ILTA Voices

Join us for a very brief run down on the latest trending vulnerability, Poodle. Also, a friendly reminder of a busy October patch month from all the major vendors.Speakers:Jamie Herman has more than 15 years of experience in information security, risk management and information technology. Currently the Manager of Information Security for Ropes & Gray LLP, Jamie's expertise covers a diverse range of areas, including implementing information security programs, data privacy, digital forensics, access control, leading innovation initiatives and leading a global team. His passion for assisting law firms improve their security posture in all facets of business has been a key to his success. Having led vulnerability management plan efforts, security strategy and policy design initiatives, Jamie collaborates with a wide network of public and private industry information security experts to deliver forward-thinking security thought leadership to the legal information security industries. Jamie sits on the LegalSec steering committee and has presented at numerous ARMA, ILTA and information security industry events. Contact him at jamie.herman@ropesgray.com. Bill Kyrouz, Senior Manager, Information Security & Governance at Bingham McCutchen LLP, has worked in information technology for over 15 years -- 12 of them in the legal community. While leading Bingham's information security efforts he has implemented multiple programs, including mandatory firmwide awareness, incident response and vulnerability management. Actively working with peers to raise the information security bar across the legal industry, Bill is a member of the LegalSec Steering Committee and LegalSec Summit Planning Committee. A GSEC, he has previously spoken at local and national events on information security, business continuity and network management. Bill can be contacted at wkyrouz@bingham.com or followed on Twitter @Kyrouz.

Getting a handle on a newly introduced vulnerability
impacted millions of devices worldwide is difficult! So join us for a quick
walk through of what the Bash vulnerability is all about, what systems are
affected, and how to deal with this widespread problem. Our goal is to give you
some clear cut takeaways to help identify, remediate, and manage this problem
in your organization.Speakers:Jamie Herman has more than 15 years of experience in information security, risk management and information technology. Currently the Manager of Information Security for Ropes & Gray LLP, Jamie's expertise covers a diverse range of areas, including implementing information security programs, data privacy, digital forensics, access control, leading innovation initiatives and leading a global team. His passion for assisting law firms improve their security posture in all facets of business has been a key to his success. Having led vulnerability management plan efforts, security strategy and policy design initiatives, Jamie collaborates with a wide network of public and private industry information security experts to deliver forward-thinking security thought leadership to the legal information security industries. Jamie sits on the LegalSec steering committee and has presented at numerous ARMA, ILTA and information security industry events. Contact him at jamie.herman@ropesgray.com. Bill Kyrouz, Senior Manager, Information Security & Governance at Bingham McCutchen LLP, has worked in information technology for over 15 years -- 12 of them in the legal community. While leading Bingham's information security efforts he has implemented multiple programs, including mandatory firmwide awareness, incident response and vulnerability management. Actively working with peers to raise the information security bar across the legal industry, Bill is a member of the LegalSec Steering Committee and LegalSec Summit Planning Committee. A GSEC, he has previously spoken at local and national events on information security, business continuity and network management. Bill can be contacted at wkyrouz@bingham.com or followed on Twitter @Kyrouz.

The following is a podcast which provides a high-level overview of the ISO 27002 domains and some of the key controls within those domains.  The LegalSec Steering Committee simply wanted to provide an overview of these domains and highlight some of the controls that a Firm may want to consider in moving towards an ISO like security program. Speaker:Joe Daw has more than 15 years in providing successful information security leadership, infrastructure management, regulatory compliance and risk management in various industries.  Joe has built and successfully managed an Information Security Program from the ground up for several Firms within industries including banking, insurance, health and legal.  Joe deals effectively with customers, executives, and stockholders on a regular basis. All of these achievements are critical to firms, that must compete in today's difficult economy and maintain information security  and compliance through appropriate risk management.  Joe is also a member of ILTA's LegalSEC Steering Committee. 

How do you encrypt and transfer data to support your organization’s needs?  This is a timely discussion with peer firm’s that are addressing the encryption process for data that his transferred to or from your organization.  The discussion covers a few key considerations including:  Why do we need to move data?  It is  important to identify your needs.How do you remain in control of the data at each step? Choosing a encryption solution that meets the needs of the client, vendor, firm, and/or government agency.Cost of deployment.Speed and efficiency considerations.Speakers:Stephen Dooley is the Senior Manager of Electronic Discovery and Litigation Support at Sullivan & Cromwell which is about an 800 attorney international firm.  Stephen is a member of the ILTA Litigation and Practice Support Steering Committee.Scott Rolf is the CIO at Tucker Ellis LLP, a 185 attorney firm based in Cleveland, Ohio.  Scott is a the Technical Operations Team Coordinator for the 2014 ILTA Conference in Nashville.Vern Cole is the Security Architect for Perkins Coie, a 900 attorney firm based primarily in the US with some Asia presence. Vern is a member of the LegalSEC Steering Committee. 

Conventional networks have been around for decades,
proprietary protocols, interoperability issues have plagued network engineers
to utilize multi-vendor architectures.  ASIC based network switches and
routers have come a long way but are reaching speed and compatibility constraints. 
Software Defined Networking looks to be the network architecture of the future
and is being driven by customers. 
Moderator:  David Tremont, Director of Infrastructure, Bracewell &
Giuliani LLP
Speaker:  Jarrod Mills, Data Center Principal Consultant at Accudata Systems
Jarrod’s focus is designing, implementing, and troubleshooting Data Center and
Cloud networks. He has a strong background in implementation, design, and
configuration of large enterprise networks. Jarrod has been working with Cisco
and Juniper Systems routing and switching products for 15 years and has been
working in the IT industry for more than 18 years. He has an in-depth
understanding of multi-vendor converged infrastructure designs and products.
He is a CCIE in 4 areas of practice; Data Center, Security,
Route Switch and Service Provider.  Jarrod also earned his JD at Texas
Tech School of Law
Additional Resources:
https://www.opennetworking.org/sdn-resources/onf-specifications/openflow

Listen in as members of ILTA’s Profession Services Steering Committee interview CIOs and IT directors about their experiences, advice and strategies for success in their new roles or new firms.

Information Governance is, by
its very nature, a complex endeavor that requires careful thought and planning.
 When you are unboxing a topic like IG, it’s helpful to know where to
start.  In this podcast, we explore best practices for starting down the
IG path, no matter the size of your firm or organization.Recommended supplemental information:Building Law Firm Information Governance - July 2013A Proposed Law Firm IG Framework - Original ReportModerator:  Brian Donato, Chief Information Officer at Vorys, Sater, Seymour and Pease LLPSpeakers:Sean Monahan - Foster pepper PLLCSean is Conflicts Counsel and advises the firm on legal ethics and related compliance matters. Additionally,he manages the Conflicts Department, including intake, client engagements, ethical screens and file closing. Sean can be reached at monas@foster.comDana C. Moore, IGP - Vedder Price PCDana is the Manager of Records & Information Compliance for Vedder Price PC. She has more than 25 years of law firm experience in records management, new business intake, and conflict of interest analysis, has developed records management systems solutions, works on RIM legal compliance issues such as electronic evidence discovery and document holds, and oversees protocols and processes associated with electronic record keeping and the migration of electronically stored information ("ESI"). She has particular expertise in conflicts and records management systems conversions. Dana can be reached at dmoore@vedderprice.com 

Listen in as members of ILTA’s Profession Services Steering
Committee interview CIOs and IT directors about their experiences, advice and
strategies for success in their new roles or new firms.Beth McGrath - Chief Information Officer at McGinnis,
Lockridge & Kilgore, L.L.P.

Listen in as members of ILTA’s Profession Services Steering Committee interview CIOs and IT directors about their experiences, advice and strategies for success in their new roles or new firms.Skip Lohmeyer - Chief Information Officer at Jackson Kelly PLLC

Listen in as members of ILTA’s
User Support Services Steering Committee discuss some of the trends that they
are seeing in training and share their thoughts on those topics.  Topics
they cover are: The Modern Trainer, Performance Support, Ways to Support
Informal Learning, Mobile Learning and Gamification.
 Participants:Michelle
Spencer, PGVP from Bracewell & Giuliani LLPJan
Huber, Faegre Baker Daniels LLPMaritta
Terrell, Lloyd Gosselink Rochelle &
Townsend, P.C.Asima
Macci, PennWestMarsha
Kuhn, Downs Rachlin Martin PLLC

Listen to LegalSEC Steering Committee members,  Jamie Herman, Manger of Information Security at Ropes & Gray and Bill Kyrouz, Senior Manager Information Security & Governance at Bingham McCutchen LLP as they discuss the Heartbleed bug.  Jamie and Bill will share what it is, how to respond to it on behalf of your firm, what to look for and will also provide some action items you can do today to secure your networks.  Note:  In an effort to centralize communications, ILTA has created a blog for vendors to post comments outlining whether their systems are affected and what steps are being taken to fix the problem, and what steps clients should take at their end. You can access the blog HERE.Speakers:Jamie HermanJamie Herman brings with him more than 15 years of experience in information security, risk management, and information technology. Currently the Manager of Information Security for Ropes & Gray LLP, Jamie’s expertise covers a diverse range of areas including implementing information security programs, data privacy, digital forensics, access control, leading innovation initiatives, and leading a global team. His passion for assisting law firms improve their security posture in all facets of business has been a key to his success. Having led vulnerability management plan efforts, security strategy and policy design initiatives, Jamie collaborates with a wide network of public and private industry information security experts to deliver forward-thinking security thought leadership to the legal information security industries. Jamie holds a BS in Computer and Digital Forensics from Champlain College (Summa Cum Laude), sits on the LegalSec steering committee, and has presented at numerous ARMA, ILTA, and information security industry events. Jamie can be reached at Jamie.Herman@ropesgray.com Bill KyrouzBill has worked in Information Technology for over 15 years, 12 of them in the legal community.  While leading Bingham’s information security efforts he has implemented multiple programs including mandatory firmwide awareness, incident response, and vulnerability management.  Actively working with peers to raise the information security bar across the legal industry, Bill is a member of the LegalSec Steering Committee and LegalSec Summit Planning Committee.  A GSEC, he has previously spoken at local and national events on information security, business continuity and network management. Bill can be reached at wkyrouz@bingham.com or followed on Twitter @Kyrouz