Archive for the 'Risk' Category

This podcast interview session will take a look into our mobile devices (super computers in our pocket) and the built in (or lack there of) security around them.

Can we rely on our devices out of box as long as they’re managed or has the time come where we need to take mobile security to the next level?

Questions that David will ask speaker:

1. Mobile devices are essentially a smaller version of a computer that can fit in your pocket. They’re on us and in use almost all the time. Confidential information flows to, from and through them, yet we don’t seem to secure them to the same level as a computer. Is that because they’re just secure out of the box? Or are we missing something?
2. What types of threats and attacks should we be concerned about with our mobile devices?
3. A lot of organizations may say we use MDM (mobile device management) to secure our mobile fleet of devices. Is an MDM sufficient?
4. If out of the box security and usage of an MDM is not quite enough, what addition protections should we be looking at?
5. How should different usage patterns and user interfaces of mobile devices factor into an organization's model of the mobile security threat and mobile security solutions?
6.Obviously budgets and staff have an influence on just how much security you can deploy and manage. What would be the top 3 items that all businesses and mobile users should put into place to help protect their mobile devices?

Moderator: 
@David Whale - 
Director Information Security, Fasken Martineau Dumoulin LLP

Speaker:
@Seth Hallem - CEO & Chief Architect, Mobile Helix 

 

Recorded on 06-17-2022

​​


Read Full Post »

Microsoft’s M365 solution includes a growing and evolving number of security solutions. These include MFA, Exchange On-Line Protection, Advanced Threat Protection and others, some new, some improved.

This podcast will be an overview of the solutions in M365 today, solutions that are either baked in to our existing M365 licenses at no additional cost or available at a nominal cost, that offer the possibility to retire and displace more expensive 3rd party solutions.

Moderator:
@Mark Manoukian - IT Director, Kegler, Brown, Hill & Ritter

Speaker:
Paul Edlund - Chief Technologist - Midwest, Microsoft

Recorded on 03-04-2022

Read Full Post »

This topic was one of ILTACON 2021's most popular conference sessions, and as security is a concern to many the original panel has reunited for a follow-up podcast.

Security is complex and when left without robust resources of money, knowledge, and people we sometimes revert to the ostrich head in the sand approach. Even though we try to do our best, we sometimes fall into bad habits.

This podcast session is the opposite of sharing best practices . . . we will call out the absolute worst mistakes. Without mentioning any entity or name, we will discuss the criticality of certain practices. Our goal is to give you the opportunity to walk away with a private GOLD STAR or perhaps the feeling of "oh no, I do that and better fix that" without having to admit it to your peers.

Moderator:
@Corey Reitz - Cyber Assurance Architect, Sandia National Laboratories

Speakers: 
@James McKenna
 - Chief Information Officer, Fenwick & West LLP
Melodi (Mel) Gates - 
Senior Legal Editor, Privacy & Data Security, Thomson Reuters
@Rebecca Sattin - 
Chief Information Officer, Worldox
@Robinson Roca - 
Practice Lead, Infrastructure Services, Helient Systems LLC
@Heather Morrow -
Director, Project Management & Training, Loeb & Loeb LLP.

​Recorded on 10-21-2021

Read Full Post »

Without information, law firms wouldn’t exist. Information is front and center and critical to everything we do. As Law firms progress further down their digital road maps, it presents us with an opportunity to revisit our retention requirements and strategies to ensure they’re still relevant.

In this podcast session, the speaker will offer best practice recommendations for law firm data retention. Are we better to keep more or less? What must we keep and for how long? How do we get to a place where we’re only retain the minimal data footprint required?

Moderator:
@David Whale, Director Information Security , Fasken Martineau Dumoulin LLP

Speaker:
@John Churchill, Records Department Manager, Nelson Mullins

Recorded on 05-06-2021

Read Full Post »

Join Prevalent's CEO, Jonathan Dambrot, and Third-Party Evangelist, Brenda Ferraro, with their featured guest, Peter Lesser, the Director of Global Technology at Skadden, ARPS., as they discuss how fourth parties, certifications and incident response scenario-based tests are key to third-party assurance and resiliency. Learn how the legal sector tasted success, forming the Prevalent Legal Vendor Network community faster than any other sector by collaborating and agreeing on a single third-party framework, questionnaire, assessment and remediation ecosystem.

Recorded on 6-14-18

Read Full Post »

We discuss how physical security tends to be overlooked while we focus so much time and energy on the technology side of security. Keeping your firm’s people and assets safe can rely on good physical security planning and design.

Speakers:
Heath Stanley is the SVP of Information Security. He holds the CISA, CISSP and C|CISO certifications. Heath has managed technology governance consulting for Traveling Coaches Inc. since 2006. His previous experience includes residential lending and process improvement, and he is a subject matter expert in Information Security Governance and Vendor Management.

David Tremont.  With 32 years of experience in Networking and Security, Mr. Tremont started his career as a Cryptologist Technician in the U.S. Navy in 1974.  Responsible for intercepting and decrypting Chinese and Russian radio transmissions for Fleet Commanders. Mr. Tremont has consulted with many corporate entities as well as law firms in designing and testing networks on a global scale, ensuring security protocols and standards were key factors in their implementation.  He has also participated as a consultant in assisting public companies to ensure compliance in Sarbanes-Oxley, HIPPA and has been involved in achieving ISO 9000 and ISO 27000 certifications for Oil & Gas Service companies.
Currently Mr. Tremont serves on the Technology Committee and Security Committee for Bracewell LLP assisting Senior Management to ensure compliance in Cyber and Physical security initiatives and is responsible for the monitoring and incident response of day to day security and network operations for the firm. 

Recorded on 1-26-17

Read Full Post »

Join Brian Donato, CIO at Vorys, Sater, Seymour and Pease LLP and Eric Mosca, Director of Operations at InOutsource as they discuss the key takeaways from the 2013 ILTA Conference Session: Nimble Approaches to Information Governance: The Small and Mid-Size Firm Perspectives. 

Read Full Post »

Law Firms around the country are anxious to determine the overall effectiveness of their information security programs and to understand if their practices are aligned with industry peers.

Please listen in as Meg Grant, Vice President, Marketing at Digital Defense and a LegalSec Vendor Advisory Team member reviews the results of the LegalSec Report, A Study of the Legal Industry's Information Security Assessment Practices. The report, published in August and released at the ILTA Annual conference, provides un-biased and relevant knowledge surrounding information security programs and practices within North American law firms.

Grant will highlight key findings and provide context surrounding all the results.

A copy of the report may be downloaded HERE

Read Full Post »

This brief podcast, presented by Scott Christensen (Edwards Wildman)  and Jim Barker (Traveling Coaches)  touches on the reasons that there is such a focus on Security Awareness today, and how we need to take a different approach to Security Awareness Training compared to other types of training and education.   Listen to this podcast to learn what “Gamification” is, and how it can be applied to this important topic.  Most importantly, learn why you will want to attend this session at conference to help you in crafting and implementing a successful  Security Awareness  Program at your firm.

Read Full Post »

Listen to this monthly series of podcasts from the Emerging Technologies Peer Group.

Each month Lance Rea and Mark Manoukian have a conversation with the peer group of the month. This month's spotlight is on the Server Operation & Security Peer Group. Steven Shock, Chief Technology Officer at Irell & Manella LLP and Jamie Herman, Manager of Information Security at Ropes & Gray talk about issues and initiatives in the server operations and security space. Format is conversational and touches on a number of different topics.

Read Full Post »

Podbean App

Play this podcast on Podbean App