Press Release
Charges Dismissed Against Coalfire® Employees
Cybersecurity Testing Team Exonerated after Iowa Arrests
WESTMINSTER, CO – January 30, 2020 – Coalfire, a provider of cybersecurity advisory and assessment services, today announced that two of its employees who were arrested while conducting a standard penetration test to protect Iowa citizens from cybercrime have been exonerated.
Following discussions between representatives of Coalfire, the Dallas County Sheriff and the Dallas County Attorney, it was the decision of the Dallas County Attorney to dismiss trespass charges against the Coalfire employees. It is clear that on September 11, 2019 it was the intention of the Dallas County Sheriff to protect the citizens of Dallas County and the State of Iowa by ensuring the integrity of the Dallas County Courthouse. It was also the intention of Coalfire to aid in protecting the citizens of the State of Iowa, by testing the security of information maintained by the Judicial Branch, pursuant to a contract with State Court Administration.
Ultimately, the long-term interests of justice and protection of the public are not best served by continued prosecution of the trespass charges. Those interests are best served by all the parties working together to ensure that there is clear communication on the actions to be taken to secure the sensitive information maintained by the Judicial Branch, without endangering the life or property of the citizens of Iowa, law enforcement or the persons carrying out the testing. It is the hope of Dallas County and Coalfire that the Judicial Branch will work with them so that any issues carrying out such vital testing can be avoided in the future.
“We are pleased that all charges are dropped in the Iowa incident,” said Coalfire CEO Tom McAndrew.
The arrests raise national awareness on the quiet war being waged against cybercrime, and the critical role red team penetration testing plays in defending the integrity of public and private sector commerce.
“With positive lessons learned, a new dialogue now begins with a focus on improving best practices and elevating the alignment between security professionals and law enforcement,” said McAndrew. “We’re grateful to the global security community for their support throughout this experience.”
Debrief on the Arrest of Coalfire Pen Testers in Iowa
Brian Krebs interviews our pen testing team about their Iowa experience. For the first time, Gary De Mercurio and Justin Wynn discuss their arrest while conducting a physical penetration test in Iowa. They’re joined by CEO Tom McAndrew and Brian Krebs to highlight the impact for the security community.
About Coalfire
Coalfire is the trusted cybersecurity advisor that helps private and public sector organizations avert threats, close gaps and effectively manage risk. By providing independent and tailored advice, assessments, technical testing and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives and fuel their continued success. Coalfire has been a cybersecurity thought leader for nearly 20 years and has offices throughout the United States and Europe.
For media inquiries:
Mike Gallo
(212) 239-8594
luminacoalfire@luminapr.com