Digital Detectives

In the aftermath of the Panama Papers data breach many law firms have become hyper aware of their digital security risks. With the number of breaches on the rise what can lawyers do to keep informed of the most pertinent risks facing legal practitioners? In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek speak with Clark Hill PLC Of Counsel David G. Ries about data security, Mandiant’s M-Trends, and Verizon’s Data Breach Investigation Reports. David opens the interview with an explanation of what these reports are (summaries developed by security service providers on data breach trends during the past year) and talks about how they help to organize collected information for ease of use. He then analyzes the subtle differences between the two reports, like the way they define terms like data breach and security incident, and gives some insight into the ways each company acquires their data. David also covers the top three key findings provided by each report and gives examples of how this information can be invaluable to law firms seeking to shore up their security shortcomings. He closes the interview with his major takeaways from this year's’ reports and tips for law firms on how this research can aid in strengthening your comprehensive cybersecurity program. David G. Ries is of counsel in the Pittsburgh, Pennsylvania, office of Clark Hill PLC, where his practice includes environmental, technology, and data protection law and litigation.  He is a co-author of “Locked Down: Practical Information Security for Lawyers” (American Bar Association, 2016) and “Encryption Made Simple for Lawyers” (American Bar Association, 2015) and regularly speaks and writes nationally on cybersecurity topics. Learn more about your ad choices. Visit megaphone.fm/adchoices

2.6 terabytes of information spanning over forty years of a Panamanian law firm’s life was leaked to a German newspaper and subsequently, the world. What questions does this raise about a law firm’s responsibility for the loss of client/customer data? What lessons can we learn about security as a result of this firm’s data being compromised? In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek chat with Nuix Chief Technology Officer Stephen Stewart about the Panama Papers, the world’s largest breach of information. Stephen explains that a law firm in Panama named Mossack Fonseca had 2.6 terabytes of information taken from them by an anonymous party, who then gave that information to the German newspaper Süddeutsche Zeitung (SZ). The leaked data contained 11.5 million items that consisted of roughly 5 million emails, 3 million databases, 2 million PDF files, and 1 million images. In an attempt to understand and further investigate the received data, SZ then contacted the International Consortium of Investigative Reporters (ICIJ). Stephen talks about what the ICIJ is (basically an international network that includes 165 investigative journalists over 65 countries) and how Nuix’s software was utilized to aid in the data analysis. The group discusses the authorities’ later raid on the law firm’s office and what evidence the digital forensics experts and financial analysts might be looking for. Stephen closes the interview with an summary of the practices that this breach sheds light on, like who the beneficiaries of offshore funds really are and what significant revelations might come from this particular breach. Stephen Stewart joined Nuix in 2008 and is responsible for leading the evolution of Nuix’s software. He is currently driving the development of Nuix's information governance and big data solutions. Stephen has more than 15 years experience working with both public and private sector organizations, designing and providing solutions for their email, file, document management and archiving systems. Learn more about your ad choices. Visit megaphone.fm/adchoices

As technology continues to become ever more integrated into our daily lives, the challenges that law firms face grow and evolve. Many tech savvy clients are not only concerned with a lawyer's ability to represent them but also their ability to protect their files and privileged communications. With more instances of data breaches and hacking being mentioned in the mainstream media, what can a law firm do to shore up their cyber security? In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek sit down with LMG Security Founder and Senior Security Consultant Sherri Davidoff to discuss cyber security and the audits that are currently available for law firms. Sherri gets the conversation started by breaking down some of the more complex cyber security terminology into easy-to-understand language. The group then ponders factors, such as the loss of client data and law firms being hacked, that prompted this cultural shift within the profession and some of the elements that made it difficult for the industry to justify investing in cyber security until now. The focus then shifts to an analysis of the options available to law firms that are seeking to improve their security standards and ways to prepare lawyers to better interact with clients that might ask to see a firm’s cyber security audits. Sherri then caps off the conversation with a discussion of risk assessment, risk management, and how you present these plans to your clients. Learn more about your ad choices. Visit megaphone.fm/adchoices

During the investigation of the San Bernardino shooting the FBI obtained a company iPhone that was used by Syed Farook, one of the assailants. The investigators obtained a warrant to search the phone, but it’s currently locked and the FBI hasn’t been able to access the encrypted data. This prompted the agency to request assistance from Apple to bypass the phone’s security features, but Apple has refused. Does the FBI have the authority to compel a company to re-engineer its own product in order to undermine the security of its own customers? In this episode of Digital Detectives, Sharon Nelson and John Simek interview the American Civil Liberties Union’s Speech Privacy and Technology Project Director and principal legal advisor to Edward Snowden Ben Wizner about the legal battle between Apple and the FBI. Wizner begins by explaining The All Writs Act and how it’s being used to coerce Apple, the FBI’s potential objectives in making this request, and what dangers might be present if the FBI prevails. The conversation then shifts to the global implications for all tech companies if the the precedent is set that Apple must aid in helping the FBI get the contents of this phone and what that might mean for the national security of the United States of America – and the privacy of its citizens. Wizner then gives some insights into what it has been like to be the principal advisor for Edward Snowden and what the case has been like for him as a lawyer. Learn more about your ad choices. Visit megaphone.fm/adchoices

InfraGard, one of the longest running outreach associations, represents a partnership between the FBI and the private sector. Members include businesses professionals (including many law firm employees), people from academic institutions, and local participants who share their experience and expertise with the FBI to assist in crime prevention. In the recent climate of rampant cyber security issues, many in the private sector are better equipped to fight these cyber threats. So why is it important for lawyers to know about and potentially join InfraGard? In this episode of Digital Detectives, Sharon Nelson and John Simek interview FBI special agent and InfraGard coordinator Kara Sidener about the way InfraGard works and why lawyers and other law firm professionals should be interested in joining this two-way information sharing platform. Topics include: The evolution of cybercrime The Department of Homeland Security, the FBI, and the private sector Who joins InfraGard How and why members are vetted Benefits for IT professionals trying to secure law firm networks Staying informed about clients’ intellectual property issues Proactive programming and cross-sector collaboration Free resource to provide info on terrorism and cyber threats Learn more about your ad choices. Visit megaphone.fm/adchoices

Technology Assisted Review (TAR), also known as Computer Assisted Review, Predictive Coding, Computer Assisted Coding, and Predictive Ranking, has been around for 50 years, but is now becoming incredibly useful in the legal field. This technology can speed up cases of all kinds and greatly reduce discovery costs for their clients. But how do lawyers learn about TAR? After all, we’re not dummies. In this episode of Digital Detectives, Sharon Nelson and John Simek interview John Tredennick, the CEO of Catalyst Repository Systems, about his new book “TAR for Smart People,” what exactly TAR includes, and specific ways it has helped companies reduce discovery costs. Tredennick begins by explaining the three elements of TAR: teaching the computer algorithm, the algorithm orders review documents by estimated relevance, the lawyers decide what to do when the algorithm presents no more relevant documents. In other words, the computer algorithm continues to learn which documents are relevant to the case based on the current reviewers, and puts potentially important ones on the top of the pile, as it were. Tune in to hear Tredennick describe how this works using a Pandora metaphor, explain each project’s process, and discuss the increased effectiveness of what he termed TAR 2.0. John Tredennick is CEO of Catalyst Repository Systems, which offers the world’s fastest and most powerful document repositories for large-scale discovery and regulatory compliance. Before founding Catalyst, he spent over twenty years as a nationally-known trial lawyer and litigation partner at a major national firm. He is the author or editor of five legal technology books including his latest, "Tar for Smart People," which he co-authored with Bob Ambrogi. Learn more about your ad choices. Visit megaphone.fm/adchoices

Following the terrorist attacks in Paris, French officials used metadata from a phone they found in a trashcan to gather information that made it possible to raid ISIS safe houses within a week. During these raids they were able to kill the suspected mastermind behind the operation, who was believed to be planning more attacks. Using a combination of cyber forensics and traditional police work, the French identified and successfully raided the purported hideout of the suspected ringleader. Considering our advanced technology, many are left questioning how this happened in the first place? And looking forward, can governments really prevent future acts of terrorism by building backdoors into encryption? In this episode of Digital Detectives, Sharon Nelson and John Simek discuss the digital forensics of the Paris attacks and the aftermath, including a surfacing argument about cryptic communication, the response from French, British, and American governments, and how Anonymous, the hacker group, has gotten involved. Beginning with a chronology of events, Sharon walks through the events of last Friday. Citing a BBC article published after the Paris attacks, the hosts analyze how the investigation involved traditional and technological means to gather information about the armed attackers and their whereabouts. In addition to fingerprints and DNA, the investigators used witness video footage, mobile phone triangulation, wifi networks, and IP addresses to correlate intelligence and quickly move in on the suspects. John explains how a comment made by Belgium’s Interior Minister about PlayStation 4 network encryption was misinterpreted and carried away by news media, engaging governments in discussions about legislation that could allow encryption backdoors. Is encryption really the problem and is more government control the solution? Stay until the end of the podcast to hear about Anonymous’s war on ISIS and the hypocritical nature of ISIS’s use of social media. Learn more about your ad choices. Visit megaphone.fm/adchoices

Although electronic discovery is increasingly important for court lawyers, only about 30 law schools nationwide offer e-discovery courses. To address the gap, Catalyst, an e-discovery service provider based out of Denver, has developed a practicum that aims to give law students the necessary experience to enter the workforce with adequate fundamental knowledge. So how does the program work and why is it important for future lawyers? In this episode of Digital Detectives, Sharon Nelson and John Simek interview Bill Hamilton, executive director of the UF E-Discovery Project at the University of Florida Levin College of Law, about their use of the Catalyst practicum. They discuss the curriculum’s components, the program’s pedagogical design, and what this means for the future of e-discovery education in law schools. Topics include: What a practicum is Digital evidence and students using e-discovery software Instructional videos, structured exercises, and quizzes with feedback Catalyst’s interest in education and their cloud-based platform Testing to strengthen retrieval capacity rather than as an assessment tool Applying the case law to concrete situations Grading process: low stakes testing and evaluation The need for law schools to provide more practical training Learn more about your ad choices. Visit megaphone.fm/adchoices

Sharon Nelson and John Simek interview Mary Mack about the history of ACEDS, why certification is important for e-discovery professionals, and future trends in e-discovery, information governance, and overall technological competence for lawyers. Learn more about your ad choices. Visit megaphone.fm/adchoices

Sharon Nelson and John Simek interview Jason R. Baron, of counsel to Drinker Biddle & Reath, LLP and co-chair of The Information Governance Initiative, about the Hillary Clinton controversy and the future of Shadow IT, BYOD, and information governance. Learn more about your ad choices. Visit megaphone.fm/adchoices