In the wake of the Panama Papers breach, securing law firm and client data has been a huge concern for many practitioners in the legal space. Similarly, other information leaks like the Edward Snowden revelations have made the general public more aware of government surveillance than ever before. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with executive director for the Electronic Frontier Foundation Cindy Cohn to discuss domestic surveillance concerns, encryption technology, and how lawyers and law firms can protect themselves and their clients from cyber attacks.
Hosted by two leaders in the cybersecurity and digital forensics industries, Sharon D. Nelson, Esq. and John W. Simek, Digital Detectives is for listeners who are interested in digital forensics, e-discovery, and information security issues. Nelson and Simek invite digital forensic and computer security experts to enlighten listeners on the latest e-discovery technology, cyber threats and security policies and measure to keep data secure.
The Digital Edge: Lawyers and Technology, hosted by attorneys Sharon Nelson and Jim Calloway, provides listeners with tips and tools for career success, as well as cutting-edge technology news. Nelson and Calloway invite noted authors, speakers, and legal technologists to discuss topics at the intersection of law and technology.
In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway talk with PayneGroup CEO Donna Payne about ways attorneys can better handle their metadata. Donna reminisces about starting her company in 1998, the client experience that inspired the creation of her Metadata Assistant software, and The Wall Street Journal’s front page article mention that resulted in 150,000 downloads. She analyzes how metadata has changed since she started and provides a list of things, such as track changes and hidden text, that lawyers should be on the lookout for. She states that one of the best things you can do if you can’t afford a third party assistant program is to know what is in the document and use any free options available in your preferred office software suite. Donna closes the interview with an explanation of what exchangeable image file format data is, her checklist of the most common metadata mistakes that lawyers make, and some daily best practices that lawyers can implement to help protect their data.
In this episode of Digital Detectives, hosts Sharon Nelson and John Simek speak with Oklahoma Bar Association’s Management Assistance Program Director Jim Calloway about ways small firm and solo attorneys can improve their cyber security. Jim talks about the increased awareness of cyber security in the solo and small law firm community as a result of the recent news coverage of data breaches occurring in a variety of companies. This level of visibility and growing pool of attorneys who have personal experience with someone who has had a data breach or digital disaster has cultivated an understanding that a compromised database or dead computer can put the entire law firm out of business. He states that seeing these large companies being compromised can often cause small firms with much smaller budgets to question if there is anything they can do to protect themselves. Jim points out that attorneys running their own firms or small businesses have a duty to supervise their employees and provides his 5 top cyber security tips to help these very firms and solo lawyers protect themselves, their clients, and address the importance of physically securing company laptops and other mobile devices. He closes the interview with an analysis of the risks and rewards of utilizing cloud-based practice management tools designed specifically for legal professionals and his advice for law firms who feel that they can’t afford to adequately secure themselves.
This time On the Road at the 2016 ABA Annual Meeting, hosts Sharon Nelson and John Simek speak with Electronic Frontier Foundation Executive Director Cindy Cohn, United States Foreign Intelligence Surveillance Court Federal Judge James Jones, and Chairman and Associate Professor in the Department of National Security Affairs at the Naval Postgraduate School Mohammed Hafez about the ongoing quest to prevent terrorism. Mohammad mentions that the increased visibility of global terrorist attacks has given rise to a discourse about how we should best deal with this issue, by understanding the nature of terrorism and how it has evolved over the years. Judge Jones gives a brief background on the United States Foreign Intelligence Surveillance Court (FISA Court), which was established in 1978. Each judge serves as a duty judge in the court’s secure location in Washington D.C. for a week at a time to receive applications from the Department of Justice for surveillance of individuals suspected of terrorists activities. Cindy provides her thoughts on the concept of using the mechanisms of big data to predict who is going to engage in terrorist activity and the extent to which the FISA Court has approved mass surveillance procedures and programs that involve collection and/or analysis of large swathes of information. They close the interview by further investigating the versatility of terrorist organizations and how terrorism has transformed over time.
In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway speak with Legal Technology Consultant Andrew Adkins about his time as chief information officer for the law firm of Steptoe & Johnson PLLC. Andy reflects on his 23 years as a technology consultant and gives a brief breakdown of the variables that led to his move to West Virginia and employment with Steptoe & Johnson PLLC. The firm was large and successful when he arrived but, as he recalls, the information technology infrastructure was understaffed and mostly focused on day-to-day problem solving. This lack of needed staff was one of his biggest challenges as he began to expand the law firm’s IT capabilities and integrate new software to help the attorneys improve the services they provided. Andy talks about the process of building relationships among his teammates, learning their strengths and weaknesses, and the challenges he had convincing management of the necessity of continued employee training. He warns other CIOs of potential “upgrade fatigue” within their IT departments and shares how traveling to introduce himself to each branch of the company and incorporating a monthly newsletter to inform staff of upcoming tech changes helped to prepare staff for company-wide tech improvements. Andy closes the interview with an analysis of how he addressed the law firm’s cyber security needs and his list of his best and worst professional moments during his four year employment there.
In this episode of the Digital Detectives, board certified trial lawyer Craig Ball talks with Sharon Nelson and John Simek about information technology competency and the 2016 Georgetown Ediscovery Training Academy. Craig explains that the bootcamp is six days of extensive work and requires a great deal of effort on the part of the attendees for weeks before they arrive. He asserts that the program’s hour long written assessment exam, three full days of technical training, rigorous reading requirements, and week-long “meet and confer” exercise are a few of the things that differentiate this curriculum from other continuing legal education courses. Craig also shares that the goal of the program is to establish a certain level of competency and fluency in e-discovery and digital evidence and to help cultivate a passion in individuals interested in these fields. He continues by stating that lawyers graduate lacking the basic skills that are necessary to teach themselves what they need to know about information technology and this is why programs like this are so important. Craig analyzes the legal education system, the expectation of apprenticeship, and how many of the most seasoned lawyers know little or nothing about electronically stored information. He closes the interview with a discussion of where the legal profession will be in 10 years regarding tech competency and a reflection on his career today.
In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek speak with Clark Hill PLC Of Counsel David G. Ries about data security, Mandiant’s M-Trends, and Verizon’s Data Breach Investigation Reports. David opens the interview with an explanation of what these reports are (summaries developed by security service providers on data breach trends during the past year) and talks about how they help to organize collected information for ease of use. He then analyzes the subtle differences between the two reports, like the way they define terms like data breach and security incident, and gives some insight into the ways each company acquires their data. David also covers the top three key findings provided by each report and gives examples of how this information can be invaluable to law firms seeking to shore up their security shortcomings. He closes the interview with his major takeaways from this year’s’ reports and tips for law firms on how this research can aid in strengthening your comprehensive cybersecurity program.
In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway talk with The Remsen Group President John Remsen, Jr. about the benefits of creating a firm-wide business plan. John expresses how important it is for law firm leadership to recognize that they are running a business and states that it is difficult to run a successful business without a plan of where you are going. He shares that his research results show that only 40% of midsize firms report that they have a written strategic plan and less than 5% give themselves a positive score on implementing that plan well. Gordon also reveals that 90% of firms with a plan will attribute improved performance in areas like increased cohesiveness, profitability, long term sustainability, and growth to the planning exercise. He then analyzes the top five concerns of midsize firms, like associate development and firm governance, and provides ways that firms can address these concerns. He closes the interview with reasons that older lawyers resist these types of improvements and tips to help law firms start the strategic planning process.
In this episode of The Digital Edge, hosts Sharon Nelson and Jim Calloway speak with Clio founder and CEO Jack Newton and Rocket Matter founder and CEO Larry Port about cloud computing and the new cloud security standards for legal professionals released by the Legal Cloud Computing Association. Larry explains what the LCCA is and how it formed out of a need to educate lawyers about what is happening in the cloud. Jack provides some insight into the creation of the security standards, such as terms of service privacy policies and encryption, and states that with these standards as a baseline lawyers will be able to more easily assess if a cloud computing provider is adhering to certain ethical standards. Larry also lists a few factors lawyers should consider, like where the SaaS data center is located, and the four things (vulnerability scans, penetration testing, and aesthetic code and dynamic code reviews) that the standards require in security testing. They both end the interview with an analysis of in-transit and at rest encryption and the benefits and drawbacks of zero knowledge level security.
In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek chat with Nuix Chief Technology Officer Stephen Stewart about the Panama Papers, the world’s largest breach of information. Stephen explains that a law firm in Panama named Mossack Fonseca had 2.6 terabytes of information taken from them by an anonymous party, who then gave that information to the German newspaper Süddeutsche Zeitung (SZ). The leaked data contained 11.5 million items that consisted of roughly 5 million emails, 3 million databases, 2 million PDF files, and 1 million images. In an attempt to understand and further investigate the received data, SZ then contacted the International Consortium of Investigative Reporters (ICIJ). Stephen talks about what the ICIJ is (basically an international network that includes 165 investigative journalists over 65 countries) and how Nuix’s software was utilized to aid in the data analysis. The group discusses the authorities’ later raid on the law firm’s office and what evidence the digital forensics experts and financial analysts might be looking for. Stephen closes the interview with an summary of the practices that this breach sheds light on, like who the beneficiaries of offshore funds really are and what significant revelations might come from this particular breach.