Digital Detectives

For many years, Sharon Nelson and John Simek have hosted the Digital Detectives podcast to bring practical advice and much needed guidance to help attorneys protect their law firms. In this, their final episode, they finish off with yet another round of current stats on cybersecurity issues and the measures to take to ensure your data's safety. Sharon and John's good friend David Ries joins them for this last conversation, where they explain the latest threats and give advice for improving security practices to protect the future of your law firm.  Thank you, Sharon and John, for all the time, energy, and dedication you have poured into Digital Detectives. We wish the best for both of you in your retirement! Your parting words to us should be echoed back to you—please take care of yourselves and each other.  If you should ever need Sensei's digital forensics, managed technology and managed cybersecurity services, find them at senseient.com. David G. Ries is Of Counsel in the Pittsburgh PA office of Clark Hill, PLC, where he practices in the firm's Cybersecurity, Data Protection and Privacy Group.

A strong foundation for your law firm should be built on sensible cybersecurity policies and procedures. What should that look like? Sharon Nelson and John Simek have a conversation with Mike Maschke about best practices for establishing effective security for your business. Mike walks listeners through a variety of security considerations to be aware of and explains staff training needs, Zero Trust Architecture, keeping software current, encryption protocols, and much more.  Mike Maschke is the chief executive officer and director of cybersecurity and digital forensics at Sensei Enterprises, Inc.

Whether you're willing to admit it or not, no firm is too small to be a target for hackers. Each and every one—from large firms all the way down to solo attorneys—is susceptible to cybersecurity incidents. So, how do you avoid becoming a statistic? Sharon Nelson and John Simek talk with Mark Bassingthwaighte about the bad tech habits of law firms that lead to breaches and what to do to fix your security vulnerabilities.  Check out these resources from today's conversation:  Social Engineering Awareness Training Vishing – An Old Scam with a New Twist KnowBe4 Blog SANS.org OUCH! Newsletter SenseiEnt.com For more on cyber security risk mitigation from ALPS, subscribe to the ALPS Blog at: https://blog.alpsinsurance.com/blog-subscribe Mark Bassingthwaighte, Esq. has been a Risk Manager with ALPS, the nation's largest direct writer of lawyers' malpractice insurance, since 1998.

AI is capable of doing so many things in the legal tech world, not least of which are its uses in digital forensics. Sharon Nelson and John Simek welcome Shashi Angadi to discuss AI's current applications in cybersecurity—including threat detection, analysis, evidence gathering, and more. Shashi offers real-world examples of AI at work and shares his thoughts on what we might expect in the future of generative AI technologies.  Shashi Angadi is CTO at Exterro and one of its original co-founders.

We all know generative AI is making significant waves all over the world, but lawyers need to take a hard look at its implications in the law and their own legal practice. John Simek and Sharon Nelson welcome Doug Austin to discuss AI technologies and their impacts on attorneys. They cover notable legal cases, new ABA resolutions, the latest AI trends in legal practice, and much more.  Doug Austin is an established eDiscovery thought leader with over 30 years of experience providing eDiscovery best practices, legal technology consulting, and technical project management services to numerous commercial and government clients. Mentioned in this Episode: Resolution 112 - American Bar Association   Resolution 700 - American Bar Association  Resolution 604 - American Bar Association  The GPTJudge: Justice in a Generative AI World

Employees within your organization are likely a bigger risk to your cybersecurity than threat actors from without. Why? Because it very often takes an insider to let in an outsider. Sharon Nelson and John Simek talk with Mike Barnsback about prevention strategies for both internal and external threats. Mike explains common tactics employed by cyber attackers and how the right policies and training can protect your firm from a breach.  Mike Barnsback is managing partner of O'Hagan Meyer in Alexandria, Virginia, where he counsels employers on issues concerning internal monitoring and data breach response obligations and procedures.

BakerHostetler's latest data security report is here, and while the threat landscape is proving to be as consistent as ever, companies have been doing a better job at identifying and containing breaches more quickly. Sharon Nelson and John Simek dig into the details of the report with Joe Bruemmer, helping listeners understand current data breach trends and how to best protect against attacks. For more on BakerHostetler's 2023 Data Security Incident Response Report check out the key takeaways or get complimentary access to the full report. Joe Bruemmer is a partner in BakerHostetler's Digital Risk Advisory & Cybersecurity Team and is the Ohio Digital Assets and Data Management leader.

The world's ever-growing tsunami of digital data creates a huge need for technology capable of filtering it for modern e-discovery processes. So, what's the best tool for the job? Sharon Nelson and John Simek talk with Andy Wilson about why AI is perfectly equipped to deal with massive data sets, saving people the time (and tedium) historically associated with discovery. Andy discusses current uses of AI in e-discovery and goes on to explain its applications in redactions, legal holds, audio review, transcriptions, and much more. Andy Wilson is co-founder and CEO of Logikcull. Mentioned in this episode: Culling Reloaded: 10 New Ways to Be in Control of Your eDiscovery Reality Is It Worth the Time? - xkcd

AI is already changing the legal profession, and law schools have a responsibility to stay on the cutting edge of this technology to equip future lawyers with all they need to know about its impacts and uses. Sharon Nelson and John Simek talk with Dean Andy Perlman about the current landscape of AI in legal practice and education. They discuss ChatGPT's debut, shaping ethical and socially responsible uses of AI, the importance of embracing AI in legal education, and much more. Andrew Perlman is the dean of the Suffolk University Law School and the inaugural chair of the governing council of the ABA Center for Innovation.

Cyber attacks are almost entirely responsible for today's data breaches, and, increasingly often, the details of these breaches are vague—leaving security experts with a growing list of questions. Sharon Nelson and John Simek talk with James Lee about the Identity Theft Resource Center's latest Data Breach Report. They discuss current trends, the challenges of nebulous data breach notices, and what all organizations should be on the lookout for in the coming year. James E. Lee is Chief Operating Officer at the Identity Theft Resource Center.

There's no “set it and forget it” for your law firm's cybersecurity. Effective security is a continuing process, and the start of a new year is a great time to see how your firm is doing. Sharon Nelson and John Simek talk with David Ries about how to give your firm a cybersecurity checkup. They outline what lawyers need to include in their assessment and where to find reliable information on the latest security tools, training, resources, and statistics.  David G. Ries is Of Counsel in the Pittsburgh PA office of Clark Hill, PLC, where he practices in the firm's Cybersecurity, Data Protection and Privacy Group.

Cyber criminals aren't taking time off for the holidays. In fact, Sharon and John had a surprise Thanksgiving morning when they learned that hackers had attacked their own company over 400 times throughout the night. Thankfully, their security wasn't breached, but this experience highlighted for them once again the increased risk we all face as the holiday season approaches. To keep you from getting the gift of ransomware for Christmas, Sharon and John give a comprehensive overview of ways to recognize suspicious activity and combat cyber attacks.

Communicating with clients is essential to good lawyering, but doing so without proper precautions could set you up for trouble. Sharon Nelson and John Simek discuss the ethics of lawyer communications with Daniel Siegel, an attorney and current chair of the Pennsylvania Bar Association Committee on Legal Ethics and Professional Responsibility. They talk through the new guidance issued by this committee and best practices for secure communications through email, smartphones, and more.

Rapid changes in cybercrime and the security that keeps it at bay have left many lawyers' heads spinning. With so much continuous change, how do you keep up with ethical cybersecurity needs for your firm? To help lawyers understand current best practices, Sharon Nelson and John Simek talk through the must-have measures legal ethicists deem essential for all law firms and offer tips for finding cyber-insurance at an affordable price.

ILTACON's peer-driven approach strives to provide a unique experience for the legal industry with its heavy focus on education and attendee involvement. Sharon Nelson and John Simek welcome Doug Austin to debrief on ILTACON 2022. They cover highlights, lowlights, and how the conference stacks up against other legal tech events. Doug Austin is an established eDiscovery thought leader with over 30 years of experience providing eDiscovery best practices, legal technology consulting, and technical project management services to numerous commercial and government clients.

In the midst of Alex Jones' defamation trial, the whole world found out that an almost unthinkable blunder had been committed by his attorneys, resulting in an inadvertent waiver of privilege that majorly impacted his case. How did this happen? What do legal professionals need to learn from this high-profile gaffe? Digital Detectives hosts Sharon Nelson and John Simek welcome Craig Ball to talk listeners through events in the Jones trial, the actions of the lawyers involved and Texas' unique rule regarding inadvertent production, and the systems and tools all attorneys must employ to avoid such an egregious error in their own practice. Read Craig's full blog post on the subject: Ripped From the Headlines: Alex Jones and Inadvertent Waiver.  Craig Ball practices as a Special Master in electronic evidence and discovery, is a longtime adjunct professor at Texas School of Law and Tulane Law School, and writes and speaks around the world on e-discovery and computer forensics.

Studies show that over 70% of people haven't the foggiest idea who to call first when they discover a data breach. If you've just realized you're one of them, tune in! John Simek and Sharon Nelson talk with cybersecurity lawyer Beth Waller about what lawyers need to know about data breach response and how to have a proactive, compliant cybersecurity plan. Beth Waller is chair of the Cybersecurity and Data Privacy Practice at Woods Rogers.

Unfortunately, data breaches are becoming a ‘when', not ‘if', scenario, but a proactive data protection strategy will definitely help! Sharon Nelson and John Simek talk with Peter Baumann about what businesses should do to get ahead of threat actors and develop effective responses to breaches. They discuss the risk distinctions between structured and unstructured data, talk about lawyer-specific data considerations, and explain how to assess your security needs and get the right tools for the job. Peter Baumann is CEO and founder of ActiveNav, a leading data privacy and governance software provider.

Avoiding a data breach should be amongst your top priorities, and understanding threats and causes helps you improve your preventative measures. Sharon Nelson and John Simek welcome back Craig Hoffman to unpack the findings of BakerHostetler's 2022 DSIR Report. They outline the security mishaps that just won't go away; talk about ransomware and companies' interactions with “reliable” vs. “unreliable” threat actors; discuss the enhancement of security through training, training, training; and much more.  Craig Hoffman is a sought-after digital risk advisor who co-leads the Digital Risk Advisory and Cybersecurity team at law firm BakerHostetler.   Special thanks to our sponsors CaseFleet, Clio, Embroker, and PInow.  

The online space for Russia's civil society has been slowly closing for nearly a decade, but after the invasion in Ukraine, governmental powers quickly seized control of internet freedoms—banning and blocking at will. What does this mean for the flow of information and the future of the internet both in Russia and internationally? Digital Detectives hosts Sharon Nelson and John Simek welcome Eva Galperin to discuss perspectives on the effects of censorship, Russia's ways and means of accomplishing its internet restrictions, and how some Russians still find ways to access independent news.  Eva Galperin is Electronic Frontier Foundation's director of cybersecurity.   Special thanks to our sponsors CaseFleet, Clio, and PInow.  

Lawyers need to stay up on cybersecurity news to understand both the current threats and the mistakes made by others. Failure to keep up could eventually result in a breach! Sharon Nelson and John Simek discuss this topic with Lucien Pera to learn more about lawyers' ethical responsibilities for technology and cybersecurity competence and why failures could result in a lawyer facing disciplinary action.  Lucian T. Pera is a partner at Adams and Reese LLP in Memphis, Tennessee, where he focuses his practice on commercial litigation, media law, and legal ethics work.   Special thanks to our sponsors CaseFleet, Clio, and PInow.  

The overall number of data compromises is up 68% over 2020. Now, more than ever, attorneys must take action to protect themselves and their law firms. John Simek and Sharon Nelson welcome James E. Lee of the Identity Theft Resource Center to discuss the findings of his organization's 2021 Data Breach Report. James discusses common root causes of data breaches and explains how prevention tactics and data security services can help lawyers avoid and/or deal with a data compromise.  James E. Lee is the chief operating officer of the Identity Theft Resource Center.   Special thanks to our sponsors CaseFleet, Clio, and PInow.

Cybersecurity keeps changing at an ever-quickening pace, and, really, it's probably going to stay that way. Sharon Nelson and John Simek welcome friend and cybersecurity expert David G. Ries to discuss some of the major happenings of the past year and what we should expect for 2022. David gives an overview of current cyber-threats and notable data breaches, discusses government efforts to fight cybercrime, and lays out the latest best practices to help you protect your business.  David G. Ries practices in the areas of environmental, technology, and data protection law and litigation   Special thanks to our sponsors CaseFleet and PInow.

Our government has been earnestly campaigning against ransomware and cybercriminals — seizing cryptocurrency, offering bounties, and issuing frequent alerts. Sharon Nelson and John Simek talk with Ariel Parnes about the tactics involved in this war on ransomware, implications for lawyers, the importance of constant vigilance during the holidays, and who to call if you're the victim of an attack.  Ariel Parnes is co-founder and chief operating officer at Mitiga, a cloud incident readiness and response company.   Special thanks to our sponsors CaseFleet and PInow.

The stats are in, and law firms are truly ill-equipped to combat ransomware. So, what should they do? Sharon and John welcome David White of Axio to talk about his company's 2021 State of Ransomware Preparedness Report. David talks about their key findings and offers a back-to-basics approach that helps lawyers and law firms take steps to prevent cyber attack.  David White is president and co-founder at Axio.    Special thanks to our sponsors CaseFleet and PInow.

More than half a million jobs in cybersecurity go unfilled each year, showing a major need for more individuals to enter this ever-growing field. Think you might be up to the challenge? John and Sharon talk with Rob Lee about training available through the SANS Institute and the current hottest areas in the profession. Rob also offers recommendations, both for young people hoping to orient their college education toward cybersecurity and professionals looking to make a career shift into the field.  Rob Lee is the chief curriculum director and faculty lead at the SANS Institute. Special thanks to our sponsors CaseFleet and PInow.

Prevention is key when it comes to cybersecurity, and lawyers simply can't afford to skimp on security technologies. Sharon and John talk with expert Sherri Davidoff about growing cyber threats and the changing nature of attack tactics. They discuss the impacts of these new developments on lawyers and law firms and chat about how to prioritize security measures, reduce your risks, and create a budget plan that addresses all your cybersecurity needs.  Sherri Davidoff is a cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc. Special thanks to our sponsors CaseFleet and PInow.

ESI expert reports can be critical to presenting a case, but lawyers all know these reports are sometimes so complicated or jargon-filled that all the non-experts struggle to comprehend them. That's not how it should be! Digital Detectives Sharon Nelson and John Simek welcome Craig Ball to discuss his tips for creating useful, accessible expert reports that effectively communicate their findings to the court.  Read Craig's full blog post on this topic at craigball.net. Craig Ball practices as a Special Master in electronic evidence and discovery, is a longtime adjunct professor at Texas School of Law and Tulane Law School, and writes and speaks around the world on e-discovery and computer forensics. Special thanks to our sponsors CaseFleet and PInow.

With cyber threats and their respective defenses evolving at an ever-quickening pace, ongoing and frequent cybersecurity training is a must for today's law firms. With some of the recent major cybersecurity events in mind, Sharon and John offer practical examples and training tips for improving employees' cyber threat awareness and preventing an attack on your firm. Special thanks to our sponsors CaseFleet and PInow.

No lawyer wants a failing grade, but the fact that nearly one-third of law firms have experienced a data breach makes it apparent that cybersecurity preparedness needs some major work. Focusing specifically on smaller law firms, Sharon Nelson and John Simek welcome Tom Lambotte to discuss why lawyers fail to adequately protect themselves and what they should do to bring their cybersecurity measures up to scratch. Check out Tom's Stupid Simple Security Tips blog for quick & easy insights on protecting your data.  Tom Lambotte is the founder and CEO of Security+ and GlobalMac IT. Special thanks to our sponsors CaseFleet and PInow.

Data security risks are constantly evolving, and the past few years have only shown increases in the number of attacks faced by companies and organizations around the world. To examine these trends in depth, Sharon Nelson and John Simek welcome Craig Hoffman to look at the most recent stats from the BakerHostetler Data Security Incident Response Report. Craig offers insights into many of the report’s findings, including the marked escalation in ransomware incidents, rising risks for previously untargeted industries, whether the work-from-home shift brought about an increase in security incidents, and much more. He also shares tips for what your first steps should be if your business suffers a data security breach.  Craig Hoffman is a sought-after digital risk advisor who co-leads the Digital Risk Advisory and Cybersecurity team at law firm BakerHostetler. Special thanks to our sponsors CaseFleet and PInow.

Autonomous killer robots have certainly grabbed a lot of screen time over the years, but is our world really going to end in an AI-fueled war? Sharon Nelson and John Simek welcome Brigadier General Patrick Huston to discuss his role at the Pentagon and dispel some of the most common myths about AI and its military applications. As a self-described “near pacifist,” General Huston shares his perspective on the military’s commitments to ethical and legal development of AI defenses and emphasizes the importance of creating partnerships between the government and the best and brightest AI experts in private industry. Brigadier General Patrick Huston is the Assistant Judge Advocate General for Military Law and Operations in the Pentagon, where he is keenly focused on privacy and the legal and ethical development of AI, cybersecurity and other emerging technologies. Special thanks to our sponsor PInow.

Robust and proactive cybersecurity is more critical than ever in our world, and today’s government leaders must have effective plans for protecting against cyber attack. So, how is President Biden doing so far? Digital Detectives Sharon Nelson and John Simek welcome Stewart Baker to discuss the president’s progress on current cybersecurity issues. Drawing from his many years of experience in government, law, and cybersecurity, Stewart outlines some of the existing problems and potential threats our nation is facing and critiques the president’s approach to these complex matters. Stewart Baker practices law at Steptoe & Johnson in Washington, DC, and served as the first assistant secretary for policy at the Department of Homeland Security from 2005 to 2009. Special thanks to our sponsor PInow.

Third party providers are often indispensable to law firms, but how can you know whether these working relationships could put you at risk for a security breach? With thousands of organizations still reeling from the recent SolarWinds attack, John and Sharon welcome technologist and cybersecurity expert Jeffrey Wells to discuss this event and what legal professionals can do to evaluate and improve their own security. Jeffrey R. Wells is the co-chair of the Cybersecurity, Data Protection & Privacy team at Clark Hill. Special thanks to our sponsor PInow.

What exactly are security assessments and penetration tests? What’s the difference? Do you actually need to have these done in your law firm? Discovering vulnerabilities and taking steps to keep sensitive data secure should be highly important to all lawyers, and doing so may be simpler than you thought. The Digital Detectives hosts John Simek and Sharon Nelson discuss the elements of these evaluations, break down costs, and share what lawyers should do to ensure their firm’s security. Special thanks to our sponsor PInow.

The legal world has made more forward progress since the start of the pandemic than many expected it could do in a decade. Lawyers formerly resistant to technology suddenly found themselves with no choice but to adapt and embrace digital-friendly legal practice. For a closer look at how these changes are playing out in the profession, Sharon Nelson and John Simek talk with George Psiharis about Clio’s 2020 Legal Trends Report. They discuss who is weathering pandemic-era shifts most effectively, the mass movement to cloud-based services, the importance of focusing on customer experience, and which COVID-era changes will likely carry on beyond the pandemic. George Psiharis is chief operating officer at Clio. Special thanks to our sponsor PInow.

Throughout 2020, ransomware has increased rapidly in both the number of incidents and the ransom amounts paid, and current data shows no foreseeable slowdown. As these ransom demands continue to surge, what do lawyers need to know if they fall victim to an attack? Digital Detectives Sharon Nelson and John Simek talk with Ted Kobus about how threat actors in these incidents typically operate, what usually happens to ransomed data, and what law firms should do and not do in the event of an attack. Ted Kobus is a partner and the firmwide chair of BakerHostetler’s Digital Assets and Data Management Group. Special thanks to our sponsor PInow.

Audio and video files have become increasingly relevant in today’s legal matters, and lawyers need to know how to best handle this information. Digital Detectives Sharon Nelson and John Simek welcome eDiscovery experts Doug Austin and Brett Burney to discuss how to collect, preserve, search, and review audio/video information and then effectively present it in court. Doug Austin is an eDiscovery thought leader and blogger. Brett Burney is principal of Burney Consultants LLC. Special thanks to our sponsor, Logikcull and PInow.

What happens when biometric information is compromised? For too many lawyers, the risks associated with this technology have been flying under the radar, but that needs to change! Digital Detectives hosts John and Sharon welcome Judy Selby to discuss the full spectrum of what lawyers should know about biometric technology. They address its many uses, the risks involved, relevant laws, and insurance coverage for biometric lawsuits. Judy Selby is a partner at Hinshaw & Culbertson LLP. Special thanks to our sponsor, Logikcull and PInow.

The upheaval caused by Covid-19 could very well have put your firm at risk for a data breach. Lawyers can’t simply hope they won’t become a target for hackers. Taking steps to maintain your security is your ethical obligation and vital to your clients’ security. John Simek and Sharon Nelson talk with Mike Maschke about how to assess your cybersecurity and the role of penetration tests in discovering weaknesses in your systems. Mike Maschke is the chief executive officer and director of cybersecurity and digital forensics at Sensei Enterprises, Inc. Special thanks to our sponsor, Logikcull and PInow.

The eDiscovery software known as technology-assisted review (TAR) is traditionally used by lawyers to distinguish between relevant and irrelevant case information, but its capabilities have now shifted into a new role in the fight against COVID-19. Sharon Nelson and John Simek welcome lawyer and research professor Maura Grossman to discuss how this crossover is helping medical researchers find the information they need to accelerate progress in the study and treatment of the novel coronavirus. Maura R. Grossman, J.D., Ph.D., is a research professor at the University of Waterloo, an adjunct professor at Osgoode Hall Law School of York University, and principal at Maura Grossman Law, an eDiscovery law and consulting firm in Buffalo, New York. Special thanks to our sponsor, Logikcull and PInow.

Lawyers are ethically obligated to maintain client security, but remote work has added a new layer of complication for many law firms. If you and your staff are not well-versed in the necessary work-at-home and remote access security measures, now is the time to get up to speed. Sharon Nelson and John Simek welcome David Ries to discuss what lawyers need to know to maintain appropriate security. Read David’s entire co-authored alert here: Work-At-Home and Remote Access – It’s Time for a Security Review David Ries is of counsel in the Pittsburgh, PA office of Clark Hill PLC, where he practices in the areas of environmental, technology, and data protection law and litigation. Special thanks to our sponsor, Logikcull and PInow.