs indefinitely for ongoing investigations or litigation.
  • Unified Threat Visibility: Combining advanced detection with actionable insights, ensuring nothing gets overlooked.

The Bottom Line
Don’t let your MDR dictate how long you can keep your logs—this decision should be based on your operational needs and regulatory obligations, not arbitrary limitations. The stakes are too high, and your organization deserves a solution that works for you.

At Léargas Security, our Comprehensive Cybersecurity Platform empowers organizations to own their data, strengthen their defences, and stay ahead of evolving threats. If you’re ready to break free from MDR limitations, contact us today. 

Bridging the Divide: The Security Risks of IT and OT Convergence

Introduction
For decades, Information Technology (IT) and Operational Technology (OT) operated in isolation—each serving distinct purposes. IT focused on securing data, while OT managed physical processes and industrial control systems. However, as organizations pursue digital transformation (DX) and integrate Industrial Internet-of-Things (IIoT) devices, these once-separate environments are converging. While this shift promises efficiency and cost savings, it also exposes critical infrastructure to unprecedented cybersecurity risks.

At Léargas Security, we’ve seen firsthand how the expansion of the attack surface has turned OT networks into prime targets for cybercriminals, hacktivists, and even nation-state actors. This case study explores real-world vulnerabilities in IT/OT convergence and provides strategic security recommendations.

Case Study: The High-Stakes Reality of IT/OT Cybersecurity
The Incident: A Ransomware Attack That Shut Down a Nation’s Fuel Supply
In May 2021, the Colonial Pipeline—the largest refined petroleum pipeline in the U.S.—fell victim to a ransomware attack. The attackers compromised IT systems, forcing a complete shutdown of OT operations. The impact was immediate:

  1. Fuel shortages across multiple states
  2. Panic buying at gas stations
  3. Significant financial losses for businesses relying on fuel transportation.

This attack was not an isolated incident.

These events highlight a dangerous reality: OT networks, once assumed to be protected by “air gaps,” are now exposed to cyber threats through IT interconnectivity.

The Root Cause: Why OT Is a Prime Target
The primary reason OT environments are being targeted? They were never designed with security in mind. Historically, OT relied on physical isolation for protection. However, modern demands for remote monitoring, automation, and efficiency have led to cloud integration and IT connectivity.

Key vulnerabilities include:

  1. Legacy Systems Without Security Patches
    Many industrial control systems (ICS) run on outdated software that lacks modern security updates. Once connected to the internet, these systems become an easy target for cybercriminals.
  2. Inadequate Network Segmentation
    Insecure IT-OT integration allows lateral movement within a network. A breach in IT (e.g., phishing attack) can quickly spread into OT environments where it disrupts critical operations.
  3. Lack of Security Awareness in OT Environments
    Unlike IT, where cybersecurity practices are standard, OT teams are often unfamiliar with evolving cyber threats. Without proper incident response training, minor intrusions can escalate into catastrophic failures.
  4. IIoT Devices Expanding the Attack Surface
    The adoption of Industrial IoT devices means more endpoints to secure. Unfortunately, many of these devices lack robust security controls, making them an entry point for attacks.

Mitigating the Risks: A Proactive Security Strategy
To prevent devastating breaches like Colonial Pipeline, organizations must implement end-to-end OT security. 

Here’s how:

  1. Enforce Network Segmentation
    Implement strict firewall rules to separate IT and OT environments.
    Use zero-trust principles to prevent unauthorized access between systems.
  2. Conduct Continuous Monitoring and Threat Intelligence
    Deploy XDR solutions (like Léargas XDR) to detect anomalies in real time.
    Utilize behavioral analytics to spot unusual network activity before an attack escalates.
  3. Regularly Patch and Update OT Systems
    Work with OEM vendors to ensure critical updates are applied to legacy OT devices.
    Establish secure remote access policies for patching sensitive infrastructure.
  4. Train OT Personnel on Cybersecurity Best Practices
    Conduct regular security awareness training for OT staff.
    Implement phishing simulations to test readiness against social engineering attacks.
  5. Implement Robust Incident Response Plans
    Define clear action plans for responding to ransomware and malware attacks.
    Conduct regular tabletop exercises to test readiness for IT-OT security incidents.

Conclusion: Securing IT/OT Convergence Is No Longer Optional
The rapid merging of IT and OT brings undeniable benefits, but it also creates a massive cybersecurity challenge. Organizations that fail to address these risks will face disruptions that extend beyond financial losses—they will impact public safety, national security, and daily life.

At Léargas Security, we specialize in securing IT-OT environments by providing advanced threat detection, network monitoring, and cybersecurity training. Contact us today to learn how we can help protect your industrial operations from cyber threats.

The Future of Cybersecurity is Now: Meet Léargas Security

Organizations need more than just visibility—they need precision, automation, and intelligence. At Léargas Security, we provide next-generation cybersecurity solutions that empower teams to detect, respond, and neutralize threats in real-time.

🔍 360° Threat Visibility Across IT, OT, and Cloud

Léargas delivers deep, continuous monitoring across your entire infrastructure—on-prem, cloud, and industrial control systems (ICS/OT). Whether it’s an enterprise network or a critical infrastructure environment, our platform provides the actionable intelligence needed to stop threats before they escalate.

⚡ Automated Detection & Response

Speed is everything. Léargas harnesses AI-driven correlation, real-time forensic analysis, and automated response playbooks to cut down the time it takes to detect and neutralize threats. By leveraging advanced analytics, we eliminate noise and focus on what really matters—stopping attacks before they cause damage.

🔗 Seamless Integration, No Disruptions

Security should work with your existing tools, not against them. Léargas integrates effortlessly with industry-leading platforms, enhancing your SIEM, XDR, and endpoint security without the need for costly replacements. Whether it’s SentinelOne, CrowdStrike, Zeek, or custom SOC workflows, our platform adapts to your needs.

🛡️ Beyond Threat Detection: Full-Scale Cyber Resilience

Léargas goes beyond traditional monitoring—our platform offers:
Dark Web Intelligence to track leaked credentials & ransomware threats.
AI-Enhanced Threat Hunting for proactive security.
Real-Time Attack Visualization & Attribution to stop adversaries faster.
Automated Compliance Reporting for frameworks like NIST, CMMC, and NYCRR 500.

🚀 Built for MSSPs and Enterprises

From global enterprises to Managed Security Service Providers (MSSPs), Léargas delivers scalable solutions that provide cost efficiency, rapid deployment, and centralized security operations—all from a single intuitive platform.

Cyber threats aren’t slowing down, but with Léargas Security, neither are we.

🔗 Ready to see it in action? Let’s talk.

Elevating Cybersecurity: How Léargas Security Empowers MSSPs and MSPs

Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) face increasing demands to protect their clients’ organizations against sophisticated threats. With businesses becoming more digitally reliant, the need for comprehensive, cost-effective, and seamless solutions has never been greater.

Enter Léargas Security’s cutting-edge platform—a game-changer for MSSPs and MSPs alike.

A Platform Designed for the Modern MSSP

At Léargas Security, we understand the unique challenges MSSPs face. Our platform isn’t just a tool; it’s a comprehensive solution built with multi-tenancy at its core. Whether managing the security needs of a single client or hundreds, the platform provides unparalleled efficiency through its single-pane-of-glass design, allowing MSSPs to monitor, analyze, and respond to threats across all clients in one intuitive interface.

Integrations That Enhance Visibility and Actionability

Security is only as strong as the tools you have at your disposal. That’s why our platform seamlessly integrates with leading technologies such as:

  • EDR and Threat Intelligence Tools: Carbon Black, CrowdStrike, and SentinelOne.
  • Network Monitoring: Suricata, Fortinet, and Zeek.
  • Critical Infrastructure Leaders: Siemens, Schneider Electric, and Microsoft Defender.
  • Cloud Ecosystems: Google Workspace and Microsoft 365.

These integrations, as shown in the attached graphic, offer MSSPs the flexibility and firepower to tailor solutions to their customers’ unique environments, enhancing their overall security posture.

Cost Reduction Meets Scalability

Budget constraints often challenge MSPs and MSSPs when scaling operations. Our platform addresses this head-on by consolidating numerous tools and processes into a unified solution, significantly reducing costs. The multi-tenancy design ensures scalability, empowering you to grow your client base without exponentially increasing expenses or resources.

Proactive and Holistic Cyber Defense

With Léargas Security, MSSPs can transition from a reactive to a proactive security model. The platform’s advanced threat detection, AI-driven analytics, and real-time monitoring capabilities allow service providers to identify vulnerabilities and mitigate risks before they escalate. Whether combating ransomware, phishing, or insider threats, the platform delivers 24/7 protection tailored to your needs.

Why MSSPs and MSPs Need Léargas Security

In an era where the cost of a data breach can cripple a business, providing robust, reliable security is non-negotiable. Léargas Security empowers MSSPs and MSPs to:

  • Elevate their service offerings with enterprise-grade tools.
  • Deliver measurable ROI to clients through reduced risk and improved compliance.
  • Scale operations efficiently while cutting down on operational complexity and cost.

Ready to Close the Security Gap?

Whether you’re an MSSP looking to stay ahead of the competition or an MSP ready to expand your security offerings, Léargas Security provides the platform to elevate your services and meet today’s cybersecurity challenges head-on.

Explore our platform and integrations today at Léargas Security.