Sensei was featured not just once, but twice in the May/June edition of the ABA Law Practice Magazine. First, Sharon Nelson, John Simek, and David Ries’s book “Encryption Made Simple” was highlighted in the Book Spotlight section on page 18. Second, Sharon and John’s article “Competence in E-Discovery” can be found on page 24.
Archives for May 2016
Excerpt of Sharon’s part: NOT dumping unsupported software is one of the greatest cybersecurity risks your law office can have. Once software is unsupported, it is no longer receiving security updates. This was one of the many factors in the recent Panama Papers law firm breach. Many states have adopted the American Bar Association’s new language (or some variant) for Model Rules 1.1 (Competence) and 1.6 (Confidentiality). Even those that have not will tell you that competence with technology is implicit in Rule 1.1.
In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway speak with Clio founder and CEO Jack Newton and Rocket Matter founder and CEO Larry Port about cloud computing and the new cloud security standards for legal professionals released by the Legal Cloud Computing Association. Larry explains what the LCCA is and how it formed out of a need to educate lawyers about what is happening in the cloud. Jack provides some insight into the creation of the security standards, such as terms of service privacy policies and encryption, and states that with these standards as a baseline lawyers will be able to more easily assess if a cloud computing provider is adhering to certain ethical standards. Larry also lists a few factors lawyers should consider, like where the SaaS data center is located, and the four things (vulnerability scans, penetration testing, and aesthetic code and dynamic code reviews) that the standards require in security testing. They both end the interview with an analysis of in-transit and at rest encryption and the benefits and drawbacks of zero knowledge level security.
In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek chat with Nuix Chief Technology Officer Stephen Stewart about the Panama Papers, the world’s largest breach of information. Stephen explains that a law firm in Panama named Mossack Fonseca had 2.6 terabytes of information taken from them by an anonymous party, who then gave that information to the German newspaper Süddeutsche Zeitung (SZ). The leaked data contained 11.5 million items that consisted of roughly 5 million emails, 3 million databases, 2 million PDF files, and 1 million images. In an attempt to understand and further investigate the received data, SZ then contacted the International Consortium of Investigative Reporters (ICIJ). Stephen talks about what the ICIJ is (basically an international network that includes 165 investigative journalists over 65 countries) and how Nuix’s software was utilized to aid in the data analysis. The group discusses the authorities’ later raid on the law firm’s office and what evidence the digital forensics experts and financial analysts might be looking for. Stephen closes the interview with an summary of the practices that this breach sheds light on, like who the beneficiaries of offshore funds really are and what significant revelations might come from this particular breach.
Excerpt: Scarcer than rubies are talented digital forensics experts who are also skilled at writing expert reports and giving court testimony. So how do you find a good expert when you have electronic evidence in issue? This can be a daunting task and the right selection may depend upon a number of factors including what’s at issue in the case, the budget, the geographic location of the expert, and balancing the relative credentials of the experts under consideration. In short, reach for your bottle of Advil. Mistakes are frequent.
Here are the extremes. At one end, you have the major players – with big price tags and a horrendous disparity of quality between their employees. At the other end, you have Joe, formerly a plumber, who fiddles with computers at night and thinks that digital forensics is cool. He takes a course in it, perhaps even gets a meaningless certification from the vendor, and then promptly hangs out his shingle, advertising his service at “blue light special” rates.
Excerpt: Lawyers often think technology should always work. That’s aspirational, says Sharon Nelson, president of the cybersecurity, information technology and digital forensics firm Sensei Enterprises Inc.
“People can screw up, but technology fails too,” says Nelson. “You really need to recover from what the problem is, as opposed to pointing fingers and being angry.”