The document discusses several issues related to lawyers' use of cloud computing and mobile devices:
1) It addresses ethical obligations around maintaining client confidentiality when storing data on devices' hard drives or using cloud services. Lawyers must take reasonable steps to ensure data is protected and sanitized before disposal.
2) It examines opinions on permissibility of storing confidential client data in the cloud if reasonable security measures are taken, and on using email services that scan for keywords to display ads.
3) It summarizes an opinion that lawyers do not violate ethics rules by storing client information electronically with a third party, if they act competently to ensure confidentiality, even if an inadvertent disclosure occurs.
From the FinTech Webinar Series. Explores:
1. Storage and Processing of Data in “the Cloud”
2. Mobile Devices and Mobile Apps
3. “Big Data”
4. Security and Privacy Issues in Third-Party Contracts
5. Data Security and Corporate Governance
6. International Privacy and Data Security
7. Data Security as a National Security Concern: Legislation and Executive Initiatives
From the FinTech Webinar Series. Explores:
1. Storage and Processing of Data in “the Cloud”
2. Mobile Devices and Mobile Apps
3. “Big Data”
4. Security and Privacy Issues in Third-Party Contracts
5. Data Security and Corporate Governance
6. International Privacy and Data Security
7. Data Security as a National Security Concern: Legislation and Executive Initiatives
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to use open source tools to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about. In this session, we will discuss technologies that help protect people, preserve privacy, and enable you to do machine learning confidentially.
This session discusses industry standards and emerging privacy-enhanced computation techniques, secure multiparty computation, and trusted execution environments. We will discuss Zero Trust philosophy fundamentally changes the way we approach security since trust is a vulnerability that can be exploited particularly when working remotely and increasingly using cloud models. We will also discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
Presentation to the Science and Technology Committee of the American Bar Association on legal issues associated with employers enabling employee Bring Your Own Device policies.
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
NetIQ was a Platinum sponsor for “Plugging the Leaks: Finding and Fixing the IT Security Holes in Your Enterprise,” a virtual trade show (VTS) produced by Information Week Magazine and Dark Reading.
This was our presentation deck: "Proven Practices to Protect Critical Data" presented by Matt Mosley, Senior Product Manager, and Matt Ulery, Director of Product Management during a live presentation. They explored some of the most significant problems facing security teams tasked with protecting critical data. And, they will reveal some of the most effective approaches and technology that can be used to quickly identify real threats.
What I learned at the Infosecurity ISACA North America Conference 2019Ulf Mattsson
The 2019 Infosecurity ISACA North America Expo and Conference was held in New York City’s Javits Convention Center on November 20-21. With more than 50 sessions spanning 5 tracks, this conference offered the best-in-class educational content ISACA members and certification holders depend on, plus unprecedented access to leaders in the security industry.
Join Ulf Mattsson, Head of Innovation at TokenX for a conference recap webinar on the biggest takeaways
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
The evolution of the Internet of Things is significantly a
ected by legal restrictions imposed for personal data handling, such as the European General Data Protection Regulation (GDPR).
The main purpose of this regulation is to provide people in the digital age greater control over their personal data, with their freely given, specific, informed and unambiguous consent to collect and process the data concerning them. ADVOCATE is an advanced framework that fully complies with the requirements of GDPR, which, with the extensive use of blockchain and artificial intelligence technologies, aims to provide an environment that will support users in maintaining control of their personal data in the IoT ecosystem. This paper proposes and presents the Intelligent Policies Analysis Mechanism (IPAM) of the ADVOCATE framework, which, in an intelligent and fully automated manner, can identify conflicting rules or consents of the user, which may lead to the collection of personal data that can be used for profiling. In order to clearly identify and implement IPAM, the problem of recording user data from smart entertainment devices using Fuzzy Cognitive Maps (FCMs) was simulated. FCMs are an intelligent decision-making system that simulates the processes of a complex system, modeling the correlation base, knowing the behavioral and balance specialists of the system. Respectively, identifying conflicting rules that can lead to a profile, training is done using Extreme Learning Machines (ELMs), which are highly ecient neural systems of small and flexible architecture that can work optimally in complex environments.
This Blue Paper was prepared as a result of a roundtable discussion organised by the Takshashila Institution on 4 September 2017, based on the Discussion Document, Beyond Consent: A New Paradigm for Data Protection.
The discussion document brings forth a rights-based model (Rights Model) to help secure the interests of a data subject sharing his data with data controllers. This Rights Model assures to every individual, an inalienable right over his personal data. Any data collector that wishes to access a data subject's personal data must ensure that they do so in a manner that does not violate this inherent data right.
The Blue Paper highlights the recommendations of the all participants at the roundtable discussion, which was chaired by Rahul Matthan.
FTC Internet of Things Report
The report includes the following recommendations for companies developing Internet of Things devices:
build security into devices at the outset, rather than as an afterthought in the design process;
train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;
ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;
when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;
consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;
monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
Defining a Legal Strategy ... The Value in Early Case AssessmentAubrey Owens
Early Case Assessment provides the framework for litigators to identify and analyze electronically stored information in response to a litigation hold and.or discovery request.
Social Media for Lawyers & Law Firms : Chicago Bar AssociationKevin O'Keefe
Presentation before the Chicago Bar Association on 4/13/11. Review of principals of blogging and other forms of social media for professional and business development with high level discussion of
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to use open source tools to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about. In this session, we will discuss technologies that help protect people, preserve privacy, and enable you to do machine learning confidentially.
This session discusses industry standards and emerging privacy-enhanced computation techniques, secure multiparty computation, and trusted execution environments. We will discuss Zero Trust philosophy fundamentally changes the way we approach security since trust is a vulnerability that can be exploited particularly when working remotely and increasingly using cloud models. We will also discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
Presentation to the Science and Technology Committee of the American Bar Association on legal issues associated with employers enabling employee Bring Your Own Device policies.
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
NetIQ was a Platinum sponsor for “Plugging the Leaks: Finding and Fixing the IT Security Holes in Your Enterprise,” a virtual trade show (VTS) produced by Information Week Magazine and Dark Reading.
This was our presentation deck: "Proven Practices to Protect Critical Data" presented by Matt Mosley, Senior Product Manager, and Matt Ulery, Director of Product Management during a live presentation. They explored some of the most significant problems facing security teams tasked with protecting critical data. And, they will reveal some of the most effective approaches and technology that can be used to quickly identify real threats.
What I learned at the Infosecurity ISACA North America Conference 2019Ulf Mattsson
The 2019 Infosecurity ISACA North America Expo and Conference was held in New York City’s Javits Convention Center on November 20-21. With more than 50 sessions spanning 5 tracks, this conference offered the best-in-class educational content ISACA members and certification holders depend on, plus unprecedented access to leaders in the security industry.
Join Ulf Mattsson, Head of Innovation at TokenX for a conference recap webinar on the biggest takeaways
A Dynamic Intelligent Policies Analysis Mechanism for Personal Data Processin...Konstantinos Demertzis
The evolution of the Internet of Things is significantly a
ected by legal restrictions imposed for personal data handling, such as the European General Data Protection Regulation (GDPR).
The main purpose of this regulation is to provide people in the digital age greater control over their personal data, with their freely given, specific, informed and unambiguous consent to collect and process the data concerning them. ADVOCATE is an advanced framework that fully complies with the requirements of GDPR, which, with the extensive use of blockchain and artificial intelligence technologies, aims to provide an environment that will support users in maintaining control of their personal data in the IoT ecosystem. This paper proposes and presents the Intelligent Policies Analysis Mechanism (IPAM) of the ADVOCATE framework, which, in an intelligent and fully automated manner, can identify conflicting rules or consents of the user, which may lead to the collection of personal data that can be used for profiling. In order to clearly identify and implement IPAM, the problem of recording user data from smart entertainment devices using Fuzzy Cognitive Maps (FCMs) was simulated. FCMs are an intelligent decision-making system that simulates the processes of a complex system, modeling the correlation base, knowing the behavioral and balance specialists of the system. Respectively, identifying conflicting rules that can lead to a profile, training is done using Extreme Learning Machines (ELMs), which are highly ecient neural systems of small and flexible architecture that can work optimally in complex environments.
This Blue Paper was prepared as a result of a roundtable discussion organised by the Takshashila Institution on 4 September 2017, based on the Discussion Document, Beyond Consent: A New Paradigm for Data Protection.
The discussion document brings forth a rights-based model (Rights Model) to help secure the interests of a data subject sharing his data with data controllers. This Rights Model assures to every individual, an inalienable right over his personal data. Any data collector that wishes to access a data subject's personal data must ensure that they do so in a manner that does not violate this inherent data right.
The Blue Paper highlights the recommendations of the all participants at the roundtable discussion, which was chaired by Rahul Matthan.
FTC Internet of Things Report
The report includes the following recommendations for companies developing Internet of Things devices:
build security into devices at the outset, rather than as an afterthought in the design process;
train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;
ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;
when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;
consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;
monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
Defining a Legal Strategy ... The Value in Early Case AssessmentAubrey Owens
Early Case Assessment provides the framework for litigators to identify and analyze electronically stored information in response to a litigation hold and.or discovery request.
Social Media for Lawyers & Law Firms : Chicago Bar AssociationKevin O'Keefe
Presentation before the Chicago Bar Association on 4/13/11. Review of principals of blogging and other forms of social media for professional and business development with high level discussion of
1 3Financial Service Security EngagementLearning Team .docxoswald1horne84988
1
3
Financial Service Security EngagementLearning Team CCMGT/400
April 8th, 2019
Ellen Gaston
Financial Service Security Engagement
· Create a plan that addresses the secure use of mobile devices by internal employees and external employees as they use mobile devices to access these applications.
· Recommend physical security and environmental controls to protect the data center which runs the on-site applications.
Introduction
Integrating cloud-based, customer relationship management (CRM) software application with the on-site software applications that manage customer accounts and investment portfolios can assist a firm to create more leads, increase revenue, minimize the cost of sales, and improve customer services. However, this system has some security risks and requires an organization to create a plan that addresses its secure use.
Mobile Gadget Security/Bring Your Own Device Plan (BYOD)
This involves creating a gadget usage policy, before issuing them to workers. This entails limitation of its use and probable actions against its violation (Michener, 2015). Employees also are taught on how to mitigate security risks of mobile phones. If workers can utilize their personal gadgets, BYOD security policy is created, which comprises of installing distant wiping application on all devices to store data accessed from the organization (Michener, 2015). Organization should install current antivirus software to all devices to prevent hacking and loss of data. The content stored in the mobile devices should be backed up on organization’s computers on regularly basis to make sure that the data is safe if a gadget is stolen or lost.
Selecting Passwords
Passwords meant for the devices should be strong enough and not common to any third party. This ensures privacy as it prevents data linkage to unwanted individuals. On a different point, carrying out consistent mobile security audits and penetration assessment is one of the physical securities and environmental control measures. In this case, a firm hires a recognized security testing company to audit their gadget security and carry out penetration assessment (Michener, 2015). This ensures data protection as any noticed channels of data linkage drives the firm to upgrade its system.
· Propose audit assessment and processes that will be used to ensure that the cloud-based CRM software provider uses appropriate physical security and environmental controls to protect their data centers which run your cloud-based CRM software.
· Develop identity and access management policies for both the on-site systems and the cloud-based CRM.
Customers should be aware that unique data security issues arise in a cloud computing environment. For example, in an ASP environment, a single physical server may be dedicated to the customer for hosting the application and storing the customer’s data. However, in a cloud computing environment, technologies and approaches used to facilitate scalability, such .
Have you prepared your clients for your law firm’s move to the cloud?
If you take care of your clients first, everything else will fall into place. This is a mantra followed by innovative and successful law firms. As more law firms embrace the cloud, it’s imperative to communicate clearly and often, address potential concerns about moving to the cloud, and keep clients informed at every stage of the transition process.
Join Joshua Lenon, Clio’s Lawyer in Residence, as he talks about the client-centric approach that innovative law firms use to succeed when moving to the cloud.
In this free, 1-hour webinar, you’ll learn about:
How to get buy-in from your clients to move to the cloud
Most common client concerns and solutions
Communication best practices during transition
How to train clients on using your firm’s cloud-based platform
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
Authorities including the UK Information Commissioner, the Solicitors Regulation Authority
(SRA) and the Council of Bars and Law Societies of Europe (CCBE) are establishing
requirements which are conflicting with the main foundation of cloud computing and in
many cases making it impossible to implement
Date Use Rules in Different Business Scenarios: It's All Contextual William Tanenbaum
Arent Fox LLP. Rules for data collection, aggregation, sharing, use and protection all depend on the business and legal context. One size does not fit all.
Date Use Rules in Different Business Scenarios: It's All Contextual William Tanenbaum
Arent Fox LLP. Collecting, sharing, aggregating and using data in different business models and scenarios are subject to different rules and depend on the specific context
Date Use Rules in Different Business Scenarios:It's All Contextual William Tanenbaum
All privacy is contextual. Like that, the legal rules for collecting, aggregating, sharing and protecting data, including through IP, are specific to the context. One size does not fit all.
Don't be a robot: You can't automate your ethical considerationsNehal Madhani
Technology--especially given its exponential growth--allows attorneys to streamline their practices and automate previously manual aspects of their legal work. While technology can save attorneys time and allow them to focus their attention on more substantive tasks, attorneys are often leary of its ethical pitfalls.
This presentation addresses attorneys’ technological options and obligations and explains how to successfully incorporate technology into your legal practice.
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
In this talk I share thoughts on how women in legal tech can support one another and help amplify each other's messages by using the hashtag #legaltechX2
Social Media Evidence: Ethics and Best Practices for LawyersNicole Black
Covers the ins and outs of ethically using social media to mine for evidence for litigation and also how to use social media to research jurors at trial.
These are the slides from my Keynote at the the Lexis Nexis 2011 Practice Management Annual Conference, which was held in Orlando, Florida (See: http://www.lexisnexis.com/pmac2011/).
6 Things Lawyers Should Know About Social MediaNicole Black
Slides from my presentation with Lisa Solomon, "6 Things Lawyers Should Know About Social Media." This presentation was given at the American Bar Association's Solo and Small Practice conference on 10/17/09 in Los Angeles.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
6. A fundamentalist is a person
who considers whether a fact is
acceptable to their faith before
they explore it. As opposed to
a curious person who explores
first and then considers
whether or not they want to
accept the ramifications.
--Seth Godin
12. Cloud and Mobile Computing: Not
a Trend
• Cloud computing is the top technology trend for
2010
• By 2012, 20% of businesses will own no IT assets
and will conduct business solely in the Cloud
• By 2013, mobile phones will overtake PCs as the
most common Web access device worldwide
• By 2014, over 3 billion of the world’s adult
population will be able to transact electronically via
mobile or Internet technology
* Gartner’s Top Predictions for IT Organizations and Users, 2010 and
Beyond: A New Balance
14. • Nearly 98% of respondents
incorporated virtualization
technologies into their law firms.
Some used virtual servers, while
others brought virtualization to
their desktop computers.
• Nearly 84% of responding firms
reported using SaaS-based
products as well. Typically,
however, cloud computing
products were used for secondary
functions like eDiscovery or
human resources.
*Am Law 2009 Tech Survey
15. • 80% of firms use cloud
computing--mostly for non-critical
tasks like e-discovery and HR
• 60% of firms use cloud-based
services for e-discovery or
litigation support features, and
many use it for important (but not
bread-and-butter) tasks like
benefits or expense management
•5% use cloud services for
document management
• 6% use it for storage
*Am Law 2010 Tech Survey
16. “14% of law firms plan to invest in
some type of cloud computing or
software-as-a-service solution.
However, it must be noted that
lack of familiarity with cloud
computing and related emerging
technologies may be inhibiting
adoption. Among attorneys, only
30% rate themselves as familiar
with the concept of cloud
computing, while only 45% claim
knowledge of the concept of
managed services.”
* Comp TIA 2010 survey (a non-profit trade association for
the IT industry)
17.
18. Cloud computing is a “type of computing that is comparable to grid
computing, relies on sharing computing resources rather than having local
servers or personal devices to handle applications. The goal of cloud
computing is to apply traditional supercomputing power (normally used by
military and research facilities) to perform tens of trillions of computations per
second.”
19. Cloud computing is a “type of computing that is comparable to grid
computing, relies on sharing computing resources rather than having local
servers or personal devices to handle applications. The goal of cloud
computing is to apply traditional supercomputing power (normally used by
military and research facilities) to perform tens of trillions of computations per
second.”
Software as a service —or SaaS —is “[a] software delivery
model in which a software firm provides daily technical
operation, maintenance, and support for the software
provided to their client.”
21. Ethical issues to consider:
A. Attorney client confidentiality
B.
Compare/contrast to traditional outsourcing relationships
C.
Transborder data flow
D.
Meeting obligations of “reasonable” security
E.
Electronic evidence/e-discovery
22. QUESTION:
What are the ethical obligations of
lawyers in regard to data stored on the
hard drives of “storage media”.
Florida Bar Ethics Opinion 10-12 (September 2010)
23. ANSWER:
Lawyers who use devices that contain storage media such as
computers, printers, copiers, scanners, cellular phones, personal
digital assistants, flash drives, memory sticks, facsimile machines and
other electronic or digital devices must take reasonable steps to
ensure that client confidentiality is maintained and that the device
is sanitized before disposition, including: (1) identification of the
potential threat to confidentiality along with the development and
implementation of policies to address the potential threat to
confidentiality; (2) inventory of the Devices that contain Hard
Drives or other Storage Media; (3) supervision of nonlawyers to
obtain adequate assurances that confidentiality will be maintained;
and (4) responsibility for sanitization of the Device by requiring
meaningful assurances from the vendor at the intake of the Device
and confirmation or certification of the sanitization at the
disposition of the Device.
24. Lawyers using these devices must familiarize themselves with new technologies and
“have a duty to keep abreast of changes in technology to the extent that the lawyer
can identify potential threats to maintaining confidentiality.”
Also, lawyers must take reasonable steps to ensure that client confidentiality is
maintained. One important part of this duty includes the obligation to identify any
“potential threat(s) to confidentiality along with the development and
implementation of policies to address the potential threat to confidentiality.”
The Committee noted that lawyers who use mobile devices also have a supervisory
responsibility that extends to not only to the lawyer’s own employees but to
“entities outside the lawyer’s firm with whom the lawyer contracts to assist in the
care and maintenance of the Devices in the lawyer’s control.” Part of the lawyer’s
supervisory duty requires that the lawyer obtain assurances from any nonlawyers
who will have access to confidential information that confidentiality of the
information will be maintained.
25. QUESTION:
Whether an attorney can use an online system to store
confidential client data and, if so, what steps must be
taken to ensure the data are secure?
New York State Bar Association’s Committee on Professional Ethics, Opinion 842
(September 2010)
26. ANSWER:
It is permissible for attorneys to store confidential client data in the
cloud, but only if reasonable steps are taken to ensure the data would be
adequately protected from unauthorized disclosure: “A lawyer may use
an online data storage system to store and back up client confidential
information provided that the lawyer takes reasonable care to ensure
that confidentiality will be maintained in a manner consistent with the
lawyer’s obligations under Rule 1.6. In addition, the lawyer should stay
abreast of technological advances to ensure that the storage system
remains sufficiently advanced to protect the client’s information, and
should monitor the changing law of privilege to ensure that storing the
information online will not cause loss or waiver of any privilege.”
Importantly, the committee noted that “exercising ‘reasonable care’ under Rule
1.6 does not mean that a lawyer guarantees that the information is secure
from any unauthorized access.”
27. QUESTION:
“May a lawyer use an e-mail service provider that scans
e-mails by computer for keywords and then sends or
displays instantaneously (to the side of the e-mails in
question) computer-generated advertisements to users
of the service based on the e-mail communications?”
The New York State Bar Association Committee on Professional Ethics, Opinion
820-2/08/08
28. ANSWER:
“Unless the lawyer learns information suggesting that
the provider is materially departing from conventional
privacy policies or is using the information it obtains by
computer-scanning of e-mails for a purpose that, unlike
computer-generated advertising, puts confidentiality at
risk, the use of such e-mail services comports with DR
4-101…A lawyer may use an e-mail service provider
that conducts computer scans of e-mails to generate
computer advertising, where the e-mails are not
reviewed by or provided to other individuals.”
29. QUESTION:
The question addressed in this opinion is whether a lawyer violates
SCR 156 by storing confidential client information and/or
communications, without client consent, in an electronic format on
a server or other device that is not exclusively in the lawyer’s
control.
State Bar of Nevada Standing Committee on Ethics and Professional Responsibility,
Formal Opinion No. 33
30. ANSWER:
In order to comply with the rule, the lawyer must act competently and
reasonably to safeguard confidential client information and communications
from inadvertent and unauthorized disclosure. This may be accomplished
while storing client information electronically with a third party to the same
extent and subject to the same standards as with storing confidential paper
files in a third party warehouse. If the lawyer acts competently and
reasonably to ensure the confidentiality of the information, then he or she
does not violate SCR 156 simply by contracting with a third party to store the
information, even if an unauthorized or inadvertent disclosure should occur...
The ABA Committee addressed an issue much closer to that discussed here
in Formal Opinion number 95-398, and concluded that a lawyer may give a
computer maintenance company access to confidential information in client
files, but that in order to comply with the obligation of client confidentiality, he
or she “must make reasonable efforts to ensure that the company has in
place, or will establish, reasonable procedures to protect the confidentiality
of client information.”
31. 4th Amendment issues
In a decision issued by the United States District Court, District of Oregon
Opinion and Order in In re: US, Nos. 08-9131-MC, 08-9147-MC, (2009), the
government successfully argued that it need not notify the account holder regarding
a warrant that is served upon the ISP holder of the email account (gmail). In
reaching its decision, the court gave lip service to the concept that emails are
entitled to Fourth Amendment protection, but then stated:
“Much of the reluctance to apply traditional notions of third party disclosure to the
e-mail context seems to stem from a fundamental misunderstanding of the lack of
privacy we all have in our e-mails. Some people seem to think that they are as
private as letters, phone calls, or journal entries. The blunt fact is, they are not.”
32. In comparison, however, see footnote 7 from the October 2009 Memorandum and
Order issued by the United States District Court, Eastern District of New York, in
US v. Cioffi, Case No. 08-CR-415 (FB):
One preliminary matter is not in question: The government does not dispute that
Tannin has a reasonable expectation of privacy in the contents of his personal email
account. See United States v. Zavala, 541 F.3d 562,577 (5th Cir. 2008) ("[C]ell
phones contain a wealth of private information, including emails, text messages, call
histories, address books, and subscriber numbers. [The defendant] had a reasonable
expectation of privacy regarding this information."); United States v. Forrester, 512
F.3d 500, 511 (9th Cir. 2008) ("E-mail, like physical mail, has an outside address
'visible' to the third-party carriers that transmit it to its intended location, and also
a package of content that the sender presumes will be read only by the intended
recipient. The privacy interests in these two forms of communication are identical.
The contents may deserve Fourth Amendment protection, but the address and size
of the package do not.").
33. Security issues to
consider:
1. Encryption
2. Geo-redundancy
3. Data back ups
4. Extraction of data
35. • What type of facility will host the data?
• Who else has access to the cloud facility, the servers and the data and what
mechanisms are in place to ensure that only authorized personnel will be able to
access your data? How does the vendor screen its employees? If the vendor
doesn’t own the data center, how does the data center screen its employees?
• Does the contract include terms that limit data access by the vendor’s employees
to only those situations where you request assistance?
For full list see: http://bit.ly/hyFBxo
36. • Does the contract address confidentiality? If not, is the vendor willing to sign a
confidentiality agreement?
• How frequently are back-ups performed? How are you able to verify that backups
are being performed as promised?
• Is data backed up to more than one server? Where are the respective servers
located? Will your data, and any back up copies of it, always stay within the
boundaries of the United States?
• How secure are the data centers where the servers are housed?
• What types of encryption methods are used and how are passwords stored? Is
your data encrypted while in transit or only when in storage?
For full list see: http://bit.ly/hyFBxo
37. • Has a third party, such as McAfee, evaluated or tested the vendor’s security
measures to assess the strength of, among other things, firewalls, encryption
techniques, and intrusion detection systems? Are the audits of the security system
available for your review?
• Are there redundant power supplies for the servers?
• Does the contract include a guarantee of uptime? How much uptime? What
happens in the event that the servers are down? Will you be compensated if there
is an unexpected period of downtime that exceeds the amount set forth in the
agreement?
• If a natural disaster strikes one geographic region, would all data be lost? Are
there geo-redundant back ups?
For full list see: http://bit.ly/hyFBxo
38. • What remedies does the contract provide? Are consequential damages included? Are total
damages capped or are specific remedies limited?
• Does the agreement contain a forum selection clause? How about a mandatory arbitration
clause?
• If there is a data breach, will you be notified? How are costs for remedying the breach allocated?
• What rights do you have upon termination? Does the contract contain terms that require the
vendor to assist you in transitioning from their system to another?
• What rights do you have in the event of a billing or similar dispute with the vendor? Do you have
the option of having your data held in escrow by a third party, so that it is fully accessible in the
event of a dispute? Alternatively can you back up your data locally so that it is accessible to you
should you need it?
• Does the provider carry cyber insurance? If so, what does it cover? What are the coverage
limits?
For full list see: http://bit.ly/hyFBxo
41. Thanks for listening!
Nicole Black
Of Counsel, Fiandach & Fiandach
Founder of lawtechTalk
www.nicoleblackesq.com
Social Media for Lawyers: the Next Frontier
published by the ABA in July 2010
(http://bit.ly/socmed4lawyersbook)
Cloud Computing for Lawyers to be
published by the ABA in May 2011
Editor's Notes
\n
Today: 1) why CC and mobile tech matters 2) what CC is 3) ethical and security issues.\n\nBottom line--CC is the future. For some firms, the current tech and security may be insufficient, but that will change quickly. Learn about it, understand it and position your firm for the future. \n
Information is changing--we must rethink “information”--be curious\n
Explore the benefits. Balance the risks. Be curious.\n\n
\n
\n
\n
\nSimple definition of CC: data/software stored on someone else’s server.\n
\n
Mobile tech in the legal field is a given--after all lawyers were crackberry addicts before anyone else. So let’s talk about cloud computing.\n
\n
\n
\n
Legal specific apps (prac man, billing, doc management) and general apps (google apps, dropbox).\n
Legal specific apps (prac man, billing, doc management) and general apps (google apps, dropbox).\n
Ethics and security seems to be a thorny maze of issues.\n
\n
\n
\n
ABA Ethics 20/20--my take--can’t be tasked with supervising them re: their tech skills.\n
\n
\n
\n
Note: Gmail language re: free email. Option is to use Google Apps--$50 per user per month.\n
\n
\n
Electronic Communications Privacy Act (ECPA)--no significant revisions since 1986\n