Security Challenges in the Value Chain and the IV Study 'Companies and Security'


We have presented the IV 'Cybersecurity and Business' Study in the context of the event 'Security Challenges in the Value Chain', shared with representatives of the Central Bank of Spain, Department of National Security, INCIBE, Trescore Proyectos, Mapfre, Kyndryl and ESYS Foundation.
This year it was time for a new edition of the 'Business and Security' study that we started in 2017. The results were collected between March and May 2022 and we presented the results at the event 'Retos de seguridad en la Cadena de Valor' (Security Challenges in the Value Chain), which we shared with Ignacio Babé (Club Excelencia en Gestión), Elena de la Calle (Department of National Security), Silvia Senabre (Central Bank of Spain), Alfonso Pastor (LEET Security), Antonio Navas (Kyndryl Iberia), Cárlos López Blanco (ESYS Foundation), Fátima Ballesteros (Trescore Proyectos), Jacinto Mu ...

(Read more)
17 de octubre de 2022

New ENS and how it affects you - Article in Red Seguridad


The new issue of Red Seguridad magazine is now available.
And in it, an interesting article by our CEO, Antonio Ramos, about the changes brought by the new National Security Scheme 2022.
You can download the full PDF here (Only in Spaish - Page: 52).
And if you want more information about the new ENS, don't miss the video of the event we held last month on the subject, breaking down the changes and how it affects you if you operate in the public sector.

All you need is LEET

Suscribe to our newsletter here

(Read more)
4 de julio de 2022

Unisys renews its rating for the fifth year

Unisys, a global technology company that develops solutions focused on high-performance security for the most demanding companies and governments, has renewed the cybersecurity qualification for its support and maintenance services for applications and information systems.
This is the fifth consecutive year that the company has renewed its cybersecurty rating, since 2019, once again demonstrating its commitment to safety and its desire to improve, in addition to accrediting the implementation of a safety management system and the effective application of a framework of control and security measures at a high level.
The qualification has been obtained after a complete and rigorous evaluation carried out by LEET Security, a guarantee of reliability in all management processes and in the execution of the projects and services that Unisys provides to its clients. In particular, regarding the support and maintenance service for applications on ...

(Read more)
28 de abril de 2022

IBM revalidates its HIGH ENS and its AAA-level LEET Security rating

(In the photo, from right to left: Rodrigo Hornos, Principal IBM Cloud Compliance Leader, and Alfonso Pastor, Delivery Director Partner of LEET Security, showing the certificates obtained, at IBM headquarters)
IBM revalidates the certification in accordance with the National Security Scheme (ENS) in the HIGH category and the LEET Security rating with AAA level for the Public Cloud services based on its CPDs in the European Union. The multinational has obtained both through an audit process that unifies the evaluation of the security measures contemplated in both schemes.
To achieve the two accreditations, LEET Security has assessed not only the operation according to the certified security management system that IBM has for these same services, but also the level of robustness and rigor of the security measures themselves. with which the qualified services are managed, as well as the recovery ...

(Read more)
29 de marzo de 2022

We endorse the Lisbon Declaration

In our interest in a safer Digital Ecosystem, we have signed the Lisbon Declaration, launched by the Portuguese Presidency of the Council of the European Union to define a new digital transition paradigm.
The “Lisbon Declaration – Digital Democracy with Purpose” was launched in June 2021 in order to reinforce the “European way of doing business” as a globally recognized value proposition and unique competitive advantage that raises standards by:
  • Balance technological development with respect for ethical principles and the promotion of human rights.
  • Promote digital international cooperation and multi-stakeholder approaches by uniting the efforts of governments, public administration, business, NGOs, academia and citizens.
  • Promote an economy based on green and digital technologies as enablers of social cohesion, prosperity, innovation and competitiveness.

This initiative seeks to build a common framework on 13 digital principles:

- Digital identity
- Privacy, data protection and cybersecurity ...

(Read more)
18 de enero de 2022

LEET on Cinco Días newspaper about Privacy

Although companies are aware of the need to respect people's privacy, they carry out a risk management exercise, and many times "they assume non-compliance with regulations in exchange for achieving a certain profitability".
With the title "Companies risk breaching data protection regulations", the Cinco Días newspaper reviews the areas in which more sanctioning processes have been opened since the RGPD came into force and has the participation of our CEO Antonio Ramos.
Read it here (in Spanish).

All you need is LEET

Suscribe to our newsletter here

(Read more)
14 de diciembre de 2021

FC Barcelona trusts LEET Security to select its tech providers

FC Barcelona demonstrates its commitment to cybersecurity and requires that its technology providers must have at least a BBB level in their LEET Security rating.
What they are asking for is:

  •     Demonstrable initiatives through innovative actions in the field of cybersecurity, one of them being related to the deployment of OT / IOT technologies in sports facilities.
  •     Provider plans with the 2030 agenda (Sustainable Development Goals) and how they are transferred to the requested service.
  •     Be in possession of the ISO22301 business continuity certification for the processes involved in providing this service.
  •     LEET Security with a minimum ICT Rating of BBB for cybersecurity services.
  •     Be in possession of the ISO 37001 Anticorruption and business ethics certification.
  •     Have the ISAE 3402- SOC 2 type II report available for the processes involved in the provision of this service and issued by an independent ...

(Read more)
14 de diciembre de 2021

LEET in El País technology:

“Small and medium-sized companies thought that this did not affect them, but the pandemic has shown, the hard way, that it did. And the SMEs have had to put the batteries and the antivirus."

This quote, from our CEO Antonio Ramos, appears today in an article in El País Tecnología with the title: "Small but safe, how SMEs are shielding business telephones."

The article is collected in the Technology with Purpose section, sponsored by Samsung, and you can read it in full here.

All you need is LEET

Suscribe to our newsletter here

(Read more)
9 de diciembre de 2021

The PIC model is dead. Long live the PIC model

Our CEO Antonio Ramos has published an interesting reflection on the survival of the PIC Model in the Red Seguridad magazine.
"The current model for the protection of critical infrastructures was born more than 10 years ago in line with what was advocated in Europe and represented a total change in the scenario in the way in which security, in general, and cybersecurity were addressed, in particular to ensure the provision of essential services in the face of the growing threat of intentional attackers (...)
But the passage of time and the evolution of the sector mean that the level of maturity is different and we have to ask ourselves if that approach is the best for the current moment or if it could be revisited to evolve it .... "
Continue reading it here (Only in Spanish - pages 34 and 35).

All ...
(Read more)

22 de noviembre de 2021

Cybersecurity, the pending issue of e-health

Health is already digitally managed. Medical records, appointments, health control are now digital. But cybersecurity in this sensitive sector has not evolved in tandem, and now, in a pandemic, we have noticed it a lot.
Interesting reflection in the Diario Médico magazine that points out system problems and proposes solutions.
Read it here (PDF in Spanish)

All you need is LEET

Suscribe to our newsletter here

(Read more)
27 de octubre de 2021

SIC magazine awards Pinakes at its 17th Security Dinner

One more year, SIC magazine hosted its annual awards ceremony at the well-known Safety Dinner, 17 so far and counting, recognizing the commitment to the cybersecurity of the Spanish banking sector.
These awards, a benchmark in the sector, recognise the excellent work and contribution to cybersecurity of the most outstanding entities and professionals. And in this edition they have awarded LEET Security and the Centro de Cooperación Interbancaria jointly for the launch of Pinakes, the platform for managing the vendor risk management at the financial sector. It simplifies the process for selecting suppliers by credit institutions, enables them to comply with European regulations and increases the overall efficiency.

When presenting the award, collected by Antonio Ramos, CEO of LEET Security, and Herminio Del Campo, General Director of the CCI, the jury highlighted how this system reinforces the cybersecurity of ...

(Read more)
7 de octubre de 2021

Cybersecurity 3.0 on Red Seguridad

Investment in cybersecurity will grow this year between eight and 20 percent, depending on the source consulted. It is not a negligible figure, but given the increasing number of incidents that reach our eyes and ears every day, we may think that it may not be enough.
In this article, published in the magazine Red Seguridad, our colleague Alfonso Pastor describes the current challenges of cybersecurity and how our methodology continues evolving to adapt.
Read it in full here (in Spanish).

All you need is LEET

Suscribe to our newsletter here

(Read more)
25 de agosto de 2021

Standardization Vs Risk management: A Smart Industry Interview

"#CyberSecurity Certificaction is perfect for establishing a minimum level of requirements to start doing business in a field, but then we should open the hand to offer other kinds of mechanism that have proven useful in other markets, such a #rating, labeling, self-assessment, or auditing"
Our CEO, Antonio Ramos, interviewed on Smart Industry (So far only on paper)

All you need is LEET

Suscribe to our newsletter here


(Read more)
21 de julio de 2021

Help us with the new version of our methodology

We want to hear from you!
Because we have a new version of our methodology (version 3.0) and we want your help to make it really complete.
Our main concern is your security, so, on a recurring basis, we update the framework of controls that we use in our audits in order to increase the confidence that the LEET Security rating conveys.
Technology is developing by leaps and bounds and is increasingly part of our lives, occupying larger areas day buy day. Therefore, proper cybersecurity management is not only increasingly important, it must necessarily be up to date.
The guide for version 3 of our methodology is now available for download and, until August 31, the process will be open to receive comments and proposals for modifications.
We take your contributions very seriously. We want to hear from you ...

(Read more)
3 de junio de 2021

LEET Security and Pinakes on Cinco Días Newspaper

Spanish banks join forces and create a ‘marketplace’ to prevent cyberattacks.
It sets up, through the Interbank Cooperation Center, a centralized supplier supervision system to make the entire ecosystem more secure.
Today we appear on the cover of Cinco Días at the launch of Pinakes.
Read it in full here.

All you need is LEET

Suscribe to our newsletter here

(Read more)
3 de marzo de 2021

2020 analysis of audited companies

What are the pricipales security breaches of Spanish companies?
Red Seguridad magazine has published an analysis of the study that we have carried out on our audited companies, where the access control and network domains stand out.
Read it in full here.

(Read more)
15 de febrero de 2021

How is it gonna be 2021 on security?

"It is clear that in 2021 we will continue to see new attacks targeting the supply chain ..."
SIC Magazine has published a special with forecasts on #cybersecurity for this year and thus begins those of our CEO Antonio Ramos.
Do not miss it. Download your copy from its website.

All you need is LEET

Suscribe to our newsletter here

(Read more)
15 de febrero de 2021

'Telecommuting, a new scenario with old threats' on Interempresas

Who was going to tell us, not long ago, that what many companies used to consider as a 'plus' for their employees, an advantage for family conciliation, would become a necessity?
This is how the article in which our colleague Rogelio Saavedra, security auditor for LEET Security, begins. In it he describes, for InterEmpresas magazine, the threats and challenges faced by the growing use of teleworking from a security point of view.

All you need is LEET

Suscribe to our newsletter here

(Read more)
3 de febrero de 2021

LEET Security at Gente despierta, in RNE


"Cybercrime already moves more money than drug trafficking"
We have started the year with our CEO, Antonio Ramos, participating in RNE's 'Gente Despierta' program to talk about what the job is like in the cybersecurity sector.
Listen to it in full at this link (min. 16:35)
Quite interesting!

All you need is LEET

Suscribe to our newsletter here

(Read more)
20 de enero de 2021

LEET at the Pinakes presentation

In the image, from left to right, Herminio del Campo, Director of the CCI, and Antonio Ramos, CEO and founding partner of LEET Security.
Yesterday, January 19th, at the CCI headquarters, Pinakes, the new cybersecurity management service in the financial sector, was presented to sector's providers, with the participation of LEET Security.
Pinakes is a revolution in the cybersecurity management in the banking sector, thanks to the technology of LEET Security, whose partners Antonio Ramos and Alfonso Pastor, presented to the suppliers, together with the director of the CCI, Herminio del Campo, the operation of what It will be Europe's pioneering security management platform.
In the words of Antonio Ramos: "Pinakes is a unique service at the European scene that highlights the cutting edge character of Spanish banking and that will undoubtedly make the Spanish business ecosystem more ...

(Read more)
20 de enero de 2021

2021... ¿And now you what?

The year of the pandemic has also been the year of testing, among other cybersecurity challenges, if our systems could withstand so much teleworking. And 2021 will bring new problems, some of which we can already glimpse.
A new article in IT Digital Security magazine with the predictions of our CEO Antonio Ramos about what 2021 will be in terms of cybersecurity.
Read it in full here.

All you need is LEET

Suscribe to our newsletter here

(Read more)
4 de enero de 2021

Cyber Due diliegence and rating in Funds Society

In a new article in the magazine Funds Society, our colleague Alfonso Pastor, partner at LEET security, points to rating and cyber due-diligence as keys to protect mergers and acquisitions of financial institutions.
Currently, information security is not a technological issue, but a key factor in business risk management. It is essential that entities dedicated to assets management carry out an cyber due diligence when addressing a new incorporation, in addition to analyzing the financial and legal aspects, broading the scope to include also its suppliers, to ensure that there is an adequate and sufficient level of security to prevent a cyberattack that would became an unacceptable risk for the investment.
Read the complete article here.

All you need is LEET

Suscribe to our newsletter here

(Read more)
16 de diciembre de 2020

Techie Day at Melodía FM


Our CEO Antonio Ramos shared computer anecdotes abbout the techies on their day (December 9) with Juanma Ortega in his program “Despiértame Juanma”, at Melodía FM,

Who hasn't had a funny story with these gadgets and this crew?
He will leave you nodding and smiling ;-)
Listen to the full interview (in Spanish) using by clicking here

All you need is LEET

Suscribe to our newsletter here

(Read more)
11 de diciembre de 2020

The main firewall against cyberattacks: people

Forbes has published a special on cybersecurity in which we participated.
In this unusual year, many companies around the world have had security problems, causing many companies to put the privacy of their users or customers at risk, having to assume important economic and reputational responsibilities.
You can read it here.

All you need is LEET!

Subscribe to our newsletter here.

(Read more)
2 de diciembre de 2020

Computer forensics and remote work in times of zombies

Digital forensic science is a field born of cybersecurity, specialized in everything related to the recovery of evidence from digital storage media, applying traditional forensic processes and procedures, and in these times of 'zombies' and teleworking it faces new challenges.
Our colleague Rogelio Saavedra shares his point of view in this regard in this report published in the magazine Red Seguridad.
Read it here.

All you need is LEET!

Subscribe to our newsletter here.

(Read more)
26 de noviembre de 2020

Airlines (again) a target for cybercriminals

Recently, several cases have revealed that airlines have become a regular target for cybercriminals. Our colleague Rogelio Saavedra write about this in the magazine Smart Travel.
Read the whole article, here (in Spanish).


All you need is LEET!

Subscribe to our newsletter here.

(Read more)
25 de noviembre de 2020

Four steps to a cyber-safe Health System

A reflection in four steps to achieve a cyber-safe Health System, signed by our CEO, Antonio Ramos, and published in the magazine Acta Sanitaria.
Here, the whole article (in Spanish).

All you need is LEET!

Subscribe to our newsletter here.

(Read more)
25 de noviembre de 2020

46% of cyberattacks against Spanish companies enter through their suppliers

Interview in 20 Minutos newspaper with our CEO Antonio Ramos


The newspaper 20 Minutos publishes an interview with our CEO, Antonio Ramos, in which he alerts that "cybercriminals are always looking for a way to obtain profitability from their criminal activity."

In the interview, he also reviews the current situation of cybersecurity in Spanish companies, pinpointing the most significant data from the III Companies and Cybersecurity Study, carried out in the spring of this year.

you can read the complete interview here

And if you are interested in knowing the study in more detail, download it at this link.


All you need is LEET!

Subscribe to our newsletter here.

(Read more)
1 de octubre de 2020

LEET Security will be represented in the Cybersecurity Certification Stakeholder Group (SCCG) of the European Commission.

The SCCG will have the responsibility to advise the European Commission and ENISA on strategic issues concerning cybersecurity certification, while assisting the Commission in preparing the Union Rolling Work Programme.

Our CEO, Antonio Ramos, has been selected by the European Commission, as representative of our company, to be a member of the Stakeholder Cybersecurity Certification Group (SCCG). It is a great opportunity to contribute to the activities and role of the SCCG, which aims to overcome the current fragmentation of the European market, by supporting actions towards a harmonized model of the European Cybersecurity Certification Framework.

The Stakeholder Cybersecurity Certification Group has been launched under the Cybersecurity Act and will help the European Commission and ENISA to facilitate consultations with relevant stakeholders. To do so, the group will have several functions, including:

    a.- advising the Commission on strategic issues concerning ...
(Read more)

26 de junio de 2020

Evolutio has LEET Security qualification and ENS certification for its services.

The recently presented Evolutio, a leading company in the integration of cloud and communications services, inherits from BT Spain the cybersecurity accreditations that the company recently renewed with LEET Security: BBB and ENS rating in the medium category, for some of its main services, through of an audit process that unifies the evaluation of the security measures contemplated in both schemes.
The scope, which in its initial evaluation referred to data center services and Cloud infrastructure (IaaS), has been expanded for ENS certification, which now also applies to the information systems on which professional services are provided. Personalized Management, as well as connectivity services Ethernet Connect and IP Connect.
In this way, the company includes most of its services in the certification coverage, since Personalized Management refers to the professional services deployed on the Evolutio portfolio, which includes the functions ...
(Read more)

23 de junio de 2020

We improve our monitoring service

We introduce improvements in the service we provide to our clients, particularly in the monitoring service, with the use of MrLooquer technology, and we reinforce the security of the system for sharing documentation.

LEET Security's cybersecurity rating methodology is developed cyclically, with annual audits being the fundamental means of granting the rating, but not the only one. As described in the rating guide, the services are subject to monitoring throughout its validity.

One of the components of this continuous monitoring consists of the digital supervision of the entity, which has been carried out by reviewing "pastebines" type forums. To have a better perspective on this aspect, we have signed an agreement with the Dualogy company, for the use of its MrLooquer tool, which allows us to monitor the footprint of our clients on the Internet and to know, in ...
(Read more)

21 de mayo de 2020

UNISYS renovates its LEET Security's rating


Unisys has recently obtained the renewal of the security rating for its support services and maintenance of applications and information systems, maintaining the global level BBB, although it has obtained a higher result, level A, for some of the corresponding sections. Systems Operation, Personnel Safety, Resilience and Safe Development.

Thus, in addition to accrediting the implementation of a security management system and the effective application of a control framework and high-level security measures in the three dimensions evaluated (confidentiality, integrity and availability), it is I manifest the vocation to improve its cybersecurity capabilities with which the company operates.

The complete and rigorous evaluation carried out by LEET Security to grant this rating is a guarantee of reliability in all the management and execution processes of projects and services that Unisys provides to its clients.

In addition to the audit carried ...
(Read more)

21 de abril de 2020


Following the recommendations of the health authorities, given the evolution that the epidemiological outbreak of COVID-19 is presenting, and in particular to reduce both travel and meetings, at LEET we have established the following measures:

· For accreditation maintenance activities, an alternative evaluation process has been established, eliminating all on-site activities and replacing them with other remote evaluation techniques.
· Initial audits or expansion processes will be attempted remotely. If this is not possible, they will be temporarily postponed.
· In any case, these anomalies will be adequately justified and recorded, as established by the ENAC recommendations in this regard.

These measures will be applied in the period between March 16 and April 30, a period that could be modified if the extraordinary measures established by the Government continued.

From LEET Security we will notify the affected entities in due time, indicating ...
(Read more)

16 de marzo de 2020

Antonio Ramos on ENS on its tenth anniversary.

“With the ENS certification it is achieved that the suppliers of the Public Sector can proceed, with a single audit, to certify their systems and services”

An article by our CEO published in IT Digital Security magazine on the ENS in the year in which the National Security Scheme turns a decade old. Happy Birthday!

Clicking on the image you can read the full article (in Spanish)


All you need is LEET

Suscribe to our newsletter here

(Read more)
10 de marzo de 2020

LEET Security with the elite sport supporting Dani Molina and Loida Zabala


LEET Security joins ‘Patrocina un deportista’ (Sponsor an Athlete) program as one of the new sponsors supporting the Olympic and Paralympic sport. In a year as important as this, with an eye on Tokyo 2020, the goal is to achieve dreams together with athletes who want to be at Olympic event. LEET Security begins to support triathlete Dani Molina and weightlifter Loida Zabala.

Dani Molina has always had the sport as a fundamental part of his life, but with 22 years everything changed. Dani suffered a serious motorcycle accident and, however, far from giving up after losing his right leg, going through various operations and a year of recovery until he could walk again, he decided to go swimming again (one of his passions as a child). From there he jumped into practicing triathlon. He has managed to become champion ...
(Read more)

11 de febrero de 2020

Interview about security with our CEO at Melodía FM


Our CEO Antonio Ramos shared his vision on safety of technological devices, such as smart speakers, that have been a star gift this Christmas with Juanma Ortega in "Despiértame Juanma" program, Melodía FM. Don't miss it!

Who does not have at home a smart TV, a smart speaker or a doll with an internet connection? Do you know if these products have passed a cybersecurity test?

Listen to the full interview using this this link

All you need is LEET

Suscribe to our newsletter here

(Read more)
30 de enero de 2020

IBM achieves LEET Security's AAA rating and ENS certification

IBM has obtained concurrently the certification of conformity with the National Security Scheme (ENS) in HIGH category and the LEET Security rating with AAA level for the Public Cloud services based on its European Union CPDs. The multinational has obtained both through an audit process that unifies the evaluation of the security measures contemplated in both schemes.

For the achievement of the two accreditations, LEET Security has assessed, not only the operation according to the certified security management system followed by IBM for these same services, but also the level of robustness and strengh of the security measures themselves implemented for the rated services, as well as the ability to recover in the event of incidents, thus providing IBM customers with clear and transparent information about the security of their services.

The technological multinational thus takes another step in the ...
(Read more)

5 de noviembre de 2019

Barcelona 7th and 8th February. Supply Chain Cybersecurity

The security of the supply chain is becoming one of the most important aspects on the agenda of many organizations. This may be due to regulatory impositions, as is the case of financial institutions, on the part of both the European Central Bank (ECB) and the European Banking Authority (EBA), or also due to a growing awareness of the impact that the supply chain has on the business itself. And this awareness has a lot to do with the application of the European General Data Protection Regulation, which explicitly obliges the controllers to ensure that the third parties to whom they subcontract the processing of the data in their possession comply with the security measures that the responsibles should demand them.

Although, in fact, the concern for the supply chain extends beyond the personal data, since from that chain also ...
(Read more)

27 de enero de 2019

New Publications related to National Security Scheme

We have heard some news in these first months of 2018 related to the National Security Scheme (ENS), mandatory compliance framework in terms of IT security in Public Administration  field.

In February, LEET Security was accredited as certification entity in accordance with the ENS, and in April the approval resolutions of two new Technical Security Instructions were published in the Official Government Bulletin; whose objective is to properly develop the implementation of requirements and measures included in the ENS (Royal Decree 3/2010). 

On the one hand, the resolution of March 27, 2018 approves the Technical Security Instruction for Information Systems Security Audit  (BOE-A-2018-4573). And secondly, the resolution of April 13, 2018 approves the Technical Security Instruction for Security Incidents Notification  (BOE-A-2018-5370). 

The purpose of the Audit Security Technical Instruction is to establish the conditions for carrying out the ...
(Read more)

13 de junio de 2018

Stratesys achieves LEET Security's rating

Spanish digital services multinational Stratesys has obtained the Cybersecurity rating from LEET Security, which credits its effectiveness and quality in the development, support and maintenance of applications on the virtual environment of its clients. This certification shows the effective application by the consulting company of a high control framework and security measures in the three evaluated dimensions: confidentiality, integrity and availability.

The rating recognizes not only Stratesys' operations in terms of security management but also endorses the level of robustness and rigor of the security measures with which it provides remote services for support and maintenance of applications.

In this sense, Andreas Makrandreou, partner-director of Stratesys, assures that "the recognition of LEET Security is a guarantee of reliability and excellence in all the processes of management and execution of projects and services that we are providing to our clients. In ...
(Read more)

18 de mayo de 2018

E-Qualify is here

The long time expected self-assessment tool

Finally, it is here. For some time now, our clients and other entities interested in rating have been asking us for a simpler form, but keeping all the rigor incorporated within our methodology, to carry out the evaluation of their cybersecurity levels online.

And this is what we have done, incorporating all the controls and algorithms used in the qualification, within the E-Qualify tool, to carry out the analysis in a self-assessment format.

E-Qualify contains the complete rating framework, which allows the assessment of all aspects related to security in the provision of its services, covered in the 14 domains and 76 sections of the methodology, to provide the result based on the answers provided during the process. The evaluation report includes not only the global score, in the three dimensions of Confidentiality, Integrity ...
(Read more)

22 de abril de 2018

LEET Security at Gestiona Radio

Last April, 27, LEET Security participate in the Club de la Excelencia en Gestión section at program Pulso Empresarial with Antonio Ramos, together with Miquel Romero i Grané, Members and Knowledge Director to present the resutls of the Study 'Corporations and Cybersecurity'.

During the interview, we review the more relevant results of this Study, together with a short and clear explanation of key points of security rating: what is security rating? What elements are assessed? What is the meaning of rating?... And, also, some reflections on the impact of new privacy regullation (GDPR), cybersecurity accountability in corporations or, even, how rating could be incorporated into corporate compliance.

Interview can be hear in the followink ling from minute 30 ahead (in Spanish): link to the podcast and the CEG review of the interview at this link.


(Read more)
18 de mayo de 2017

ISACA Valencia webinar: How to manage the cybersecurity of hundreds

In this webinar organized by Valencia Chapter of ISACA, we share the paper given by Antonio Ramos in CSX2016 Europe event organized by ISACA in London, past October. As stated in the title, we will address the options an organization has to know, to understand and to manage the cyber risk of relationships with third parties, both providers and partners, connected and non-connected services and, of course, taking into account the organization risk appetite.

In this link you can register and, in the following days, we will also share the record of the webinar for being watched in the future... (link to recorded session)

¡¡Join us!!

(Read more)
18 de mayo de 2017

Another NSA Contractor Arrested in Possible New Theft of Secrets

After Snowden, some days ago media published a new case. Again, a Booz Allen Hamilton employe has been charged of secrets theft. It is not clear yet, if he has passed this documents, if he is a spy o if, simply, he was storing that information.

Read more about these news in our journal "Information Security rating and labeling magazine" or at:

The New York Times, "N.S.A. Contractor Arrested in Possilbe New Thef of Secrets"

Schneier on Security, "NSA Contractor arrested for Stealing Classified Information"

HelpNetSecurity, "Why attaching security to each piece of data is critical"

Forbes, "After Snowden, Another Booz Allen Contractor Accused of Stealing NSA Files"

SecurityAffairs, "Once again an NSA contractor is the headlines for the alleged theft of secret exploit codes and highly confidential documents"

(Read more)
8 de octubre de 2016

LEET Security selected to present at gigaTIC16

The paper presented by LEET Security to Iberoamerican Congress of ICT Governance and Advanced Management (gigaTIC16), "(Security) Vendor Risk Management: You cannot live without it", has been selected by the organizing committee of ISACA Barcelona and itSMF España at Catalonia. Therefore, next April, 28th at Telefónica Difital 00 Auditorium in Barcelona, we will have the opportunity to share how security rating can be used in vendor risk mamagement processes.

In our presentation, we will analyze how the growing dependency of third parties due to tendencies like digital transformation or shadow IT, makes necessary to analyze and manage the cybersecurity risk of that vendors. And, once you hace to manage third party risks, we will explore how security rating improves effectiveness and efficiency of this process allowing managing a high numer of vendors with a very adjusted resources allocation ...
(Read more)

25 de abril de 2016

Cloud Security Workshop hosted by European Commission

Next March, 18th, European Commission is hosting a workshop on cloud security with the subtitle: "Building Trust in Cloud Services - Certification and Beyond". The workshop will be facilitated by the European Commission and will focus on the following issues:

  • Cloud Security in the context of European Commission initiatives
  • Network & Information Security Directive and Cloud Computing Services
  • Best Practice: Risk Management of cloud computing services
  • Transparency: Incident Notification and Information Sharing for cloud computing services
  • Recognition: Cloud Certification Schemes & Assurance Levels
  • Impact Factors: Service Authentication, Law Enforcement Access, and Export Controls on cloud services

In each session throughout the day, panels of experts in cloud computing will touch on their own experience to convey their perspective of these issues. Participants will be invited to actively discuss their own experience of these issues and together prioritise mechanisms to address them.

LEET Security ...
(Read more)

22 de febrero de 2016

Aiuken Solutions achieves rating for its managed security services

On December 30, 2015, Aiuken Solutions achieved the rating seal of its services under the assessment and labeling methodology by LEET Security.

Aiuken has addressed the rating of services provided from its managed security center (SOC), consisting of "Managed Security Services" (which include data protection services, IT systems operation and threat management), “Web Application Firewall (WAF) services” and the "Anti-DDoS services", obtaining in all of them the triple C C C rating, which demonstrates the effective implementation of a large framework of control and security measures in all three evaluated dimensions (CIA: confidentiality, integrity and availability).

LEET Security rating evaluates beyond operational practices according to a ISMP, but the level of robustness and rigor of their own security measures implemented into the services and the resilience in case incident, providing Aiuken’s customers with a clear and transparent information on ...
(Read more)

13 de enero de 2016

LEET Security will develop the industrial cybersecurity capacity building model for INCIBE

INCIBE, entity under Ministry of Industry, Energy and Tourism, and LEET Security, have signed a collaboration agreement to jointly develop a cybersecurity capability building model for industrial systems and applicable to strategic and critical infrastructures.

This model will be based on the methodology developed by LEET Security to build up a labelling system that rates the efectiveness and maturity of security measures implemented by providers in their ICT services, and that will be adapted and evolutioned together with INCIBE to keep the allignment with international standards and good practices like NIST, ISA, ENISA, etc., as well as the own LEET Security model, creating a rating system based on 5 levels, from E to A.

This model to be developed will be also alligned with the rest of initiatives developed in the Security and Industry CERT (CERTSI_) dependent on INCIBE and ...

(Read more)
7 de septiembre de 2015

Collaboration agreement with Mostoles City Council, Reliable and Cybesecure Smart City

LEET Security has acceded to the Collaboration Agreement "Smart City" of Móstoles City Council with the project " Reliable and Cybersecure Smart City" that seeks to assure that technological services that support smart city projects started in the town are trustworthy.

This project will develop, firstly, a pilot phase with ICT services users related with Mostoles City Council and associated entities to evaluate and identify the cybersecurity requirements that should be added to those ICT services in order to provide confidence and privacy conditions to the information managed.

And, secondly, special conditions will be offered to ICT service providers located in Mostoles for adhering to security rating and labelling services, so that Mostoles town will become a pole of attraction for technological service providers that would bid for transparency and cibersecurity as they would become a reference at an European ...
(Read more)

25 de mayo de 2015

Rural Servicios Informáticos, first provider in gaining rating label from LEET Security

Rural Servicios Informáticos (RSI), entity that provides core banking services to Rural Groupo and other financial entities, has become first organization in rate the security of services provided gaining a B B A label according to LEET Security rating system.

RSI has become the first organization in gaining the rating security label offered by LEET Security.

RSI has undergone the rating of its 3 main services offered ('Services to Members', 'Services to Third Parties' and 'Internal Services') obtaining in all of them the level B B A. This rating level shows the effective application of a high control framework and security measures in the three dimensiones rated (confidenciality, integrity and availability).

The innovative security rating service offered by LEET Security provides information to RSI clients about security measures implemented, as well as its reponsed capacity in case of incident ...
(Read more)

4 de mayo de 2015

INCIBE publishes LEET SECURITY labeling in its section "Make Trustworthy Business"

INCIBE (Instituo Nacional de Ciberseguridad) has just published leet security rating mechanism in its website section "Make Trustworthy Business". This publication entails an analysis process by INCIBE abouth mechanism characteristics that ends with the publication of a summary of the main system characteristics in the website (link). 

As general summary, as stated in the information published by INCIBE, "this labeling / kite mark implies a rating of the provider being reviewed [the one that provides the service rated]. Therefore is quite important to check the rating of the label. This rating, refering to three dimensions of security, rates from A to E. In this scale, A means a higher security and maturity than E."

From leet security we would like to thank INCIBE by the willingness to add our security labeling mechanism to this section of its website due to the ...
(Read more)

24 de noviembre de 2014

LEET SECURITY security rating system recognized by ENISA

European Union Agency for Network and Information Security has just published the list of existing cloud certification schemes that includes the first security labelling system developed by LEET SECURITY over its rating system.

European Union Agency for Network and Information Security (ENISA), supporting the activities of the EU Cloud Strategy, has published a list of the existing Cloud Certification schemes (CCSL – Cloud Computing Certification Schemes List). This initiative will help potencial cloud users decide on the security of different cloud solutions. The list was developed by ENISA in close collaboration with the European Commission and the private sector (EC Certification Selected Industry Group).

CCSL gives an overview of different existing certification schemes which could be relevant for cloud computing customers. CCSL also shows which are the main characteristics of each certification scheme. For example, CCSL answers questions like "who issues ...

(Read more)
21 de noviembre de 2013

eVicertia, first company in adopt the rating system of leet security

Evicertia understands the importance of provide transparency to the security they implement in their services and, for that reason, it has relied on leet security rating system to label the security of all its services.

eVicertia (Evidencias Certificadas, SL), in his continuous efforts in security, understands that transparency is essential to build up trust with its users and, for that reason, it has decided to become the first company in adopt the rating system proposed by leet security, rating agency.

Thanks to this agreement, eVicertia and leet security will work together to verify the applicability of rating guide in all the services of certified notification provided by eVicertia (eviNotice, eviMail, eviSign y eviSMS) and the use of this security labeling system in these services.

Full text of press release (in Spanish) [PDF]

(Read more)
2 de abril de 2013

Leet Security will participate in Segurinfo España 2012

Antonio Ramos, CEO of  security rating agency will participate in the first edition of  Segurinfo organized by Usuaria Association in Spain the next 21st of November in the Palacio de Congresos (Madrid). Conference talks are organized in two tracks, one about security economics and other about cybersecurity and our CEO participation will be "Buying security services" and will talk about utilization of security rating for solving asymmetric information issues in ICT services. We will see you there...

(Read more)
31 de octubre de 2012

Partnership agreement with ANEI

Leet security, security rating agency, expands its agreements with Spanish technology Associations

Thanks to the collaboration with ANEI - National Association of Companies in Internet, now members of this association can access security rating services offered by leet security under special conditions

Full text of the press release [in Spanish]

(Read more)
30 de julio de 2012

Agreement to ease access to rating services for EuroCloud Spain members [ES]

EuroCloud España, consciente de las garantías demandadas por los usuarios acerca de la seguridad y confidencialidad de los datos almacenados en la Nube, ha firmado un acuerdo de colaboración con la agencia de calificación de servicios TIC, Leet Security, para facilitar el acceso de sus asociados a este sistema de generación de confianza.

La calificación ofrecida por Leet Security sobre los asociados de EuroCloud España contará con el respaldo de la organización de cloud computing y estará disponible para su consulta. De esta manera, aquellos interesados en contratar soluciones de cloud computing podrán comparar antes de contratar un servicio la confidencialidad, integridad y disponibilidad ofrecida por distintos los proveedores y elegir entre ellas según sus propias necesidades.

El sistema de calificación para la contratación de servicios TIC desarrollado ...
(Read more)

11 de junio de 2012

La Ministra de Empleo, Fátima Bañez, visita las instalaciones de Leet Security durante la inauguración oficial del Vivero de Empresas de Móstoles

Ayer, día 29 de mayo, tuvo lugar la inauguración oficial del Vivero de Empresas de Móstoles con la presencia del Alcalde de Móstoles, Daniel Órtiz (@danielortizesp) y la Ministra de Empleo y Seguridad Social, Fátima Bañez (@FatimaBanez). Después de la inauguración y antes de los discursos institucionales, tuvimos la suerte de contar con la visita de la comitiva liderada por la Señora Ministra a nuestras instalaciones en el Vivero. Os dejamos con los vídeos de la visita:

  • Vídeo oficial del Ministerio de Empleo y Seguridad Social

  • Vídeo de la Agencia de Noticias europapress (enlace).

(Read more)
30 de mayo de 2012

LEET SECURITY participará con una ponencia en el Academic ITGSM12

itSMF España junto a la Universidad Carlos III de Madrid, la Universidad de Oviedo y la Universidad de Extremadura organizan el próximo 28 de mayo, el Academic ITGSM12: VII Congreso Académico Internacional en Gobierno y Gestión del Servicio de las Tecnologías de la Información (TI).

El Congreso Academic ITGSM12 se centra en pedir a la comunidad Académica y de las empresas más innovadoras que compartan su visión, investigaciones y trabajos que ayuden a impulsar al tejido empresarial a avanzar ante este nuevo reto. Siguiendo esta línea argumental, la temática del congreso se agrupará en torno a las últimas prácticas, experiencias e investigaciones del Gobierno y la Gestión del Servicio de unas tecnologías de la información que son clave para la sociedad y la economía ...
(Read more)

17 de mayo de 2012

Conferencia ALI - CPITICM:

El próximo jueves, 26 de abril, a las 19:00, participaremos en la conferencia organizada por la Asociación de Titulados Universitarios Oficiales en Informática (ALI) y el Colegio Profesional de Ingenieros Técnicos en Informática de la Comunidad de Madrid (CPITICM) en el Salón de Grados de la Facultad de Informática de la UPM ubicada en el campus Sur (Ctra. Valencia, km. 7)

Título: Conferencia ALI - CPITICM: "La calificación de seguridad TIC" Lugar: Sala de grados Escuela Universitaria de Informática - Campus Sur UPM (Ctra. Valencia, km. 7 - Madrid) Hora de Inicio: 19:00 Date: 2012/04/26 Hora de Finalización: 21:00

(Read more)
23 de abril de 2012

Daniel Ortiz destaca el perfil innovador y pionero de los sectores laborales de los emprendedores del Vivero de Empresas

El regidor de Móstoles, que ha entregado las llaves de las oficinas, ha resaltado la vocación de los emprendedores seleccionados en la búsqueda de nuevos yacimientos de empleo, ideas relacionadas con las nuevas tecnologías y las redes sociales y, en general, de proyectos alejados de la oferta productiva habitual. El Alcalde de Móstoles, Daniel Ortiz, ha destacado el perfil innovador y pionero de los sectores laborales de los emprendedores que radicarán sus negocios en el nuevo Vivero de Empresas. El regidor, que ha entregado las llaves de las oficinas, ha resaltado la vocación de los emprendedores seleccionados en la búsqu3eda de nuevos yacimientos de empleo, ideas relacionadas con las nuevas tecnologías y las redes sociales y, en general, de proyectos alejados de la oferta productiva habitual. Enlace a la noticia original


(Read more)
20 de enero de 2012

SOURCE Barcelona

Next Nov, 16th we will be presenting at  Conferencia SOURCE de Barcelona about applicability of rating model to cloud computing services provisioning. In our talk we will address the advantages of applying this model to whatever kind of cloud computing services (IaaS, PaaS or SaaS) and how it will help to solve issues related with compliance. Thanks to the organizations, we have an invitation at 50% to assist the conferences, so if you are interested, please send us an email to info at

(Read more)
2 de noviembre de 2011