Preparing for the Long-Term Work From Home (WFH)

Monday’s Keynote presentation by Dave Kennedy, Founder of TrustedSec and Binary Defense, started with the following stat: 3987% increase in phishing attacks since COVID-19 (March 1). He then followed that stat with this fact, “it’s never been easier to be a hacker than it is today.” With a large percentage of workers being at home and the authorities not having the jurisdiction or ability to “catch” hackers from across the world, ransomware attacks and scams are on the rise.

As the thought of being hacked became more real for attendees in the chat box, Dave had the attendees’ full attention and dove into five preventative steps organizations can take to keep their organization/firm secure.

• Multi-Factor Authentication (MFA)
• Endpoint Detection and Visibility (VPN ex.)
• Network Architecture and Segmentation
• End User Education and Awareness
• Vulnerability Management

To learn more, watch the recording here*.

*Available only to registrants and those who have paid for the recordings

Beyond Prevention — How to Keep Sensitive Information Safe with Active Monitoring

We were pleased to have Mary Singh, Director of Detection and Response Engineering at Expel, as Tuesday’s LegalSEC Summit Keynote Speaker. She has 18 years of experience in information operations, intrusion detection, and incident response. Before #LegalSEC20, she shared that her Keynote would, “Show and tell the audience how to AMPLIFY their organization security through the application of internal context to active monitoring.”

Mary shared how to identify any gaps in security visibility, how to monitor effectively and efficiently, and how to take action on analysis findings.

Security is stronger when you know your “People.”

Good communication is essential in creating and sustaining good security. As security stakeholders, it is vital to be persistent and inform colleagues and executives about protecting security. Mary Singh stated, “Security isn’t something you buy. It’s something to do.”

Great security requires an investment in people and time to improve visibility, business context, and effective action on findings. By actively monitoring sensitive information, it protects the company, organization, clients, and employees.

Improve Visibility.

You cannot successfully validate or protect what you cannot see. An example of improving visibility is with logs that capture system access and activity. Endpoint Detection and Response (EDR) translates suspicious activities to alerts, which aids in coverage of visibility.

Analyze and protect data by enriching alerts with context, asset attributes, and correlate or group related alerts.

By filtering and reducing the alert piles, it allows for less decision making. However, by adding an alert, enrichment, and context, it creates more efficient and accurate decisions. It is helpful to categorize alerts to enable a focus area. Efficient and accurate decisions protect data and decrease the chances of not recognizing a security breach early.

The earlier you detect and remediate, the better off you are.

It is important to identify which activities are harmless and what is harmful. By doing this, you begin to know when you should act. Act and take specific measures to protect sensitive information.

Mary Singh’s Keynote gave us an opportunity to practice and act on protecting sensitive information effectively and efficiently. She stated, “An investment in people and time is required to identify visibility gaps, actively monitor, and take effective action on security findings. This investment will help firms and clients validate which people or systems have or had access to sensitive information.”

In all, taking action(s) earlier will decrease the chance of security attacks.

Top Security Myths, Busted

Alvin Tedjamulia, Chief Technology Officer at NetDocuments, set LegalSEC attendee straight on two security myths regarding encryption data and end-user security. With more than 300 attendees present, Alvin’s passion for the topic was clear and necessary for this information.

“I like the fact that a major vendor is giving a presentation on a security concept that is platform agnostic. This discussion is generating security discussions, not platform comparisons,” said one LegalSEC attendee.

Myths Busted

Data encryption should be at rest and in-transit.
That is insufficient – We need encryption at rest, in-transit, and in use. Solutions need to provide encryption of data in use to be considered completely secure. This will provide silent subpoena defense and protection against self and nation state attacks.

Access controls, ethical walls and exception reporting are the critical technologies for end-user security.
That is insufficient – We need access controls, ethical walls and exception reporting, and what action the users can take. Think of “the three A's for end-user security: Authentication, Access Control, and Action Control."

Law firms may not have control over specific security elements when working with cloud providers, but they do retain custody of their data and need to make good choices when partnering with a cloud provider that will manage their client data.

Click here to watch the keynote*

*Available only to registrants and those who have paid for the recordings