ILTA Voices
Episodes
Friday Jan 05, 2024
”Shields Up” Developing Your Defenses Against Cyber Attacks!
Friday Jan 05, 2024
Friday Jan 05, 2024
In this podcast interview, the speaker will provide best cybersecurity practices for law firms.
Questions the moderator will ask the speaker:
-Law firms deal with a treasure trove of sensitive client information. What are the top cybersecurity threats they face, and how can they effectively guard against them in today's ever-evolving threat landscape?-Considering the interconnected nature of legal systems and the vast amount of data transmission, how can law firms ensure the security of client data, both in transit and at rest? Are there specific encryption methods or best practices they should be implementing?-Phishing attacks and social engineering are persistent threats, especially with employees as potential entry points. What strategies or training programs do you recommend for law firms to protect their staff from falling victim to these increasingly sophisticated attacks?-In the unfortunate event of a cybersecurity incident, what steps should a law firm take in terms of incident response and recovery? How can they minimize the impact and get back on their feet as quickly as possible?-Employee training and awareness play a crucial role in any organization's cybersecurity strategy. How can law firms foster a security-conscious culture among their staff, and what ongoing training initiatives would you recommend?
Moderator: Kevin J. Foster, Sr., - Cybersecurity Operations Coordinator, White and Williams LLP
Speaker: Dr. Eric Cole, Ph.D. - CEO & Founder of Secure Anchor
Recorded on 01-05-2024.
Tuesday Oct 17, 2023
Performing Computer Forensics in the Cloud
Tuesday Oct 17, 2023
Tuesday Oct 17, 2023
In this podcast interview, the speaker will discuss the differences between doing forensics in the cloud and doing forensics on on-premises servers and hosts. In addition, the speaker will provide a key introduction to the overall tools and techniques utilized and lessons learned.
Questions the moderator will ask the speaker:-What does it mean to perform computer forensics in the cloud? How does this differ from performing computer forensics on computers and servers that are physically located within your environment?-What are the challenges of the data being volatile in a cloud environment? How do you address these challenges?-How do you validate a Cloud based collection, to ensure it completed successfully and is forensically sound?-What are some commercially available tools that are useful when performing forensics in a cloud environment?-How do you perform cloud computer forensics so that the evidence has the best chance of overcoming challenges to it being admissible at trial?
Moderator:@Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National Laboratories
Speaker:@David Greetham - Principal, PC Forensics - Level Legal
Recorded on 10-17-2023
Tuesday Jul 18, 2023
Why AI Should Be Part of Your Data Breach Response Plan
Tuesday Jul 18, 2023
Tuesday Jul 18, 2023
AI has become an integral piece of responsive/non-responsive coding for reviewing eDiscovery data, and in our last podcast in the series, we discussed how it is increasingly being applied to personal information identification and redactions in litigation and investigations. For this session, the speaker will focus on how AI is being used for data breach response and why it should be part of your response plan.
Questions the moderator will ask the speaker:
-What do you see as the status quo for how companies react when they’ve learned of a data breach, and what are some of the pitfalls?-What specific advantages does AI offer when compared with that status quo?-What are the risks associated with using AI for data breach response, and what hurdles have teams faced in adopting it?-What practical advice can you offer to the listeners on how to prepare for a potential data breach?
Moderator:@Andrea Shirey - IT Consultant, Bayer Corporation Legal
Speaker:@Dan Donegan - New Business Director at Text IQ
Recorded on 07-18-2023
Wednesday Jul 12, 2023
Dude, Where’s My Phone? Authentication and the Future of Legal IT
Wednesday Jul 12, 2023
Wednesday Jul 12, 2023
If there was a road map for security and authentication, it’s long gone now! We’re on the road to a Passwordless future and we live in a time where no one even answers their phone! This encore ILTA podcast will quickly bring you up-to-speed and help you…and your users help themselves with better password solutions!
Questions the moderator will ask the speaker(s):
1) This topic was presented at Legal Week and was very popular. Why do you think that is?2) What are the biggest challenges to “secure” authentication today?3) What are most of us doing well, and what do most of us need to do better when it comes to our authentication implementations?4) What is the future of authentication in IT? What are some trends?If you are a listener who is overwhelmed by this topic, where do you recommend people start to become more educated in this area?Moderator:@Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National LaboratoriesSpeakers:@Brian Clarke - Cybersecurity Manager, Porzio Bromberg & Newman@David Forrestall - Managing Partner, SecurIT360@Kenneth Jones - Chief Operating Officer, XerdictRecorded on 07-12-2023.
Tuesday Jun 27, 2023
Should You Phish In Your Own Pond?
Tuesday Jun 27, 2023
Tuesday Jun 27, 2023
Are controlled phishing campaigns against your members the best way to keep your respective firm secure from phishing? This podcast session will look at phishing simulation tools, their overall pros/cons and alternatives available to keep your members secure from getting hooked with that phish.Questions the moderator asked the speaker: 1. Phishing is thought to have originated in 1995 and love bug struck in 2000. Here we are today in 2023 and phishing is still our number one vector of compromise. We've been able to reduce the risk of malware: why is phishing such a struggle?2. All security programs preach the importance of user awareness training, and it's been a requirement of clients and regulations for many years now. The majority of user awareness programs utilize phishing simulations. So, I guess the questions is, Are phishing campaigns still a good route forward? Are they being successful at training our users not to fall for that phish?3. What's the best approach for including phishing awareness into your program? Is it best to continuously cast a line or occasionally try your luck at the phishing hole?4. I've been hearing more lately about User coaching and how technology can be leveraged to protect users from themselves while presenting coaching opportunities when they do things that they shouldn't. Is this a strategy that's effective in reducing the risk of phishing? I'm not sure it would be a technology talk if we didn't speak about AI. How do you feel the future of AI impacts the threat of phishing and what steps should we be thinking about now to try and get in front of it?Moderator:@David Whale - Director Information Security, Fasken Martineau Dumoulin LLPSpeaker:@Manuel Sanchez, Information Security & Compliance Specialist, iManageRecorded on 06/27/2023
Wednesday May 24, 2023
Legal Operations and eDiscovery
Wednesday May 24, 2023
Wednesday May 24, 2023
Legal Operations is a broad emerging discipline that encompasses all aspects of the business of law including litigation support, technology, service delivery and more. Thus, eDiscovery is a major operational consideration for law firms and corporate law departments tasked with managing and securing data. Organizations typically handle eDiscovery along a spectrum where they insource or outsource certain elements of the process. What are the risks and benefits of different eDiscovery service models? How might development of key personnel to manage aspects of service give firms a competitive advantage?
Questions Ann asked the speakers:
-How would you describe the significance of eDiscovery services as a component of legal operations for a law firm or corporation?
-What are some of the costs associated with developing talent to manage eDiscovery within the firm, and how are those costs justified?
-What additional considerations should be weighed when determining how much of the eDiscovery process to insource?
-Once you start a team, how can you grow the team and what additional areas could the group serve?Moderator:
@Ann Halkett - Director, SOLVED eDiscovery Services, a division of AHBL MLPSpeakers:
@Joy Holley - Legal Operations Consultant, Vertex Advisor
@Richard Robinson - Director of Legal Operations and Litigation Support, Toyota North AmericaRecorded on 05/24/2023
Wednesday Apr 26, 2023
Continuously Monitoring Controls in a Cloud Environment
Wednesday Apr 26, 2023
Wednesday Apr 26, 2023
This session will focus on how companies can continuously monitor and assess their security posture by looking at drift from their control baselines in the cloud. Questions Corey asked the speaker:1) What is continuous monitoring generally and why is it important?
2) What are some of the benefits of implementing continuous monitoring in a cloud environment?
3) What are some of the different cloud security control sources that should be considered when determining what to monitor?
4) At a high level, how do you begin to implement continuous monitoring in one or more of the major cloud providers (i.e. Amazon, Microsoft, Google)?
5) What are some best practices when implementing continuous monitoring in the cloud?Moderator:@Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National LaboratoriesSpeaker:Sarah Luiz - Cyber Security ConsultantRecorded on 04-26-2023
Monday Aug 15, 2022
Monday Aug 15, 2022
Lawyers have always been held to a high standard of care to secure information and maintain the confidentiality of client-related information.However, meeting these requirements has become much more complex since shifting to a hybrid working environment.This podcast panel interview addresses the ever-growing client, regulatory and other requirements and how the introduction of new technologies, the ongoing need to balance the transition from paper to electronic and other considerations impact our approach to securing information while balancing the need provide effective client service.
Co-Moderators:@Leigh Isaacs - Director, Information Governance, DLA Piper@Reggie Pool - Senior Director, HBR Consulting LLC
Speakers:@Doug Landin - Chief Information Security Officer, Brownstein Hyatt Farber Schreck@James Merrifield - Director of Information Governance & Business Intake, Robinson & Cole LLP
Recorded on 08-15-2022
Wednesday Nov 10, 2021
Microsoft Defender for Cloud Apps is the Next Wave in Securing the Cloud
Wednesday Nov 10, 2021
Wednesday Nov 10, 2021
In this podcast interview session, the speaker will provide an overview of Microsoft Defender for Cloud Apps and why it is important. There will be a heavy focus on Microsoft Defender for Cloud Apps as this will be the most natural fit for firms.Questions Chris will ask Idan: - What is Microsoft Defender for Cloud Apps ? (Begins at 00:36) - How do you best discover and control unsanctioned cloud apps? (Begins at 1:12)- What are some policy-based controls (Begins at 4:09)- Explain DLP management (Begins at 6:36) - How does Microsoft Defender for Cloud Apps help with compliance? (Begins at 9:27)- Please provide us with a deeper dive into using Microsoft Defender for Cloud Apps to increase security posturing of Office 365 and other cloud applications (Begins at 11:26) Moderator: @Christopher Hockey, IGP - Director of Records and Enterprise Content, Bond, Schoeneck and King, PLLCSpeaker:Idan Basre - Product Manager, Microsoft Cloud App Security Recorded on 11-10-2021
Tuesday Nov 02, 2021
Enterprise IT Support at Home
Tuesday Nov 02, 2021
Tuesday Nov 02, 2021
In this podcast session, the speakers will discuss changes, challenges, and approaches to supporting enterprise users at their homes.Helpful timeframe of questions asked/responses in the respective podcast: (00.39 - 2:37) "What are the Challenges of Supporting Enterprise Users Remotely?"(2:38 - 4:38) "Did everyone use Citrix and apply to everyone?"(4:40 - 6:18) "Talk about the scope of working remotely."(6:22 - 9:23) "Tell us what tools have you used to support the enterprise users at home when working remotely?" (9:23 - 10:38) "How about support on mobile devices and other devices like speed test, do either of you use these tools?"(10:39 - 13:24) "How do you support practices changed from moving from a enterprise office to home."(13:25-15:36) "What new knowledge or certifications have helped you cope with the changing environment?"(15:37 - 16:29) "What challenges remain?"(16:30 - 19:07) "What challenges remain on hardware?"(19:07 - 20:06) "Do either of you support remote printing?"(20:07 - 21:32) "Does time of day make a difference?"Moderator:
@Mark Manoukian - IT Director, Kegler, Brown, Hill & Ritter
Speakers:@David Michel - Chief Information Officer - Becker & Poliakoff, PA@Frank Ziller - CIO, Frontline Managed Services
Recorded on 11-2-2021
Monday Feb 15, 2021
New Skills Needed for 2021
Monday Feb 15, 2021
Monday Feb 15, 2021
In this podcast, Chuck Barth, who is a experienced senior leader of information governance in law firms, will speak about information governance in the legal industry. Join him to find out why security/compliance specialists will need information governance skills in the year to come and beyond!Moderator: @Leigh Isaacs, CIGO, CIP, Director of Information Governance and Records Management, ProskauerSpeaker:@Chuck Barth
Recorded on 2-15-2021