Cyber Liability Coverage in the Marketplace with Dan CotterButlerRubin
Butler Rubin partner Daniel A. Cotter discussed the Model Rules of Professional Conduct (RPCs) as they relate to lawyers’ technology obligations at the National Association of Bar Related Insurance Companies (NABRICO) 2017 Annual Conference hosted by ISBA Mutual in Chicago, IL. Dan joined a panel of experts including Michael Hannigan (Konicek & Dillon), Alex Ricardo (Beazley Group), and Daniel Zureich (Lawyers Mutual Insurance Company of North Carolina) to discuss, “Cyber Liability Coverage in the Marketplace.” Dan emphasized the need for the insurers to consider what the reasonable standard is for lawyers and to help frame the answer. Dan also addressed some recent cyber-related decisions and cases pending.
For more information on developments in the cyber insurance and privacy areas, contact Dan Cotter (dcotter@butlerrubin.com).
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyButlerRubin
Butler Rubin Partner, Dan Cotter discusses in detail the changes to the Model Rules of Professional Conduct that impact lawyers and their obligations to understand technology and safeguard against inadvertent data breaches.
Here's a one hour presentation to Canadian municipal lawyers on the union right of access to information that arises under labour law and how it has fared against employee privacy claims.
Navigating Risk In Data & Technology TransactionsMMMTechLaw
Presentation: Negotiating risk management terms for data & technology contracts.
The information herein is presented for educational and informational purposes and is not intended to constitute legal advice. Additional information is at www.mmmtechlaw.com/privacy-policy-and-disclaimer/ .
Cyber Liability Coverage in the Marketplace with Dan CotterButlerRubin
Butler Rubin partner Daniel A. Cotter discussed the Model Rules of Professional Conduct (RPCs) as they relate to lawyers’ technology obligations at the National Association of Bar Related Insurance Companies (NABRICO) 2017 Annual Conference hosted by ISBA Mutual in Chicago, IL. Dan joined a panel of experts including Michael Hannigan (Konicek & Dillon), Alex Ricardo (Beazley Group), and Daniel Zureich (Lawyers Mutual Insurance Company of North Carolina) to discuss, “Cyber Liability Coverage in the Marketplace.” Dan emphasized the need for the insurers to consider what the reasonable standard is for lawyers and to help frame the answer. Dan also addressed some recent cyber-related decisions and cases pending.
For more information on developments in the cyber insurance and privacy areas, contact Dan Cotter (dcotter@butlerrubin.com).
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyButlerRubin
Butler Rubin Partner, Dan Cotter discusses in detail the changes to the Model Rules of Professional Conduct that impact lawyers and their obligations to understand technology and safeguard against inadvertent data breaches.
Here's a one hour presentation to Canadian municipal lawyers on the union right of access to information that arises under labour law and how it has fared against employee privacy claims.
Navigating Risk In Data & Technology TransactionsMMMTechLaw
Presentation: Negotiating risk management terms for data & technology contracts.
The information herein is presented for educational and informational purposes and is not intended to constitute legal advice. Additional information is at www.mmmtechlaw.com/privacy-policy-and-disclaimer/ .
How to Manage Vendors and Third Parties to Minimize Privacy RiskTrustArc
The scope of vendor or third-party requirements has significantly grown due to the global pandemic we’re living in. Not only are you working to ensure your vendor management efforts will result in compliance with GDPR, CCPA and other privacy regulations, now you must consider privacy risks associated with COVID-19.
Regulations have specific provisions that address vendors and extend companies’ data privacy obligations throughout their supply chains. Organizations need to be able to collect, maintain and track critical data for ongoing vendor management in order to properly evaluate, monitor and track their status.
This webinar will provide:
-Overview of privacy laws and regulations (i.e., CCPA, GDPR) and corresponding vendor and third-party requirements
-Summary of vendor management processes and how they can be supplemented to specifically address data privacy and security risks
-Best practices for managing data privacy in your vendor network
-Guidance on how to build & manage your vendor privacy management program with practical solutions
Presentation to (ISC)2 Omaha-Lincoln Chapter meeting on March 15th, 2017. This presentation looks at managing compliance with multiple cybersecurity laws and regulations across different industries using the NIST Risk Management Framework.
This presentation covers the details about Bajaj Allianz's cyber insurance policy for individuals, which safeguards them from new-age risk factors and impacts of various cyber-attacks.
Best Practices Regarding Technology (Series: Legal Ethics - Best Practices)Financial Poise
Technology is rapidly changing the way lawyers provide services. This is so especially in light of the Covid-19 pandemic, which creates new and different ethical challenges to confidentiality, cyber fraud and securing data, marketing and advertising concerns, and client communications. This webinar will address a myriad of new problems lawyers are facing and some practical suggestions and solutions that arise out of the changing manner and pace of the practice of law. This webinar will also cover several ABA Model Rules of Professional Conduct.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/best-practices-regarding-technology-2021/
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Bradley's panel reacts to and addresses a hypothetical cyber incident involving a widespread compromise of consumer healthcare and financial information. Amy Leopard (Healthcare), Mike Pennington (Litigation), John Goodman (Litigation), Elena Lovoy (Financial Services), and moderator Paige Boshell (Intellectual Property, Financial Services) will offer legal and practical strategies to proactively respond to and resolve a specified data breach. Highlights will include customer notice strategies, attorney-client privilege and litigation avoidance strategies, and coordination with third parties, including external PR and forensic investigators, vendors, regulators, and law enforcement.
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Jim Brashear
Presentation for the North Carolina State Bar seminar on Real Estate Hot Topics on February 20, 2015. This presentation focuses on email security and its role in complying with the ALTA Best Practice on Privacy and Protection of Non-Public Personal Information.
Privacy, Privilege And Confidentiality For Lawyerscanadianlawyer
This slide show was part of a presentation by mark Hayes at the 2011 Canadian Bar Association Annual Meeting in Halifax, Nova Scotia on August 16, 2011.
Data Confidentiality, Security and Recent Changes to the ABA Model Rulessaurnou
Continuing legal education (CLE) presentation regarding data confidentiality, information security, computer forensics and legal ethics in light of technology-related changes made to the American Bar Association's Model Rules of Professional Conduct.
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...Gary Allen
The webinar will address the challenges of high overhead, legal industry disruption and ethical compliance in a time of dizzying technological change.
Attendees will learn:
the fundamentals of lean practice,
practical ways to reduce the cost of doing business,
how to develop new business models and
how to ensure the confidentiality of client information in the Internet Age.
We’ll discuss revenue, operations and behavioral changes so that you’re well-positioned to compete in today’s changing marketplace.
You don’t have to be a tech expert.
Lean is a way of thinking.
Lean is a way of operating.
Lean is the future.
A lean practice puts you in the position where you’re not captive to your overhead.
LeanLaw, an Idaho-based legal software and services company is conducting a 90-minute webinar, in process to be approved by the Idaho State Bar for 1.5 hours of CLE Ethics credits.
How to Manage Vendors and Third Parties to Minimize Privacy RiskTrustArc
The scope of vendor or third-party requirements has significantly grown due to the global pandemic we’re living in. Not only are you working to ensure your vendor management efforts will result in compliance with GDPR, CCPA and other privacy regulations, now you must consider privacy risks associated with COVID-19.
Regulations have specific provisions that address vendors and extend companies’ data privacy obligations throughout their supply chains. Organizations need to be able to collect, maintain and track critical data for ongoing vendor management in order to properly evaluate, monitor and track their status.
This webinar will provide:
-Overview of privacy laws and regulations (i.e., CCPA, GDPR) and corresponding vendor and third-party requirements
-Summary of vendor management processes and how they can be supplemented to specifically address data privacy and security risks
-Best practices for managing data privacy in your vendor network
-Guidance on how to build & manage your vendor privacy management program with practical solutions
Presentation to (ISC)2 Omaha-Lincoln Chapter meeting on March 15th, 2017. This presentation looks at managing compliance with multiple cybersecurity laws and regulations across different industries using the NIST Risk Management Framework.
This presentation covers the details about Bajaj Allianz's cyber insurance policy for individuals, which safeguards them from new-age risk factors and impacts of various cyber-attacks.
Best Practices Regarding Technology (Series: Legal Ethics - Best Practices)Financial Poise
Technology is rapidly changing the way lawyers provide services. This is so especially in light of the Covid-19 pandemic, which creates new and different ethical challenges to confidentiality, cyber fraud and securing data, marketing and advertising concerns, and client communications. This webinar will address a myriad of new problems lawyers are facing and some practical suggestions and solutions that arise out of the changing manner and pace of the practice of law. This webinar will also cover several ABA Model Rules of Professional Conduct.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/best-practices-regarding-technology-2021/
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Bradley's panel reacts to and addresses a hypothetical cyber incident involving a widespread compromise of consumer healthcare and financial information. Amy Leopard (Healthcare), Mike Pennington (Litigation), John Goodman (Litigation), Elena Lovoy (Financial Services), and moderator Paige Boshell (Intellectual Property, Financial Services) will offer legal and practical strategies to proactively respond to and resolve a specified data breach. Highlights will include customer notice strategies, attorney-client privilege and litigation avoidance strategies, and coordination with third parties, including external PR and forensic investigators, vendors, regulators, and law enforcement.
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Jim Brashear
Presentation for the North Carolina State Bar seminar on Real Estate Hot Topics on February 20, 2015. This presentation focuses on email security and its role in complying with the ALTA Best Practice on Privacy and Protection of Non-Public Personal Information.
Privacy, Privilege And Confidentiality For Lawyerscanadianlawyer
This slide show was part of a presentation by mark Hayes at the 2011 Canadian Bar Association Annual Meeting in Halifax, Nova Scotia on August 16, 2011.
Data Confidentiality, Security and Recent Changes to the ABA Model Rulessaurnou
Continuing legal education (CLE) presentation regarding data confidentiality, information security, computer forensics and legal ethics in light of technology-related changes made to the American Bar Association's Model Rules of Professional Conduct.
The Story of a Lean Law Firm: Escaping the Overhead Swamp, Surviving Disrupti...Gary Allen
The webinar will address the challenges of high overhead, legal industry disruption and ethical compliance in a time of dizzying technological change.
Attendees will learn:
the fundamentals of lean practice,
practical ways to reduce the cost of doing business,
how to develop new business models and
how to ensure the confidentiality of client information in the Internet Age.
We’ll discuss revenue, operations and behavioral changes so that you’re well-positioned to compete in today’s changing marketplace.
You don’t have to be a tech expert.
Lean is a way of thinking.
Lean is a way of operating.
Lean is the future.
A lean practice puts you in the position where you’re not captive to your overhead.
LeanLaw, an Idaho-based legal software and services company is conducting a 90-minute webinar, in process to be approved by the Idaho State Bar for 1.5 hours of CLE Ethics credits.
Law firm cybersecurity in the cloud
According to the 2017 ABA Legal Technology Survey, 22% of law firms faced a cyberattack or data breach—and you don’t want your firm to be one of them.
That’s why staying up to date with the latest legal technology is key to managing your firm’s cybersecurity and keeping your clients’ data as secure as possible.
Learn how law firms can utilize cloud technology to create greater cybersecurity than what they have now.
In this CLE-eligible webinar, you’ll learn:
Top cybersecurity risks for law firms
How to eliminate high cyber-risk vectors
How to recover from a cyber incident
Duration: 60 minutes
https://landing.clio.com/law-firm-cybersecurity.html
As online practice management solutions and cloud technology become increasingly prevalent, lawyers face the challenge of assuaging client concerns around the security and confidentiality of hosted online data. They also face the task of gaining informed consent from clients when using such tools for engagement and information management.
How can lawyers implement and use secure communication tools, online client portals, and online practice management solutions while protecting themselves from the confidentiality rules that govern such technologies?
Register now for this webinar with legal technology expert Chad Burton, who will go over salient facts that lawyers need to know when engaging with clients in the cloud, including:
• State ethics opinions on using cloud computing vendors
• Obtaining informed client consent
• Common client concerns related to cloud computing
An examination of the legal and ethical issues that the use of Artificial Intelligence products and services presents to lawyers including by reference to the American Bar Association's Model Rules of Professional Conduct.
Business is based on trust. In the cloud, to deserve the trust of its customers and others, a company must be able to demonstrate that it protects the privacy and security of the data in its custody. It must communicate clearly and specifically the nature and extent of the measures taken to protect these data, and show how they meet the existing legal and regulatory requirements, standards, best practices and benchmarks. Customers, on the other end, need tools to evaluate and compare different offerings so that they can decide which one deserves their trust and their business.
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Don't be a robot: You can't automate your ethical considerationsNehal Madhani
Technology--especially given its exponential growth--allows attorneys to streamline their practices and automate previously manual aspects of their legal work. While technology can save attorneys time and allow them to focus their attention on more substantive tasks, attorneys are often leary of its ethical pitfalls.
This presentation addresses attorneys’ technological options and obligations and explains how to successfully incorporate technology into your legal practice.
How to Avoid Malpractice & Disciplinary Actions - General Do's and Don'ts (Se...Financial Poise
This webinar presents basic practice pointers to avoid malpractice and disciplinary actions, and how to respond to claims of malpractice or unethical behavior if they arise. The panel also discusses the role that malpractice insurance plays in these situations and the ramifications of a malpractice judgment or disciplinary action. Model Rules addressed may include: those that govern the client-lawyer relationship (Rules 1.1 through 1.10; 1.13; and 1.16); those that that speak to transactions with persons other than clients (Rules 4.1 through 4.4); those that govern the responsibilities of managing and supervisory lawyers, subordinate lawyers, non-lawyer assistance, independence, unauthorized practice of law, and multijurisdictional practice (Rules 5.1 through 5.5); and those that govern communication, including advertising and solicitation of clients (Rules 7.1 through 7.5).
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/how-to-avoid-malpractice-disciplinary-actions-general-dos-and-donts-2021/
Key highlights of the General Data Protection Regulation (GDPR), which organisations will need to consider when preparing for its coming into force on 25 May 2018.
FTC overview on glba final rule on safeguards 2010 Compliance PresentationBrent Hillyer
This was a presentation for a large dealer group on the how and why to follow the rules of the FTC Safeguard. This was designed to target the sales level employees since they are usually the main risk point
General Data Protection Regulation: what do you need to do to get prepared? -...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Helena Wootton looks at the things you need to do to get prepared for the new data protection regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Ai on the case legal and ethical issues (may 17 2019)Richard Austin
Presentation on the legal and ethical issues that the use of Artificial Intelligence products and systems presents for lawyers including discussion of ABA Model Rules of Professional Conduct
Hot Off the Presses: Recent Cases & Decisions (Series: Legal Ethics - Best Pr...Financial Poise
This webinar is for the lawyer -or anyone else- who wants to brush up on the latest issues and strategies to be aware of regarding legal ethics and best practices. The panelists discuss recent and important case law in the area and explain how those decisions can have real-world impact on the situations you may be involved in. Among others, the panel will address the following Model Rules of Professional Conduct: Rule 1.7-Conflict of Interest: Current Clients; Rule 1.8-Conflict of Interest: Current Clients: Specific Rules; Rule 3.8 - Special Responsibilities of a Prosecutor; and Rule 4.4(a) Respect for Rights of Third Persons.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/recent-cases-decisions-2021/
Similar to Rules of Professional Conduct and Cybersecurity presented by Accellis Technology Group with Affinity Partner Barron K. Henley (20)
You've made it. You're in the Cloud, avoided some initial mistakes & secured your data. Now learn how to improve collaboration & efficiency by exploring coauthoring, chat tools & One Drive vs. SharePoint Online with us.
Now that your data is in the Cloud, you need to make sure you secure it. Office 365 covers encryption, redundancy & other important items, but your users are still your biggest risk! Learn the basics to help determine who can share documents, how to receive notifications about specific messages that leave your firm, & more!
Explore some common productivity mistakes following a cloud migration. Specifically, we'll look at going paperless, reducing excess documents, scanning on the go & more!
What to Do After a Cyberattack: A Cybersecurity Incident Response Plan presen...Accellis Technology Group
A cyberattack can easily cripple your law firm so even a basic plan can save your firm in the long run. Learn how to build a plan that will protect your firm from being damaged.
Learn why the legal industry is such a popular target and what common mistakes can be found at most firms. You'll also discover why it's important to have a plan in case your firm falls victim to a breach.
Small but Not Forgotten: Cybersecurity for the Small Firm Presented by Accell...Accellis Technology Group
Clients no longer see a breach as a failure – but not being prepared definitely still is. Learn practical steps you or your firm's IT team can take to help begin protecting yourselves from a breach today.
The biggest cybersecurity threat to law firms is socially engineered ransomware attacks. These specifically targeted attacks are developed by cybercriminals and use your information against you. Learn the different types of social engineering attacks and how your firm can train to prevent these dangerous attacks.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
2. • Hi, I’m Barron Henley
• Married 27 years - 3 daughters
• Partner with
• Document assembly & MS Word expert
• Law office over-hauler
• Gourmet cook
12. • In 2013, ABA added technology changes
to model rules
• As of today, 28 states have adopted them
13. A lawyer shall provide competent
representation to a client. Competent
representation requires the legal
knowledge, skill, thoroughness and
preparation reasonably necessary for the
representation.
Rule 1.1 - Competence
14. To maintain the requisite knowledge and
skill, a lawyer should keep abreast of
changes in the law and its practice,
including the benefits and risks associated
with relevant technology, engage in
continuing study and education and
comply with all continuing legal education
requirements to which the lawyer is
subject.
Rule 1.1 Comment 8
15. (a) A lawyer shall not reveal information
relating to the representation of a client,
including information protected by the
attorney-client privilege under applicable
law, unless the client gives informed
consent, the disclosure is impliedly
authorized in order to carry out the
representation, or the disclosure is
permitted by division (b) or required by
division (d) of this rule.
Rule 1.6(a)
16. (c) A lawyer shall make reasonable
efforts to prevent the inadvertent or
unauthorized disclosure of or unauthorized
access to information related to the
representation of a client.
Rule 1.6(c)
17. [18] Division (c) requires a lawyer to act
competently to safeguard information
relating to the representation of a client
against unauthorized access by third
parties and against inadvertent or
unauthorized disclosure by the lawyer or
other persons who are participating in the
representation of the client or who are
subject to the lawyer’s supervision.
Rule 1.6 Comment 18
18. [18 cont.] The unauthorized access to, or
the inadvertent or unauthorized disclosure
of, information relating to the
representation of a client does not
constitute a violation of division (c) if the
lawyer has made reasonable efforts to
prevent the access or disclosure.
Rule 1.6 Comment 18
19. [18 cont.] Factors to be considered in
determining the reasonableness of the
lawyer’s efforts include, but are not limited
to, the sensitivity of the information, the
likelihood of disclosure if additional
safeguards are not employed, the cost of
employing additional safeguards, the
difficulty of implementing the safeguards,
and the extent to which the safeguards
adversely affect the lawyer’s ability to
represent clients ….
Rule 1.6 Comment 18
20. [18 cont.] A client may require the lawyer
to implement special security measures
not required by this Rule or may give
informed consent to forgo security
measures that would otherwise be required
by this Rule. …
Rule 1.6 Comment 18
21. [19] When transmitting a communication
that includes information relating to the
representation of a client, the lawyer must
take reasonable precautions to prevent the
information from coming into the hands of
unintended recipients.
Rule 1.6 Comment 19
22. [19 cont.] This duty, however, does not
require that the lawyer use special security
measures if the method of communication
affords a reasonable expectation of
privacy.
Rule 1.6 Comment 19
23. [19 cont.] Special circumstances, however,
may warrant special precautions. Factors to
be considered in determining the
reasonableness of the lawyer’s expectation of
confidentiality include the sensitivity of the
information and the extent to which the
privacy of the communication is protected by
law or by a confidentiality agreement. A client
may require the lawyer to implement special
security measures not required by this Rule
or may give informed consent to the use of a
means of communication that would
otherwise be prohibited by this Rule. …
Rule 1.6 Comment 19
25. (c) A lawyer shall be responsible for another lawyer’s
violation of the Ohio Rules of Professional Conduct if
either of the following applies:
(1) the lawyer orders or, with knowledge of the
specific conduct, ratifies the conduct involved; or
(2) the lawyer is a partner or has comparable
managerial authority in the law firm in which the other
lawyer practices, or has direct supervisory authority
over the other lawyer, and knows of the conduct at a
time when its consequences can be avoided or
mitigated but fails to take reasonable remedial action.
Rule 5.1
26. With respect to a nonlawyer employed by,
retained by, or associated with a lawyer, all of
the following apply:
(a) a lawyer who individually or together
with other lawyers possesses comparable
managerial authority in a law firm, shall make
reasonable efforts to ensure that the firm or
government agency has in effect measures
giving reasonable assurance that the
person's conduct is compatible with the
professional obligations of the lawyer;
Rule 5.3
27. (b) a lawyer having direct supervisory
authority over the nonlawyer shall make
reasonable efforts to ensure that the
person's conduct is compatible with the
professional obligations of the lawyer; and
Rule 5.3(b)
28. (c) a lawyer shall be responsible for conduct of
such a person that would be a violation of the Ohio
Rules of Professional Conduct if engaged in by a
lawyer if either of the following applies:
(1) the lawyer orders or, with knowledge of
the relevant facts and the specific conduct,
ratifies the conduct involved;
(2) the lawyer is a partner in the law firm in
which the person is employed or has direct
supervisory authority over the person and
knows of the conduct at a time when its
consequences can be avoided or mitigated but
fails to take reasonable remedial action.
Rule 5.3(c)
30. You know that confidential electronic data is lost
every day – somewhere
QUESTION: Does doing nothing to prevent your
client’s data from being disclosed constitute:
1. “Reasonable efforts”
2. “Acting competently” or
3. “Reasonable precautions”?
31. • Confidentiality isn’t on a scale of 1 to 10
– data is either confidential or it isn’t
• Lawyers are not
qualified to judge:
– sensitivity of client data
– likelihood of disclosure
• If lawyers find it too expensive or difficult
to protect client data, then they shouldn’t
be in possession of it
32. Do you think email
provides a
reasonable
expectation of
privacy?
Well it doesn’t –
regardless of what
the case law says
33. You might want to ask your clients
beforehand how they feel about email
35. • You need to understand the risks &
benefits of relevant technology
• Example:
– Do you have the right software?
– Are the instructions written down?
– Does the person doing it know how?
Reasonable Steps
36. • Adobe Acrobat DC
– Acrobat DC Pro - $449
– Acrobat DC Standard - $299
• Acrobat DC Pro Equivalents:
– Nuance Power PDF Advanced - $150
– Foxit PhantomPDF Business - $140
– Nitro Pro - $160
Acrobat Alternatives
37. If you’re a supervising lawyer, you must
ensure that:
– All subordinate lawyers are following protocol
(Rule 5.1)
– All non lawyers associated with you are
following protocol (Rule 5.3)
Reasonable Steps
38. Clients often don’t understand how to
protect their own data
Reasonable Steps
39. Tech Competency Training:
– How to remove metadata from a Word file
– How to redact something on a PDF
– How to run a redline
– How to e-file
– How to Bates number documents
– How to edit complex documents
– How to conduct electronic legal research
– How to look up information on internal
systems
Reasonable Steps
40. About Accellis
Technology Group
Specialized IT Services Company providing
• Managed IT Services
• Cybersecurity & Risk Management
• Software Consulting
• Application Development & Integration
Target market: small to mid-sized firms (5-250 users)
Target verticals: legal, financial and non-profits
20 Employees in Ohio office
www.accellis.com