To those unfamiliar with ransomware, it is a malicious software that effectively holds your files hostage until you pay a ransom. For lawyers, this could mean losing or compromising the data that keeps your business running smoothly. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek discuss this malware with the CEO of LMG Security, Sherri Davidoff. Sherri divulges what we know about ransomware, what to do when it has infected your computer, and how to prevent data loss. While there are few ways to stop the infection when it has started, backing up your information and educating your team on malware countermeasures can significantly lessen ransomware’s impact on your business.
Sherri Davidoff is the CEO of LMG Security, a cybersecurity and digital forensics company. She has more than a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing and web application assessments.
In the wake of the Panama Papers breach, securing law firm and client data has been a huge concern for many practitioners in the legal space. Similarly, other information leaks like the Edward Snowden revelations have made the general public more aware of government surveillance than ever before. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with executive director for the Electronic Frontier Foundation Cindy Cohn to discuss domestic surveillance concerns, encryption technology, and how lawyers and law firms can protect themselves and their clients from cyber attacks.
Cindy Cohn is the executive director of the Electronic Frontier Foundation. From 2000-2015 she served as EFF’s Legal Director as well as its General Counsel. Ms. Cohn first became involved with EFF in 1993, when EFF asked her to serve as the outside lead attorney in Bernstein v. Dept. of Justice, the successful First Amendment challenge to the U.S. export restrictions on cryptography.
The transition from cars with drivers to driverless cars is upon us, and it will be potentially as disruptive as horse and buggies to cars. As this switch-over occurs, lawyers and lawmakers will face issues of compliance, liability, and information governance, among others. In this On the Road report from the ABA Annual Meeting 2016, Joe Patrice interviews Bryant Walker Smith, Laura Ruettgers, and Stephen Wu about their conference presentation on driverless cars. Together, they discuss the compliance issues that arise from different levels of vehicle automation, who is liable for an accident, how the insurance carriers will adapt to the changes, and the moral questions that arise on a programming level. The presenters close by discussing how taxi and trucker employment will change and driverless cars as a supplement to public transportation.
Bryant Walker Smith is an assistant professor of law and (by courtesy) engineering at the University of South Carolina School of Law. His research focuses on risk (particularly tort law and product liability), technology (automation and connectivity), and mobility (safety and regulation).
Laura Ruettgers is with the law firm of Severson & Werson where she specializes in providing coverage and policy drafting advice for environmental and toxic tort claims and policies. Laura also has extensive experience addressing issues arising under commercial general and excess liability, professional liability, and directors and officers liability policies.
Stephen Wu is of counsel with Silicon Valley Law Group. He advises clients on information governance matters, focusing on information security, privacy, mobile computing, ediscovery preparedness, records management, and computer-related investigations.
As we all know, the internet continually disrupts society on a global scale. It has become a platform for the international exchange of ideas and, more importantly, brought hundreds of millions of people out of extreme poverty. But with this disruptive platform comes challenges of safety and security, access to information, and censorship within multiple legal systems. How can we appropriately apply the legal standards and expectations from every country in the world to the internet which is, by nature, an international platform?
In this episode of In-House Legal, Randy Milch interviews Google Senior Vice President and General Counsel Kent Walker about his path to general counsel of Google and the current legal challenges the multinational technology company faces. Walker examines internet disruption and censorship and talks about how Google approaches the legal balance between personal privacy and the government’s need for access to information.
Walker begins by talking about his path through the U.S. Attorney’s office, AirTouch Communications, Netscape (which became AOL), eBay, and then ending up in his current position at Google and how different sources of training gave him the experience to be a successful general counsel. Through his history in tech companies, he has interacted with the evolution of information law in privacy and defamation, jurisdictional questions, intellectual property definitions, the limits on patents and copyright, and new questions about antitrust in a digital economy.
Milch and Walker then transition into a discussion on threats arising to the internet as it is today. As Google is intimately involved in the balance between necessary encryption and government access to information, Walker discusses how his legal department approaches this fine line. Discussion inevitably turns to censorship and the “right to be forgotten,” a misnomer actually meaning the right to be delisted from the search engines. They talk about self-censorship within tech companies like Facebook and Twitter, collaboration in Silicon Valley after the Snowden Revelations, and the international goal of access to information and freedom of expression.
As general counsel and senior vice president for legal, policy, trust, and safety at Google, Kent Walker is responsible for managing Google’s global legal team and advising the company’s board and management on legal issues and corporate governance matters. Before joining Google, Walker held senior legal positions at a number of leading technology companies. Earlier in his career, Walker was an Assistant U.S. Attorney with the United States Department of Justice, where he specialized in the prosecution of technology crimes and advised the Attorney General on management and technology issues.
As technology continues to become ever more integrated into our daily lives, the challenges that law firms face grow and evolve. Many tech savvy clients are not only concerned with a lawyer’s ability to represent them but also their ability to protect their files and privileged communications. With more instances of data breaches and hacking being mentioned in the mainstream media, what can a law firm do to shore up their cyber security?
In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek sit down with LMG Security Founder and Senior Security Consultant Sherri Davidoff to discuss cyber security and the audits that are currently available for law firms. Sherri gets the conversation started by breaking down some of the more complex cyber security terminology into easy-to-understand language. The group then ponders factors, such as the loss of client data and law firms being hacked, that prompted this cultural shift within the profession and some of the elements that made it difficult for the industry to justify investing in cyber security until now. The focus then shifts to an analysis of the options available to law firms that are seeking to improve their security standards and ways to prepare lawyers to better interact with clients that might ask to see a firm’s cyber security audits. Sherri then caps off the conversation with a discussion of risk assessment, risk management, and how you present these plans to your clients.
Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and senior security consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing, and web application assessments. Davidoff is an instructor at Black Hat and co-author of “Network Forensics: Tracking Hackers Through Cyberspace”. She is a GIAC-Certified Forensic Examiner (GCFA) and Penetration Tester (GPEN), and holds her degree in computer science and electrical engineering from MIT.
Attorney Ted Schaer from the law firm of Zarwin Baum DeVito Kaplan Schaer Toddy, P.C. in Philadelphia, Pennsylvania discusses the steps that a business can take to help prepare for, and minimize the chances of a cyber-data breach.
Special thanks to our sponsor, A.M. Best Company, Best’s Recommended Insurance Attorneys & Adjusters, including Expert Service Providers.
On today’s podcast, we ask security experts Sharon Nelson and John Simek things like how hard is it, really, to hack into someone’s email? And what’s the greatest security threat for lawyers? Plus, our favorite posts and podcasts of 2015.
Computer security experts Sharon Nelson and John Simek answer Sam’s questions you’ve always wanted to know, like how hard it is, really, to get into your email? What’s the weakest part of your security system? Do you really need to encrypt your email, and how should you go about it? And who is spying on you online, anyway?
In episode two of this two-part series, host Charles Volkert, executive director of Robert Half Legal, and industry experts, Thomas Barnett, Rocco Grillo and Joel Wuesthoff, discuss the key components of a comprehensive cybersecurity plan, how companies can determine their readiness, and what many organizations ignore or overlook with data security management.
In episode one of this two-part series, host Charles Volkert, executive director of Robert Half Legal, and industry experts, Thomas Barnett, Rocco Grillo and Joel Wuesthoff, examine data privacy and security issues that are demanding the attention of legal and IT teams across industry sectors. Learn about the particular risks law firms and legal departments face and the prevention strategies legal teams and their IT counterparts are implementing.
“33% of Fortune 100 Organizations will experience an information crisis by 2017.” – Gartner, an information technology research and advisory firm
Recently, data breaches have become one of the most serious threats to companies worldwide, and as more corporate infrastructure moves online, studies suggest that the rising number of data breaches will cost 2.1 trillion dollars globally by 2019. Because of this, a new market of data breach practice groups has emerged to assist with e-discovery, information governance, data security, and preparation for high-risk technological emergencies. In light of this, what should your law firm or company do to prepare for one of these potentially imminent situations?
In this episode of Digital Detectives, Sharon Nelson and John Simek interview Martin Tully, co-chair of Akerman LLP’s Data Law Practice, about why his firm decided to implement a data breach law group, how data security fits in with current e-discovery and information governance practices, and what every company should include in an incident response plan.
“Data Law”: e-discovery, information governance, and data security consulting
Increased client demand for legal technology services
Strategic partnerships between legal and technical professionals
Company interests: preparation for data loss, litigation, and government inquiry
How to proceed during “the upchuck hour”
Reasons for the increase in data breaches
Who and what should be involved in the incident response plan
Simulated data breach exercises
A lack of data security in many law firms
Martin T. Tully is a partner with the Chicago office of Akerman LLP. He is veteran trial lawyer with more than two decades of experience representing domestic and multinational companies in a variety of complex commercial litigation matters. As the co-chair of Akerman’s Data Law Practice, Martin also focuses on keeping clients ahead of the curve regarding the developing law, technology and best practices related to e-discovery, information governance and data security.