SlideShare a Scribd company logo

Cyber Risk in e-Discovery: What You Need to Know

Download as PPTX, PDF
K
kCura_Relativity

From an April 2018 webinar, check out these insights on cybersecurity and its influence on e-discovery from John DeCraen of Alvarez & Marsal LLC and Nik Balepur of Relativity.

Internet
1 of 22
© Relativity. All rights reserved. Cyber Risk in e-Discovery: What You Need to Know
© Relativity. All rights reserved. Nik Balepur Solutions Architect, Relativity John deCraen Senior Director of Global Cyber Risk Services, Alvarez & Marsal Disputes and Investigations, LLC
© Relativity. All rights reserved. Why Cybersecurity Is Important
© Relativity. All rights reserved. Industry Attention to Cybersecurity • Most litigation support and data processing firms have not earnestly undertaken the fundamentals of cybersecurity and are at risk for infection from their clients’ imported data • Very little in the way of regulation or governmental guidance Effective cybersecurity starts with the fundamentals
© Relativity. All rights reserved. Three Pillars of Cybersecurity
© Relativity. All rights reserved. Examples: • Import of unknown client data – Processing of Advanced Persistent Threats (APT) – Infection of third-party review systems • Perimeter attacks – Perimeter attack and breach – Access to client or other sensitive data • Social attacks – Productivity attacks (ransomware, DDoS) – Command and Control (CnC) • Internal actors – Corporate or legal espionage – Data theft and sabotage Threats An action, potential action, or inaction, likely to cause damage, harm, or loss “threat” = capability x intent Any activity intended to cause damage or break through defenses
© Relativity. All rights reserved. Examples: • Import of unknown client data – Porous file transport site – Ineffective malware scanning and detection • Perimeter attacks – Poorly configured or absent web application firewall (WAF) – No Intrusion Detection (IDS) or Prevention (IPS) • Social attacks – Ineffective user training and poor user account management – No file integrity monitoring or HIDS • Internal actors – No Network Access Control (NAC) – Ineffective Data Leakage Protection (DLP) Vulnerability Specific gaps in the protection of assets that can be exploited by threats in order to compromise the asset and realize a risk Weakness to breakage or harm from threats
© Relativity. All rights reserved. Examples: • Import of unknown client data – Undetected network infection – Infection of third-party productions • Perimeter attacks – Undetected loss of client or company data – Unavailable web applications • Social attacks – Inside-out perimeter breach – Easily established pivot point • Internal actors – Undetectable data exfiltration – Evasive techniques custom developed Risk The resulting damage, harm, or loss of unmitigated vulnerability to threats “risk” = probability x harm The damage caused, real or potential, and costs incurred with breakage
© Relativity. All rights reserved. Cybersecurity in e-Discovery
© Relativity. All rights reserved. Applying to e-Discovery Industry-Related Vulnerabilities Ineffective or non-existent data import security Weak detective and defensive posture No plan that considers detected malware in responsive evidence No regulatory or legal guidance for data analytics companies Myriad of client industry-specific regulations
© Relativity. All rights reserved. Applying to e-Discovery Industry-Related Risks Production of infected data to client, counsel, or the court Findings of regulatory non-compliance for your client or your company Loss of reputation as trusted provider Reduced revenue
© Relativity. All rights reserved. Cybersecurity Realities The e-discovery lifecycle: • Has unique cybersecurity vulnerabilities to mitigate • Generates unique cybersecurity risks to consider
© Relativity. All rights reserved. Cybersecurity and the EDRM 1. Information Governance, Risk, and Compliance • Unknown or misidentified and widely variant ambiguous regulatory controls • Misunderstood or ignored industry specific security threats • Underdeveloped or absent enterprise security policy • Absent or ineffective corporate security governance and auditing 1
© Relativity. All rights reserved. Cybersecurity and the EDRM 2. Preservation, Collection, and Import • Data collectors and forensic examiners unaware of specific risks • Unhygienic collection methodologies • Poor data segmentation • Processes that do not account for likely sources of infection (advanced malware scanning) 2
© Relativity. All rights reserved. Cybersecurity and the EDRM 3. Processing and Analysis • Potentially infected files processed within the evidence population • Infection of processing and review systems as well as the corporate network • No network segmentation • Ineffective or absent network and server log aggregation and analytics 3
© Relativity. All rights reserved. Cybersecurity and the EDRM 4. Review and Production • Infection of review hosts (internal, opposing counsel, third-party contract attorneys) • Infection of federal and state regulators or other governmental organizations 4
© Relativity. All rights reserved. Contributing factors: • Cybersecurity awareness that is lacking or under informed • Refusal to acknowledge threats • Culture of ignoring risks and vulnerabilities over revenue • Inexperience • Hubris The number one driver in most cybersecurity breaches is ineffective leadership and culture “Risk comes from not knowing what you are doing.” – Warren Buffet 1 Breach Causality
© Relativity. All rights reserved. Mitigating Risks
© Relativity. All rights reserved. 1. Use hygienic and secure collection methods 2. Understand the source data environment as well as any client data security measures and industry-specific regulatory burdens (HIPAA, PCI) prior to collection 3. Ensure your FTP server is FIPS compliant 4. Employ proper data and network segmentation 5. Use advanced malware scanning for imports and if you outsource pre-processing, ensure your vendor does as well 6. Develop infected file protocols and reporting, and leverage pretrial conferences to set expectations for alternative delivery for infected files 7. Use advanced malware scanning for exports Mitigating Risks
© Relativity. All rights reserved. Using Legal Hold to Evaluate Develop comprehensive subject-matter expert focused assessment campaigns Discover vulnerability causation • Validate SME and employee understanding of compliance expectations • Understand gaps in policy and control language • Identify root causes of failures to achieve compliance maturity Measure cybersecurity risk posture and process maturity • Discover processes or functions not meeting expectations • Identify weak or absent detective and protective activities/technologies • Establish baseline and collect historical gap closure success rates Initial intelligence gathering to inform deeper evaluation • Provides ideal starting point for preparing for regulatory level examinations • Identify weak or absent detective and protective activities • Provides for ideal starting point for comprehensive cyber readiness evaluations (CREs)
© Relativity. All rights reserved. Closing Thoughts Think security first and compliance will be one of the results Think risk astute – You must do a better job at understanding your environment, honestly approach risks and vulnerabilities Ask – What am I not aware of that I could or should be? Why am I not aware of it? Think progressively – your enemies are! Seek expert assistance
Break new ground and rethink the way you practice e-discovery. • 2,000+ Attendees • 200+ Speakers • 150+ Sessions • CLE-accredited Sessions RelativityFest.com

Recommended

New Security Legislation & It's Implications for OSS Management
New Security Legislation & It's Implications for OSS Management New Security Legislation & It's Implications for OSS Management
New Security Legislation & It's Implications for OSS Management Black Duck by Synopsys
 
Cyber incident response or how to avoid long hours of testimony
Cyber incident response or how to avoid long hours of testimony Cyber incident response or how to avoid long hours of testimony
Cyber incident response or how to avoid long hours of testimony David Sweigert
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Equifax, the FTC Act, and Vulnerability Scanning
Equifax, the FTC Act, and Vulnerability ScanningEquifax, the FTC Act, and Vulnerability Scanning
Equifax, the FTC Act, and Vulnerability ScanningBlack Duck by Synopsys
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 

Recommended

New Security Legislation & It's Implications for OSS Management
New Security Legislation & It's Implications for OSS Management New Security Legislation & It's Implications for OSS Management
New Security Legislation & It's Implications for OSS Management Black Duck by Synopsys
 
Cyber incident response or how to avoid long hours of testimony
Cyber incident response or how to avoid long hours of testimony Cyber incident response or how to avoid long hours of testimony
Cyber incident response or how to avoid long hours of testimony David Sweigert
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Equifax, the FTC Act, and Vulnerability Scanning
Equifax, the FTC Act, and Vulnerability ScanningEquifax, the FTC Act, and Vulnerability Scanning
Equifax, the FTC Act, and Vulnerability ScanningBlack Duck by Synopsys
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera... SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...
SANS Ask the Expert: An Incident Response Playbook: From Monitoring to Opera...AlienVault
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Ht t17
Ht t17Ht t17
Ht t17SelectedPresentations
 
Incident Response
Incident Response Incident Response
Incident Response InnoTech
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramResilient Systems
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIEC-Council
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
SEC440: Incident Response Plan
SEC440: Incident Response PlanSEC440: Incident Response Plan
SEC440: Incident Response PlanThomas Christopher Ty
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2FRSecure
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security AssessmentKarthikeyan Dhayalan
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMAlienVault
 
Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsLumension
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxbakhtinasiriav
 

More Related Content

What's hot

Incident Response
Incident Response Incident Response
Incident Response InnoTech
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramResilient Systems
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIEC-Council
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handlingnewbie2019
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2FRSecure
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMAlienVault
 
Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsLumension
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Resilient Systems
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 

What's hot (20)

The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
 
Ht t17
Ht t17Ht t17
Ht t17
 
Incident Response
Incident Response Incident Response
Incident Response
 
How to Build a Successful Incident Response Program
How to Build a Successful Incident Response ProgramHow to Build a Successful Incident Response Program
How to Build a Successful Incident Response Program
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFI
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
SEC440: Incident Response Plan
SEC440: Incident Response PlanSEC440: Incident Response Plan
SEC440: Incident Response Plan
 
Chapter 15 incident handling
Chapter 15 incident handlingChapter 15 incident handling
Chapter 15 incident handling
 
Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2Slide Deck CISSP Class Session 2
Slide Deck CISSP Class Session 2
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security Assessment
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
Incident response
Incident responseIncident response
Incident response
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
 
Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's Threats
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 

Similar to Cyber Risk in e-Discovery: What You Need to Know

Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxbakhtinasiriav
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxAkramAlqadasi1
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Software
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security ManagementJonathan Coleman
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisNorth Texas Chapter of the ISSA
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offeringeeaches
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISSaazan Shrestha
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientAccenture Operations
 

Similar to Cyber Risk in e-Discovery: What You Need to Know (20)

Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
 
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptxColorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
Colorado-Society-of-CPAs-Cybersecurity-Presentation-v3_Feb8.pptx
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
 
Security metrics
Security metrics Security metrics
Security metrics
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
It security cognic_systems
It security cognic_systemsIt security cognic_systems
It security cognic_systems
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 

Recently uploaded

定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfThe Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfMilind Agarwal
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 

Recently uploaded (20)

定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdfThe Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
The Intriguing World of CDR Analysis by Police: What You Need to Know.pdf
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 

Cyber Risk in e-Discovery: What You Need to Know

  • 1. © Relativity. All rights reserved. Cyber Risk in e-Discovery: What You Need to Know
  • 2. © Relativity. All rights reserved. Nik Balepur Solutions Architect, Relativity John deCraen Senior Director of Global Cyber Risk Services, Alvarez & Marsal Disputes and Investigations, LLC
  • 3. © Relativity. All rights reserved. Why Cybersecurity Is Important
  • 4. © Relativity. All rights reserved. Industry Attention to Cybersecurity • Most litigation support and data processing firms have not earnestly undertaken the fundamentals of cybersecurity and are at risk for infection from their clients’ imported data • Very little in the way of regulation or governmental guidance Effective cybersecurity starts with the fundamentals
  • 5. © Relativity. All rights reserved. Three Pillars of Cybersecurity
  • 6. © Relativity. All rights reserved. Examples: • Import of unknown client data – Processing of Advanced Persistent Threats (APT) – Infection of third-party review systems • Perimeter attacks – Perimeter attack and breach – Access to client or other sensitive data • Social attacks – Productivity attacks (ransomware, DDoS) – Command and Control (CnC) • Internal actors – Corporate or legal espionage – Data theft and sabotage Threats An action, potential action, or inaction, likely to cause damage, harm, or loss “threat” = capability x intent Any activity intended to cause damage or break through defenses
  • 7. © Relativity. All rights reserved. Examples: • Import of unknown client data – Porous file transport site – Ineffective malware scanning and detection • Perimeter attacks – Poorly configured or absent web application firewall (WAF) – No Intrusion Detection (IDS) or Prevention (IPS) • Social attacks – Ineffective user training and poor user account management – No file integrity monitoring or HIDS • Internal actors – No Network Access Control (NAC) – Ineffective Data Leakage Protection (DLP) Vulnerability Specific gaps in the protection of assets that can be exploited by threats in order to compromise the asset and realize a risk Weakness to breakage or harm from threats
  • 8. © Relativity. All rights reserved. Examples: • Import of unknown client data – Undetected network infection – Infection of third-party productions • Perimeter attacks – Undetected loss of client or company data – Unavailable web applications • Social attacks – Inside-out perimeter breach – Easily established pivot point • Internal actors – Undetectable data exfiltration – Evasive techniques custom developed Risk The resulting damage, harm, or loss of unmitigated vulnerability to threats “risk” = probability x harm The damage caused, real or potential, and costs incurred with breakage
  • 9. © Relativity. All rights reserved. Cybersecurity in e-Discovery
  • 10. © Relativity. All rights reserved. Applying to e-Discovery Industry-Related Vulnerabilities Ineffective or non-existent data import security Weak detective and defensive posture No plan that considers detected malware in responsive evidence No regulatory or legal guidance for data analytics companies Myriad of client industry-specific regulations
  • 11. © Relativity. All rights reserved. Applying to e-Discovery Industry-Related Risks Production of infected data to client, counsel, or the court Findings of regulatory non-compliance for your client or your company Loss of reputation as trusted provider Reduced revenue
  • 12. © Relativity. All rights reserved. Cybersecurity Realities The e-discovery lifecycle: • Has unique cybersecurity vulnerabilities to mitigate • Generates unique cybersecurity risks to consider
  • 13. © Relativity. All rights reserved. Cybersecurity and the EDRM 1. Information Governance, Risk, and Compliance • Unknown or misidentified and widely variant ambiguous regulatory controls • Misunderstood or ignored industry specific security threats • Underdeveloped or absent enterprise security policy • Absent or ineffective corporate security governance and auditing 1
  • 14. © Relativity. All rights reserved. Cybersecurity and the EDRM 2. Preservation, Collection, and Import • Data collectors and forensic examiners unaware of specific risks • Unhygienic collection methodologies • Poor data segmentation • Processes that do not account for likely sources of infection (advanced malware scanning) 2
  • 15. © Relativity. All rights reserved. Cybersecurity and the EDRM 3. Processing and Analysis • Potentially infected files processed within the evidence population • Infection of processing and review systems as well as the corporate network • No network segmentation • Ineffective or absent network and server log aggregation and analytics 3
  • 16. © Relativity. All rights reserved. Cybersecurity and the EDRM 4. Review and Production • Infection of review hosts (internal, opposing counsel, third-party contract attorneys) • Infection of federal and state regulators or other governmental organizations 4
  • 17. © Relativity. All rights reserved. Contributing factors: • Cybersecurity awareness that is lacking or under informed • Refusal to acknowledge threats • Culture of ignoring risks and vulnerabilities over revenue • Inexperience • Hubris The number one driver in most cybersecurity breaches is ineffective leadership and culture “Risk comes from not knowing what you are doing.” – Warren Buffet 1 Breach Causality
  • 18. © Relativity. All rights reserved. Mitigating Risks
  • 19. © Relativity. All rights reserved. 1. Use hygienic and secure collection methods 2. Understand the source data environment as well as any client data security measures and industry-specific regulatory burdens (HIPAA, PCI) prior to collection 3. Ensure your FTP server is FIPS compliant 4. Employ proper data and network segmentation 5. Use advanced malware scanning for imports and if you outsource pre-processing, ensure your vendor does as well 6. Develop infected file protocols and reporting, and leverage pretrial conferences to set expectations for alternative delivery for infected files 7. Use advanced malware scanning for exports Mitigating Risks
  • 20. © Relativity. All rights reserved. Using Legal Hold to Evaluate Develop comprehensive subject-matter expert focused assessment campaigns Discover vulnerability causation • Validate SME and employee understanding of compliance expectations • Understand gaps in policy and control language • Identify root causes of failures to achieve compliance maturity Measure cybersecurity risk posture and process maturity • Discover processes or functions not meeting expectations • Identify weak or absent detective and protective activities/technologies • Establish baseline and collect historical gap closure success rates Initial intelligence gathering to inform deeper evaluation • Provides ideal starting point for preparing for regulatory level examinations • Identify weak or absent detective and protective activities • Provides for ideal starting point for comprehensive cyber readiness evaluations (CREs)
  • 21. © Relativity. All rights reserved. Closing Thoughts Think security first and compliance will be one of the results Think risk astute – You must do a better job at understanding your environment, honestly approach risks and vulnerabilities Ask – What am I not aware of that I could or should be? Why am I not aware of it? Think progressively – your enemies are! Seek expert assistance
  • 22. Break new ground and rethink the way you practice e-discovery. • 2,000+ Attendees • 200+ Speakers • 150+ Sessions • CLE-accredited Sessions RelativityFest.com

Editor's Notes

  1. Nik: Thank you for tuning in to learn about cyber risks in e-discovery. My name is Nik Balepur and I’m a solutions architect at Relativity, helping Relativity users better understand how to make the most of the platform. I’ve worked in e-discovery for about 10 years, managing legal and technology projects. In today’s webinar, I’ll be discussing cyber risks with John deCraen. John presented on this topic at Relativity Fest and we’ve decided to bring it back today based on popular demand. John is a senior director with Alvarez & Marsal’s Disputes and Investigations practice, specializing in global cyber risk services and digital forensics. Joining A&M in 2004 from the finance industry, he has since been involved in computer forensics, cybersecurity, and IT risk matters performing various management, investigatory, and analytical assignments for global clients in a multitude of industries. John, thank you for joining us today. Tell us a little about your background, the types of clients you usually work with, and what makes them unique. John: [Discuss background in cybersecurity, computer forensics, and e-discovery as well as what comes with these large cases that you don't usually see with small litigation]
  2. Nik: With many high-profile breaches, cybersecurity has become a popular topic in various industries around the world. John, from your experience, how seriously do you think the e-discovery industry takes cybersecurity?
  3. John: [Overview about current state of organizations’ cybersecurity practices and understanding] There’s very little in the way of regulation or governmental guidance, so it’s up to us to make sure we protect our data and our clients’ data. Effective cybersecurity starts with the fundamentals. Organizations need to understand the three pillars of cybersecurity.
  4. Nik: What are the three pillars of cybersecurity? Can you provide a few examples of each?
  5. John: A threat is an action, potential action, or inaction, likely to cause damage, harm, or loss [Capability x intent] [Quick examples (Import of unknown client data, perimeter attacks, social attacks, and internal actors)]
  6. John: Vulnerabilities are specific gaps in the protection of assets that can be exploited by threats in order to compromise the asset and realize a risk [Overview of using NIST cybersecurity program to define activities and help definite vulnerabilities] [Quick examples (Import of unknown client data, perimeter attacks, social attacks, and internal actors)]
  7. John: Risk is the resulting damage, harm, or loss of unmitigated vulnerability to threats [Probability x harm] [Why quantifying cyber risks is very difficult] [Quick examples (Import of unknown client data, perimeter attacks, social attacks, and internal actors)]
  8. Nik: What are some unique cybersecurity vulnerabilities and risks in e-discovery?
  9. John: [Overview of industry-related vulnerabilities]
  10. John: [Overview of industry-related risks]
  11. John: The e-discovery lifecycle has unique cybersecurity vulnerabilities to mitigate and it generates unique cybersecurity risks that should be considered
  12. Nik: While the audience is taking the poll, we’ll answer a question: In terms of security, do you have any tips for what to look when selecting a service provider? It looks like the audience is most concerned with [survey results here] John, what cybersecurity considerations should practitioners keep in mind in each stage of e-discovery? John: [Overview of cybersecurity considerations in the information governance, risk, and compliance stage]
  13. John: [Overview of cybersecurity considerations in the preservation, collection, and import stages]
  14. John: [Overview of cybersecurity considerations in the processing and analysis stages]
  15. John: [Overview of cybersecurity considerations in the review and production stages]
  16. Nik: While the audience is taking the poll, we’ll answer a question: How do you ensure metadata is preserved on infected files? The audience is leaning toward [survey results here] as the top driver in breaches. John, from your experience, what is the most common cause of cyber breaches? John: Ineffective leadership and culture [Overview of why this is the biggest driver and why compliance is not security] [Overview of contributing factors] [Importance of maintaining a good process in addition to selecting secure tools]
  17. Nik: In addition to building effective security leadership and culture, what should practitioners do to avoid these risks in e-discovery?
  18. John: [Overview of takeaways based on the current state of cybersecurity in e-discovery]
  19. John: [Overview of how Alvarez & Marsal is using Legal Hold in cybersecurity situations]
  20. Nik: If today’s viewers take five things away from today’s webinar, what should they be? John: [Closing thoughts] [When talking about seeking expert assistance, can you provide some high level tips about finding a provider that takes security seriously?]
  21. Nik: Thank you for joining us today. A survey will be available as you exit the webinar. Please take a minute to let us know your thoughts. We’ll use your feedback to improve future events. I also wanted to remind everyone that Relativity Fest 2018 will take place September 30 – October 3 in Chicago, and registration is now open. Join us to hear from more speakers like John. Visit relativityfest.com to learn more.