15-17 JUNE 2020
The engagement before, during, and after sessions was extraordinary! Our member and business partner attendees learned from the speakers and each other, contributing to an incredible environment of education and connections!
Our inaugural LegalSEC Summit Virtual Edition is in the books, and I couldn’t be more pleased about the event.
Our week started with a fantastic keynote by Dave Kennedy of TrustedSec. He scared us. For most conferences, that might not be a great kickoff. However, for a security conference, it is likely the best kind of message. Dave’s talk spun off conversations throughout the week – another mark of a great keynote!
I was fortunate to be able to attend nearly all our sessions during the week. You can take the Joy out of the Geek, but you can’t take the Geek out of the Joy!
Some of my key takeaways from Day 1 were ….
The most intriguing Day 1 conversation for me was around Shadow IT. With everyone working remotely, shadow IT presents a challenge we can’t ignore. Look for us to tackle that topic in an upcoming “There Are No Experts” roundtable!
We started Day 2 with our annual Women Who Lead “breakfast” (some people may have been eating lunch, but ….). Kaveri Subbarao Nauhaus inspired us to embrace our inner Evil Knievel in her talk about The Daredevil Prescription. Boldly we go!
We then enjoyed another terrific keynote. Mary Singh from Expel provided tremendous insights on taking data (which we have LOTS of in the security world) and turning it into data that we turn into actions. My other takeaway was that it’s not too late to get the horse back in the barn – but we need to realize that is happening and that organizations have been in some cases sacrificing security to keep operations going.
More great sessions on Day 2! We talked about endpoint security in an age where you may not truly own the endpoints, with the additional challenges of multiple peripherals you may not own. And I have a new appreciation for the complexities of identity management in a cloud or hybrid environment. Glad there are so many great tools out there to help!
Alvin Tedjamulia of NetDocuments opened Day 3 with a deep dive into encryption as part of our session on Myth Busting (security style). There was an enormous level of chat during this opening session – and that marked our whole day! DLP and client questionnaires are pain points everywhere. Perhaps the highest engagement session of the day was our wrap-up on free security tools. This shows the best of ILTA with all members of the community engaging to each other’s benefit!
Thank you, thank you, thank you to our LegalSEC Summit Planning Committee, our LegalSEC Steering Committee, our speakers, our sponsors, our staff, and our attendees. It truly takes a village to put on a conference, as well as to make us secure.
I am glad to be in the same village with all of you!
Hope to see you all at ILTA>ON!
— Joy Heath Rush
Founder, TrustedSec and Binary Defense
read highlights »
Monday’s Keynote presentation by Dave Kennedy, Founder of TrustedSec and Binary Defense, started with the following stat: 3987% increase in phishing attacks since COVID-19 (March 1). He then followed that stat with this fact, “it’s never been easier to be a hacker than it is today.” With a large percentage of workers being at home and the authorities not having the jurisdiction or ability to “catch” hackers from across the world, ransomware attacks and scams are on the rise.
As the thought of being hacked became more real for attendees in the chat box, Dave had the attendees’ full attention and dove into five preventative steps organizations can take to keep their organization/firm secure.
To learn more, watch the recording here*.
*Available only to registrants and those who have paid for the recordings
Senior Detection & Response Engineer at Expel
We were pleased to have Mary Singh, Director of Detection and Response Engineering at Expel, as Tuesday’s LegalSEC Summit Keynote Speaker. She has 18 years of experience in information operations, intrusion detection, and incident response. Before #LegalSEC20, she shared that her Keynote would, “Show and tell the audience how to AMPLIFY their organization security through the application of internal context to active monitoring.”
Mary shared how to identify any gaps in security visibility, how to monitor effectively and efficiently, and how to take action on analysis findings.
Good communication is essential in creating and sustaining good security. As security stakeholders, it is vital to be persistent and inform colleagues and executives about protecting security. Mary Singh stated, “Security isn’t something you buy. It’s something to do.”
Great security requires an investment in people and time to improve visibility, business context, and effective action on findings. By actively monitoring sensitive information, it protects the company, organization, clients, and employees.
You cannot successfully validate or protect what you cannot see. An example of improving visibility is with logs that capture system access and activity. Endpoint Detection and Response (EDR) translates suspicious activities to alerts, which aids in coverage of visibility.
By filtering and reducing the alert piles, it allows for less decision making. However, by adding an alert, enrichment, and context, it creates more efficient and accurate decisions. It is helpful to categorize alerts to enable a focus area. Efficient and accurate decisions protect data and decrease the chances of not recognizing a security breach early.
It is important to identify which activities are harmless and what is harmful. By doing this, you begin to know when you should act. Act and take specific measures to protect sensitive information.
Mary Singh’s Keynote gave us an opportunity to practice and act on protecting sensitive information effectively and efficiently. She stated, “An investment in people and time is required to identify visibility gaps, actively monitor, and take effective action on security findings. This investment will help firms and clients validate which people or systems have or had access to sensitive information.”
In all, taking action(s) earlier will decrease the chance of security attacks.
Chief Technology Officer at NetDocuments
Alvin Tedjamulia, Chief Technology Officer at NetDocuments, set LegalSEC attendee straight on two security myths regarding encryption data and end-user security. With more than 300 attendees present, Alvin’s passion for the topic was clear and necessary for this information.
“I like the fact that a major vendor is giving a presentation on a security concept that is platform agnostic. This discussion is generating security discussions, not platform comparisons,” said one LegalSEC attendee.
Data encryption should be at rest and in-transit. That is insufficient – We need encryption at rest, in-transit, and in use. Solutions need to provide encryption of data in use to be considered completely secure. This will provide silent subpoena defense and protection against self and nation state attacks.
Access controls, ethical walls and exception reporting are the critical technologies for end-user security. That is insufficient – We need access controls, ethical walls and exception reporting, and what action the users can take. Think of “the three A's for end-user security: Authentication, Access Control, and Action Control."
Law firms may not have control over specific security elements when working with cloud providers, but they do retain custody of their data and need to make good choices when partnering with a cloud provider that will manage their client data.
Click here to watch the keynote*
"Very impressed with virtual conference platform, and all speakers and sessions have been outstanding!!! Great job for putting this together! Thank you!" - Anna Montejo
"...this is my first virtual conference I have learned that I can learn in this environment." - Shawn Hill
"I've actually had a really great time! I've enjoyed the chat feature. I feel like I've gotten to connect with more people than normal" - Business Partner
With a full 65% rating LSS as "highly valuable."69% of respondents also said they are "highly likely" to recommend LSS to a colleague or a friend.
As a litigation support professional, attending LegalSEC places me a tad outside my specialty. However, I was extremely happy I could attend the event and was excited to see the new virtual platform in action. I did attend the preview with ILTA staff – but the actual event brought the platform to life. read more »
As a litigation support professional, attending LegalSEC places me a tad outside my specialty. However, I was extremely happy I could attend the event and was excited to see the new virtual platform in action. I did attend the preview with ILTA staff – but the actual event brought the platform to life.
As an experienced attendee of in-person events, I was curious to see how the personality of ILTA would translate to virtual content. What I found was that many of the attributes that make ILTACON a worthwhile event to attend translated to the virtual platform.
Having the ability to meet up with groups to chat or individuals to ‘meet with’ was easy to navigate – admittedly this took work from the ILTA staff and those who volunteer.
Of course, our new familiarity with working through web meetings certainly helped remove any thought barriers of attending meetings by Zoom rather than physically sitting in an auditorium - actually I could visit with someone not just seated adjacent to me, so it was better than an actual auditorium.
Meeting with service providers in the Exhibit Hall translated to the virtual platform much better than I thought it would. The exhibit hall showed me who was standing at the booth and available to meet with me. I could make appointments to meet up at the booth - that it was virtual was not a barrier to that.
The most meaningful benefits to me that is ILTA is the belonging to the community of awesome nerds - what I found in the chats prior to presentations is the same friendliness, open-hearted comradery that translated in a genuine way from in-person to virtual events. It was warm, fun and welcoming to newcomers – as it always has.
Given my successful LegalSEC experience, I now look forward to the virtual ILTA>ON in August. See you there!
— Cindy MacBean ILTA Program Planning Council Publications Liaison and Litigation Support Manager, Honigman LLP
Kaveri Subbarao Nauhaus is a humble bad-ass woman who leads. A corporate lawyer, she has her own legal practice at Clark Hill, an Am Law 200 international firm, in which she serves as General Counsel to a number of former national pro athletes. But, most of her time is spent leading the 250-attorney Litigation practice across Clark Hill's 25 offices. Yes, that's right…she is a practicing corporate lawyer, running the operations, recruiting, and strategic direction of the firm's largest global practice group - made up of litigators! She does all this while also being a spouse and a mom. read more »
Kaveri Subbarao Nauhaus is a humble bad-ass woman who leads. A corporate lawyer, she has her own legal practice at Clark Hill, an Am Law 200 international firm, in which she serves as General Counsel to a number of former national pro athletes. But, most of her time is spent leading the 250-attorney Litigation practice across Clark Hill's 25 offices. Yes, that's right…she is a practicing corporate lawyer, running the operations, recruiting, and strategic direction of the firm's largest global practice group - made up of litigators! She does all this while also being a spouse and a mom.
We are in for a treat this morning as Kaveri shares her personal journey and discoveries toward being more okay with taking risks - in fact, becoming a daredevil in order to take full advantage of life's opportunities.
More than 60 attendees tuned into Kaveri’s Daredevil Prescription presentation before day two of LegalSEC started. Over a morning cup of coffee or tea, they learned to step out of their comfort zone and leverage everyday risks to succeed in life. Kaveri referenced that while quarantine is a struggle for many reasons, it’s also the perfect time to focus on yourself and to “face some really hard truths.” Try to control what you can control.
To focus on yourself and to be a daredevil, think of the following three things…
Kaveri wrapped up her presentation by saying it is comforting to be safe, but is it fulfilling you? Risk takers are proven to be happier because they are more satisfied in their lives. Even if they have failed, they have learned for that experience.
Ask yourself, “What am I willing to take on day-to-day?” You can problem solve and take chances on yourself.
Join the Women Who Lead Online Community to watch the recording and find more information about ILTA’s Women Who Lead here.
Max Concurrent Attendees in One Session
Educational Session Views
Registrants may visit the LegalSEC 2020 Online Community to find the session recordings and materials. If you would like gain access to the recordings and materials, you may purchase them here.
"Over the past 8 months, the LegalSEC Summit planning committee and co-chairs have worked tirelessly to develop sessions for both an in-person and a virtual event! They could not have been more positive, nimble and excited to blaze the virtual conference trail for ILTA! ILTA is extremely blessed to have such brilliant and dedicated volunteers. Thank you!"