Blogs

Be the first person to like this post.
Thanks to our moderators and the LegalSEC Steering Committee for this roundtable. Click here for the slides with contact information . Roundtable Description: The vulnerability risk profile of your technology stack is constantly changing. Bugs and vulnerabilities are discovered every day and it is inevitable they will be exploited as we’ve seen with Log4j and the SolarWinds hacks. These supply chain risks have rapidly become a new frontier for enterprising threat actors. The question is, are you prepared to effectively respond the next time? Moderators: Scott Rolf, CIO at Tucker Ellis LLP Paul Bivian, Director Information Security at Kirkland & Ellis LLP ...
0 comments
1 person like s this.
Session recordings now available! If you were unable to attend the 2019 LegalSEC Summit in DC this past week, or attended and had to choose between the great sessions being offered, we've now uploaded the recordings and presentation materials to the LegalSEC Resource Library under the 2019 LegalSEC Summit folder . Please note that due to the nature of the content - the access to the materials and recordings will be restricted to members only so members must be logged in when clicking on the links below. THE LIST OF SESSIONS (AND MATERIALS AS THEY BECOME AVAILABLE) FOR THIS YEAR ARE BELOW: Welcome and Introduction to Incident Response Incident ...
0 comments
1 person like s this.
ILTA invites you to continue your LegalSEC education! LegalSEC Summit 2018 was held in Arlington, VA from June 10-13, 2018 and was designed for legal technology professionals. Now, ILTA wishes to continue the overarching Summit goal: to engage attendees and provide structured content. New this year, ILTA introduced targeted track programming, which aimed to help guide attendees through specific security role-based learning pathways. These pathways were designed to assist attendees by promoting tracks and sessions that would be most applicable to their professional and firm needs. Below you will find information related to each target audience, with ...
0 comments
1 person like s this.
Session recordings now available! If you were unable to attend the 2018 LegalSEC Summit in DC this past week, or attended and had to choose between the great sessions being offered, we've now uploaded the recordings and presentation materials to the LegalSEC Resource Library under the 2018 LegalSEC Summit folder . Please note that due to the nature of the content - the access to the materials and recordings will be restricted to members only so members must be logged in when clicking on the links below. The list of sessions (and materials as they become available) for this year are below: General Session » Automated Threat ...
0 comments
1 person like s this.
GDPR: What is it? Who should know and why? Let a group of your peers who are leaders in their fields help you navigate this new and confusing roadmap. We promise we won't ask you to fold it back up when you're done! ( I mean who remembers how to do that anyway?) Time is running out to get your arms around what you and your firm needs to know. What better place than ILTA to lend a hand! #LegalSEC #GDPR #SecurityProfessionals #Security
0 comments
1 person like s this.
If you were unable to attend the 2017 LegalSEC Summit in DC this past week, or attended and had to choose between the great sessions being offered, we've now uploaded the recordings and presentation materials to the LegalSEC Resource Library under the 2017 LegalSEC Summit folder . Also included are the materials from the pre-summit workshops. Please note that due to the nature of the content - the access to the materials and recordings will be restricted to members only so members must be logged in when clicking on the links below. The list of sessions (and materials as they become available) for this year are below: Pre-Summit Workshop Money ...
0 comments

Training Incentives

2 people like this.
Thank you to Joanne Kiley, ILTA staff, for pulling this blog post together to use as a resource. Though we have another six months to prepare for National Security Awareness Month (October), we know security awareness training should be a constant in our organizations. ILTA members recently shared how they engage staff and attorneys in continuing education on security awareness. Read their tactics for inspiration. One firm ordered fortune cookies filled with “fortunes” security awareness tips and facts. This firm also announced a phishing campaign, placed Swedish Fish in bowls around the office and posted signs saying “Don’t Get Hooked!” As the phishing ...
0 comments
Be the first person to like this post.
In a recent conversation with a Microsoft Security Architect, the topic of using “Run As” came up: “Short version is, in a credential theft world the Microsoft guidance from 10+ years ago no longer applies, because every instance of using Run As exposes your credentials on a system. If an attacker is already a local admin on the system they can then pass those credentials and act as that user. If such a user is a domain admin, game over.” Run As doesn’t provide any protection against “pass the hash.” And it’s still a consideration in Windows 10, even with the new version of SMB . In other words - we need to stop using “Run As.” Especially in Windows ...
0 comments

What is ISO 27001 Anyway?

3 people like this.
What is ISO 27001 Anyway? ISO 27001 is a recipe for effectively managing information related risk, by creating a set of policies, standards, & processes (controls) commonly referred to as an Information Security Management System (ISMS). What does it all mean and why do we want to do this? The predominant reason that law firms are moving so quickly to ISO 27001 is client demand. Clients want assurance that the information that they are giving to the law firm is being protected in a manner consistent with their expectations, good practice, and relevant laws and regulations. Because ISO 27001 is a very comprehensive framework and becoming certified ...
0 comments
1 person like s this.
In the attempt to provide ILTA members with pertinent and usable introductory information regarding SECURITY for the Legal Community, we have created a living document entitled "ILTA Peer - Security Best Practices", that will be updated at least quarterly. We will engage and entertain new technologies as well as accepted and ongoing technologies and summarize their affects and/or use on and with our professions. This document is meant for a brief introduction (aka high level) and not a "Deep Dive" into the technologies. Topics covered currently: No Admin Rights Application WhiteListing Law Firm vs. Personal Computers Cloud Screen Locking Shared Directories ...
0 comments
1 person like s this.
If you were unable to attend LegalSEC Summit 2015 in Baltimore this past week, or attended and had to choose between the great sessions being offered, we've now uploaded the recordings and presentation materials to the LegalSEC Resource Library under the 2015 LegalSEC Summit folder. Please note that due to the nature of the content - the access to the materials and recordings will be restricted to members only so members must be logged in when clicking on the links below. The list of sessions (and materials as they become available) for this year are below: KEYNOTE - The Anatomy of Successful Cyberattacks ...
0 comments
1 person like s this.
I remember when you'd be crazy to consider putting your law firm's data in the cloud. Dedicated, managed hosting maybe, but multi-tenant? No way. Back in the 'crazy' days, everyone was worried (legitimately) that their data was likely living on the same equipment as someone else's data, giving some mystery person that wasn't on their staff administrative control over it. Sure, there were firewalls and IDS/IPS and vendor contracts that defined the security measures in place to protect your data, but ultimately it was out of your control. Performance was also an unknown quantity, since the technologies and process for managing even the dedicated resources ...
0 comments

FISHYBEAR the APT of 2015

Be the first person to like this post.
After my talk at the NYC FBI ICCS event, I was asked by media and attendees about predictions for Cyber Security in 2015. I explained that the attack surface for organizations is very W-I-D-E and a weakness. (Click READ MORE for full blog post) There is simply not enough people, budget or time for the majority of organizations to fight effectively. The "Fishy Bear" attack is the new APT. Responsibility falls to the Chief Executive Officer appointed by the Board of Directors for the share holders. In 2015 everyone must take a top down review of the business and agree on the acceptable risk tolerance. Then this communication must have be cascaded ...
0 comments
Be the first person to like this post.
IS WHAT’S GOOD FOR THE GOOSE GOOD FOR THE GANDER? SHOULD FIRMS ASK THEIR VENDORS TO GET ISO 27001 CERTIFIED? Many law firms are pursuing ISO 27001 certification in order to increase their security maturity as well as to demonstrate a sort of “Good Housekeeping seal of approval” to clients and prospective clients as well as to their firm management. Some clients are also asking firms to vouch for the security of our vendors. Should we also ask our key vendors in areas like Electronic Discovery and Hosting, Document Review, Colocation, etc. to do the same? I would appreciate hearing from you on this topic. Which vendors do you think are the ...
0 comments
2 people like this.
Yet another intrusion with data theft. Yet another chorus of yells for "encryption". I refer to the eBay intrusion from last year (or the Sony incident from November … or any number of recent data loss incidents) with the subsequent hysteria over their not encrypting certain personal information at rest. "It is inexcusable for a company the size of eBay with the amount of data it holds to not encrypt all personal information held,” said Rik Ferguson, from Trend Micro. It has become quite fashionable these days to say "if only the information had been encrypted". The problem is not that simple, either from a privacy or security perspective. From ...
3 comments

2014 & Looking Forward

2 people like this.
As the end of 2014 is upon us, I thought it would be good to reflect on some of the challenges we faced this year, and what lies ahead for us in 2015. From vulnerabilities with names and logos, to breaches and privacy regulation changes around the globe, the complexity of keeping information safe in an always-connected world continued to grow. The necessity for better visibility into endpoint behavior, egress traffic, and document handling gained more traction, and seems to be on a lot of my colleagues' minds for the coming budget year. We’ve seen so many innovative security software products come to life, all which offer next generation behavioral and malware ...
0 comments
1 person like s this.
My firm has a comprehensive Security Awareness Program in place and requires all employees, no exceptions, to participate. I have conducted numerous security awareness sessions in all of my offices and have placed special emphasis on the dangers of clicking links in emails. I hired a security firm to conduct a phishing campaign and while the results were better than I expected, there was room for improvement. The phishing campaign was a great tool for measuring where we were on this issue and where we needed to place additional emphasis. I really thought I had gotten through to people based on the number of “suspect” emails forwarded to me each day to verify ...
0 comments
Be the first person to like this post.
We’ve talked quite a bit about collaborating with other firms on information security issues, as that has been the ILTA model for all things technology and firm related items over the years. We’ve put additional emphasis on this for security, as many of us believe an early warning of potential targeted attacks or threats in general can prevent a large scale data leak for one or many firms. So what is actually being done outside of our willing this to happen, and working with our peers to share redacted information when possible? A lot! In both the security vendor space and across sectors, security professionals are making a true effort to bridge the gap of what ...
0 comments
1 person like s this.
I didn’t start out in IT. I spent four years in VCU’s amazing Jazz Studies program playing the double bass before being lured into legal 18(!) years ago. Many of the concepts I learned while studying jazz have translated well into legal IT and can be applied to the information security challenges that many of us face. Know the music “Jazz is not just 'Well, man, this is what I feel like playing.' It's a very structured thing that comes down from a tradition and requires a lot of thought and study.” ― Wynton Marsalis Whether it is “Take The A Train” or ISO 2700x, the use of a standard helps to provide a shared ...
0 comments

TrueCrypt - What Now?

Be the first person to like this post.
You’ve no doubt seen the press by this point. The TrueCrypt developers updated their sourceforge website with a somewhat cryptic note “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues” but provides no other explanation. They also recommended moving to BitLocker for any needs that TrueCrypt would have previously fulfilled. The developers tied the end of support to the termination of Windows XP. All of which caught the attention of all sorts of people - security pros as well as general industry types. At the same time a version update, 7.2, removed all functionality other than the ability to decrypt existing volumes or drives. ...
0 comments