Welcome to Digital Detectives. We'll discuss computer forensics, electronic discovery and information security issues and what's really happening in the trenches. It's not theory, but practical information that you can use in your law practice on the Legal Talk Network.
Spreadsheets have the potential to be an important part of running a legal business, but not all lawyers have the time to fully understand how to effectively use them. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Ben Kusmin about the proper handling and format of spreadsheets, including a thorough review of all content before sending it. He also discusses the Wells Fargo inadvertent disclosure issue and how it could have been avoided. Ben Kusmin focuses on complex business litigation in state and federal courts. He also created a CLE training program called Excel Esquire to give attorneys the skill they need to successfully navigate in Excel. Special thanks to our sponsors, PInow and SiteLock.
Hopefully your firm will never experience a data breach, but these days it seems more and more inevitable. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Brian Wommack about common mistakes companies make when dealing with a breach, the correct way to handle the situation, and what you can do to prepare for potential threats. They also discuss the different aspects of creating a contingency plan including drafting beforehand how you would break the news to your clients. Brian Wommack leads the strategic communications practice of Cameron LLP, often advising on high-profile and high-stakes matters including cyber intrusion and data breach contingency planning and response. Special thanks to our sponsors, PInow and SiteLock.
In this episode of Digital Detectives, hosts Sharon Nelson and John Simek speak with Denver Edwards about cybersecurity. In their discussion, they address the National Institute of Standards and Technology’s (NIST) cybersecurity framework and how it relates to the FTC’s work. They also talk about how a company can use the NIST framework along with FTC guidance in order to minimize security risks. They conclude the episode with predictions regarding how the Trump Administration will handle cybersecurity. Denver Edwards is a principal at Bressler, Amery & Ross, P.C. in New York and works in the firm’s securities department. Special thanks to our sponsors, PInow and SiteLock.
Because lawyers are constantly handling confidential or sensitive information, cybersecurity and the careful handling of this information are an important part of running a successful firm. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Jim McCauley about some of the ethical issues lawyers face and how the Virginia Bar is helping to educate lawyers on how to handle these issues. Some of these issues include information security and common scams used to hack into confidential data. James McCauley is the Ethics Counsel for the Virginia State Bar. He teaches professional responsibility at the T.C. Williams School of Law and served on the ABA’s Standing Committee on Legal Ethics and Professionalism from 2008-2011. Special thanks to our sponsors, PInow and SiteLock.
If you have a Mac, you might think you’re safe from viruses and hacking. In reality, Mac users still fall victim to malware, adware, and other schemes that can easily slip through the cracks if a user isn’t careful. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Tom Lambotte, CEO of GlobalMac IT, about how cybercrime has evolved and what Mac using lawyers can do to protect their information, including using a password manager and investing in mobile device management. Tom Lambotte integrated his deep passion for Macs with his successful entrepreneurial skills to create GlobalMac IT, a company that aims to support Mac-based law firms. Special thanks to our sponsors, PInow and SiteLock.
Social Media is a big deal in the legal profession. Not only is it being used to promote law practices but it's increasingly being used as digital evidence in courtrooms. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Craig Ball about the intricacies of preserving digital evidence. Their discussion includes whether or not to hire a professional to do the preservation and tools that you can use to gather and preserve digital evidence. Craig Ball is a longtime adjunct professor teaching Digital Evidence at the University of Texas School of Law. He writes and speaks around the world on e-discovery and computer forensics. Special thanks to our sponsors, PInow and SiteLock.
As a lawyer, sometimes paranoia is a good thing. Legal professionals are constantly handling sensitive information that needs protection, whether it’s details about a case or client data. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek talk to Charles Patterson about TSCM (technical surveillance countermeasures) and how this extra level of security can ensure your private information stays private. As the president of Exec Security, a TSCM services company, Charles shares about why lawyers need TSCM, how these sweeps are performed, and provides tips on how to protect yourself from situations that could compromise your confidential information. Charles Patterson has over 35 years experience in the security field. Previous to his current position as Exec Security president, he spent 17 years traveling throughout the United States and the world working in executive protection and providing tech support to security teams. Special thanks to our sponsors, PInow and SiteLock.
Just because phishing is gradually becoming less of a threat does not mean you are safe from cyber criminals. Smishing is the use of cell phone texting software to lure victims into downloading malware or handing over personal information. In this episode, hosts Sharon Nelson and John Simek talk to Joe Hamblin, director of IT operations for Sprint, about what smishing is, why it’s growing, and how it could affect your legal business. They also discuss simple ways to identify and combat smishing both in your personal and professional life. Joe Hamblin, director of IT operations for Sprint’s emerging platforms, has more than 25 years of IT experience. In his current position he is responsible for end-user platform engineering including collaboration, Identity Access Management (IAM) and device engineering/management. Special thanks to our sponsors, PInow and SiteLock.
To those unfamiliar with ransomware, it is a malicious software that effectively holds your files hostage until you pay a ransom. For lawyers, this could mean losing or compromising the data that keeps your business running smoothly. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek discuss this malware with the CEO of LMG Security, Sherri Davidoff. Sherri divulges what we know about ransomware, what to do when it has infected your computer, and how to prevent data loss. While there are few ways to stop the infection when it has started, backing up your information and educating your team on malware countermeasures can significantly lessen ransomware’s impact on your business. Sherri Davidoff is the CEO of LMG Security, a cybersecurity and digital forensics company. She has more than a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing and web application assessments. Special thanks to our sponsors, PInow and SiteLock.
With the rise of legal technology came a heightened awareness amongst lawyers and law firms of the importance of cyber security to ensure that one's own, and the clients’, assets are protected. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with former law enforcement officer and High-Technology Crime Unit detective Keith Lowry to discuss governmental cyber security policy under President Obama and how those policies might change during the administration of President-elect Trump. Keith Lowry has more than 25 years of experience implementing, managing, and directing insider threat, counterintelligence, and intelligence collection programs. Special thanks to our sponsors, PInow and SiteLock.
The rapid embrace of emergent technologies has flooded the legal marketplace with new tools and processes to help make attorneys’ daily lives better in every way. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with CloudNine Vice President of Professional Services Doug Austin to discuss the hottest changes and trends surrounding e-discovery. Special thanks to our sponsors, PInow and SiteLock.
When thinking about a law firm’s marketing approach, many attorneys put heavy emphasis on having a well-constructed website to aid in attracting business, promoting convenient project management, and improving client retention. However, what potential security risks can your website pose to your firm and your clients? In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with SiteLock President Neill Feather to discuss the importance of website security, data breaches, and why hackers are attacking the websites of law firms. Special thanks to our sponsors, PInow and SiteLock.
In the wake of the Panama Papers breach, securing law firm and client data has been a huge concern for many practitioners in the legal space. Similarly, other information leaks like the Edward Snowden revelations have made the general public more aware of government surveillance than ever before. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek sit down with executive director for the Electronic Frontier Foundation Cindy Cohn to discuss domestic surveillance concerns, encryption technology, and how lawyers and law firms can protect themselves and their clients from cyber attacks. Cindy Cohn is the executive director of the Electronic Frontier Foundation. From 2000-2015 she served as EFF’s Legal Director as well as its General Counsel. Ms. Cohn first became involved with EFF in 1993, when EFF asked her to serve as the outside lead attorney in Bernstein v. Dept. of Justice, the successful First Amendment challenge to the U.S. export restrictions on cryptography. Special thanks to our sponsors, PInow and SiteLock.
In this episode of Digital Detectives, hosts Sharon Nelson and John Simek speak with Oklahoma Bar Association’s Management Assistance Program Director Jim Calloway about ways small firm and solo attorneys can improve their cyber security. Jim talks about the increased awareness of cyber security in the solo and small law firm community as a result of the recent news coverage of data breaches occurring in a variety of companies. This level of visibility and growing pool of attorneys who have personal experience with someone who has had a data breach or digital disaster has cultivated an understanding that a compromised database or dead computer can put the entire law firm out of business. He states that seeing these large companies being compromised can often cause small firms with much smaller budgets to question if there is anything they can do to protect themselves. Jim points out that attorneys running their own firms or small businesses have a duty to supervise their employees and provides his 5 top cyber security tips to help these very firms and solo lawyers protect themselves, their clients, and address the importance of physically securing company laptops and other mobile devices. He closes the interview with an analysis of the risks and rewards of utilizing cloud-based practice management tools designed specifically for legal professionals and his advice for law firms who feel that they can’t afford to adequately secure themselves. Special thanks to our sponsors, PInow and SiteLock.
In this episode of the Digital Detectives, board certified trial lawyer Craig Ball talks with Sharon Nelson and John Simek about information technology competency and the 2016 Georgetown Ediscovery Training Academy. Craig explains that the bootcamp is six days of extensive work and requires a great deal of effort on the part of the attendees for weeks before they arrive. He asserts that the program’s hour long written assessment exam, three full days of technical training, rigorous reading requirements, and week-long “meet and confer” exercise are a few of the things that differentiate this curriculum from other continuing legal education courses. Craig also shares that the goal of the program is to establish a certain level of competency and fluency in e-discovery and digital evidence and to help cultivate a passion in individuals interested in these fields. He continues by stating that lawyers graduate lacking the basic skills that are necessary to teach themselves what they need to know about information technology and this is why programs like this are so important. Craig analyzes the legal education system, the expectation of apprenticeship, and how many of the most seasoned lawyers know little or nothing about electronically stored information. He closes the interview with a discussion of where the legal profession will be in 10 years regarding tech competency and a reflection on his career today. Craig Ball is a board certified trial lawyer, certified computer forensic examiner, law professor, and electronic evidence expert, who limits his practice to serving as a court-appointed special master and consultant in computer forensics and electronic discovery. He has served as the special master or testifying expert in computer forensics and electronic discovery in some of the most challenging and celebrated cases in the U.S. Special thanks to our sponsor, PInow.
In the aftermath of the Panama Papers data breach many law firms have become hyper aware of their digital security risks. With the number of breaches on the rise what can lawyers do to keep informed of the most pertinent risks facing legal practitioners? In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek speak with Clark Hill PLC Of Counsel David G. Ries about data security, Mandiant’s M-Trends, and Verizon’s Data Breach Investigation Reports. David opens the interview with an explanation of what these reports are (summaries developed by security service providers on data breach trends during the past year) and talks about how they help to organize collected information for ease of use. He then analyzes the subtle differences between the two reports, like the way they define terms like data breach and security incident, and gives some insight into the ways each company acquires their data. David also covers the top three key findings provided by each report and gives examples of how this information can be invaluable to law firms seeking to shore up their security shortcomings. He closes the interview with his major takeaways from this year's’ reports and tips for law firms on how this research can aid in strengthening your comprehensive cybersecurity program. David G. Ries is of counsel in the Pittsburgh, Pennsylvania, office of Clark Hill PLC, where his practice includes environmental, technology, and data protection law and litigation. He is a co-author of “Locked Down: Practical Information Security for Lawyers” (American Bar Association, 2016) and “Encryption Made Simple for Lawyers” (American Bar Association, 2015) and regularly speaks and writes nationally on cybersecurity topics.
2.6 terabytes of information spanning over forty years of a Panamanian law firm’s life was leaked to a German newspaper and subsequently, the world. What questions does this raise about a law firm’s responsibility for the loss of client/customer data? What lessons can we learn about security as a result of this firm’s data being compromised? In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek chat with Nuix Chief Technology Officer Stephen Stewart about the Panama Papers, the world’s largest breach of information. Stephen explains that a law firm in Panama named Mossack Fonseca had 2.6 terabytes of information taken from them by an anonymous party, who then gave that information to the German newspaper Süddeutsche Zeitung (SZ). The leaked data contained 11.5 million items that consisted of roughly 5 million emails, 3 million databases, 2 million PDF files, and 1 million images. In an attempt to understand and further investigate the received data, SZ then contacted the International Consortium of Investigative Reporters (ICIJ). Stephen talks about what the ICIJ is (basically an international network that includes 165 investigative journalists over 65 countries) and how Nuix’s software was utilized to aid in the data analysis. The group discusses the authorities’ later raid on the law firm’s office and what evidence the digital forensics experts and financial analysts might be looking for. Stephen closes the interview with an summary of the practices that this breach sheds light on, like who the beneficiaries of offshore funds really are and what significant revelations might come from this particular breach. Stephen Stewart joined Nuix in 2008 and is responsible for leading the evolution of Nuix’s software. He is currently driving the development of Nuix's information governance and big data solutions. Stephen has more than 15 years experience working with both public and private sector organizations, designing and providing solutions for their email, file, document management and archiving systems.
As technology continues to become ever more integrated into our
daily lives, the challenges that law firms face grow and evolve.
Many tech savvy clients are not only concerned with a lawyer's
ability to represent them but also their ability to protect their
files and privileged communications. With more instances of data
breaches and hacking being mentioned in the mainstream media, what
can a law firm do to shore up their cyber security?
In this episode of the Digital
Detectives, hosts Sharon Nelson and
John Simek sit down with LMG Security Founder and
Senior Security Consultant Sherri Davidoff to discuss cyber
security and the audits that are currently available for law firms.
Sherri gets the conversation started by breaking down some of the
more complex cyber security terminology into easy-to-understand
language. The group then ponders factors, such as the loss of
client data and law firms being hacked, that prompted this cultural
shift within the profession and some of the elements that made it
difficult for the industry to justify investing in cyber security
until now. The focus then shifts to an analysis of the options
available to law firms that are seeking to improve their security
standards and ways to prepare lawyers to better interact with
clients that might ask to see a firm’s cyber security audits.
Sherri then caps off the conversation with a discussion of risk
assessment, risk management, and how you present these plans to
During the investigation of the San Bernardino shooting the FBI obtained a company iPhone that was used by Syed Farook, one of the assailants. The investigators obtained a warrant to search the phone, but it’s currently locked and the FBI hasn’t been able to access the encrypted data. This prompted the agency to request assistance from Apple to bypass the phone’s security features, but Apple has refused. Does the FBI have the authority to compel a company to re-engineer its own product in order to undermine the security of its own customers?
In this episode of Digital Detectives, Sharon Nelson and John Simek interview the American Civil Liberties Union’s Speech Privacy and Technology Project Director and principal legal advisor to Edward Snowden Ben Wizner about the legal battle between Apple and the FBI. Wizner begins by explaining The All Writs Act and how it’s being used to coerce Apple, the FBI’s potential objectives in making this request, and what dangers might be present if the FBI prevails. The conversation then shifts to the global implications for all tech companies if the the precedent is set that Apple must aid in helping the FBI get the contents of this phone and what that might mean for the national security of the United States of America – and the privacy of its citizens. Wizner then gives some insights into what it has been like to be the principal advisor for Edward Snowden and what the case has been like for him as a lawyer.
InfraGard, one of the longest running outreach associations, represents a partnership between the FBI and the private sector. Members include businesses professionals (including many law firm employees), people from academic institutions, and local participants who share their experience and expertise with the FBI to assist in crime prevention. In the recent climate of rampant cyber security issues, many in the private sector are better equipped to fight these cyber threats. So why is it important for lawyers to know about and potentially join InfraGard?
In this episode of Digital Detectives, Sharon Nelson and John Simek interview FBI special agent and InfraGard coordinator Kara Sidener about the way InfraGard works and why lawyers and other law firm professionals should be interested in joining this two-way information sharing platform.
The evolution of cybercrime
The Department of Homeland Security, the FBI, and the private sector
Who joins InfraGard
How and why members are vetted
Benefits for IT professionals trying to secure law firm networks
Staying informed about clients’ intellectual property issues
Proactive programming and cross-sector collaboration
Free resource to provide info on terrorism and cyber threats