Monday, July 28, 2014

Battle of the Titans Webinar

"Best in Breed vs. End to End"

Tuesday, September 16, 2014 - 1pm ET

Considering an end to end solution or building your custom tool kit?

.    Discussion and definition(s) - "end to end" vs. "best in breed".
.    What does it mean to a Firm, Corporation or Service Provider.
.    Workflow Comparisons - Can you achieve the same goals with different methodologies?
.    How to determine what works best for you.

Join us for an interactive panel featuring:


Stephen Dooley | Sr. Manager of Electronic Discovery and Litigation Support – Sullivan & Cromwell LLP


Frank Canterino | CTO & Co-Founding Partner, Empire Discovery


Ian Campbell | President & Co-Founder, iCONECT Development


Christopher Redlich | Litigation Support Manager - Americas, Allen Overy, LLP 




Moderated by: 


Alexander Lewis Senior Manager, iCONECT Development



*More information to come as we get closer to the event


Sunday, July 27, 2014

Webinar- Fortifying the Corporation and Law Firm Against Cyber Threats: Steps to Establish an Effective and Economic Cybersecurity Regime













Thursday, July 31, 2014
1:00 PM - 2:30 PM ET
This program’s has CLE-credit eligibility

Panelists

Frank Krahn –Director of Investigations, Legal Discovery & Internal Audits, Mayo Clinic

Scott Larson – Principal, Larson Security, Member of Empire Consulting Group and former Head of the FBI’s Computer Investigations and Infrastructure Protection Program .

Robert A. Messemer – Chief Security Officer, Nielson

David Zetooney – Partner at Bryan Cave and Leader of the Firm’s Global Privacy & Security Practice

Stefen Whitwell – Principal, Empirical Solutions, Inc. & Member of Empire Consulting Group



Moderator

Robert Alan Eisenberg- Director, Empire Consulting Group


About the event

The Empire Consulting Group (ECG) – a consortium of experts in eDiscovery and Data Security – frequently strives to provide guidance and services in areas that are not sufficiently addressed within both these disciplines. 

It is an article of faith for The Group that it will aggressively seek to shed as much illumination as we can upon these gaps in knowledge and service.

In this regard, ECG together with Bloomberg/BNA, is privileged to present a webinar on July 31st 2014 from 1:00 pm to 2:30 pm EST.   The program focuses on cybersecurity in the law firm environment in particular, an area that has not, to date, been sufficiently addressed.  The program also explores data security in a corporate setting as well.

Our clients, colleagues and friends can register for this program - Fortifying the Corporation and Law Firm Against Cyber Threats:  Steps to Establish an Effective and Economic Cybersecurity Regime  (click on this link for a program description) - at a discount of 20% off the standard registration fee.  To obtain this discounted registration, please follow the instructions below:

Single registrant discount via promo code:

  1. Navigate to the registration page for the program on the Bloomberg BNA website:  http://www.bna.com/fortifying-corporation-law-w17179890827/.

  1. Choose “Live webinar” from the drop-down menu and add it to the cart.  (At this point, you may be asked to create an account.  If so, please be certain to complete all required fields.  If you have an existing account but have forgotten your password, this link will lead to a place where a new one can be set:  https://profile.bna.com/profile/forgotpw.)

  1. Type the promo code LGAUEBR4 into the specified field.  The dollar amount will be decreased by 20 percent, and then click upon "Proceed to check out" to complete the process.  An automatically-generated email will arrive containing the connectivity information to be used the day of the program.

   

Thursday, July 24, 2014

Congratulations to Robert Ryan on Achieving XERA Sales Certification























The iCONECT Certification Program was designed to equip administrators and consultants with the necessary tools to manage any type of review using the XERA document review platform. By covering all of XERA’s features, they empower administrators and consultants to set up efficient workflows and maximize the user experience, helping to solidify XERA as the go-to platform for any review.

Friday, July 18, 2014

The Times are A-Changing for Law Firm CyberSecurity

IN THE REALM OF CYBER SECURITY BREACHES, THE TIMES HAVE BEEN A-CHANGING AND -ESPECIALLY FOR LAW FIRMS - NOT AT ALL FOR THE BETTER. 


Article By Scott Larson, CISSP, CISM, CIPP, AME Larson Security, LLC
& Robert Eisenberg, Managing Director,  Empire Consulting Group


Before the news-grabbing hype of today’s ”cyber-espionage” Advanced Persistent Threats (APT) and massive, often criminal syndicate-led, credit card data breaches and long before the nefarious activities resulting in recent criminal indictments of Chinese military agents implicated in commercial cyber criminality, the authors began to see large multinationals, that had emerged from massive mergers and acquisitions, together with their prominent outside law firms, becoming cybersecurity targets in the late 1990’s. However, such activities, in those early days of cyber lawlessness, were the exception to the more commonplace network intrusions and theft of intellectual property cases of the time. Credit cards and long distance calling cards have always been a target of criminals, but the more “talented” cybersecurity bad actors of some 15 years ago were harbingers of much worse things to come. Indeed, the cyber pirates who were collecting proprietary data from and eavesdropping upon law firms and corporations were highly sophisticated for that era, although they were – thankfully - few in number. That was then, when one of the co-authors, Scott Larson, supervised the Computer Investigations and Infrastructure Protection Program at the Federal Bureau of Investigation (FBI). Fast forward 15 plus years to today and Scott will tell you that this higher level of sophistication on the part of attackers has become all too common.

And, in fact, unlike that earlier era and given the global reach of the Internet, premier law firms of today have become “Tier One” targets for cybersecurity threats.

It is not that many firms are unschooled in the realm of Electronically Stored Information (ESI). Law firms understand segmentation of data to avoid potential conflicts. Moreover, for many law firms, client engagement databases and systems for “Conflicts Checks” are well established. Unfortunately, the same tools and vigor that are being applied to a firm’s conflicts and engagement management arenas are, frequently, not being utilized for the information security and data protection ecosystem of these same law firms.

Why not?

Naturally enough, law firms have focused their technical personnel and other resources on litigation, conflict management and eDiscovery and many have been successful in these arenas. However, much less focus is being dedicated to what is referred to as the “Security Maturity Model (SMM). On the other hand, clients are becoming increasingly concerned with SMM and at present expect law firms to be as familiar with advanced data security issues, as they are with more “traditional” legal services. In the realm of Regulatory and Reputational Risk,clients are now requiring HIPAA Business Associate (BA) or ISO27002 Information Security Management System (ISMS) audits to meet the needs of their businesses. Also sought is the ability to aid in compliance with Payment Card Industry Data Security Standard (PCIDSS), HIPAA/HITECH Act and the EU Data Protection Act. Also expected is strict compliance
with a growing plethora of contractual obligations compelling outside counsel to assure that all appropriate protective measures are in place.

An additional factor in compelling both clients and law firms to confront a fraught state of reality in the cybersecurity field is the persistence of what is referred to as “The Advanced Persistent Threat” (APT).1 We have seen this threat grow exponentially during the last ten years, well before Google’s public disclosure of Operation Aurora in 20102 made APT a common acronym within the information security lexicon. Law firms, internal patent repositories and other holders of intellectual property are the primary targets of adversaries utilizing APT.

What issues should be primarily addressed and what should be done by a law firm or other organization to meet these potential threats?

To begin with, merely scanning systems for security vulnerabilities on a reactive and intermittent basis is not sufficient. Indeed, vulnerability scanning on an annual or even quarterly basis for external and internal network purposes does not provide proper safeguards. Rather, configuration management, network segmentation (protecting the entity’s “golden eggs”), and network security monitoring within firewalls and switches are essential for mid-to-large size organizations. That is not to say that scanning and perimeter security are unnecessary. It just, frequently, is not good enough. The problem is that the anti-virus software utilized for security (recent studies have revealed that such software detects less than 40% of incidents) and newly developed ”shiny” appliances like log aggregation systems known as Security Incident Event Management (SIEM) Systems are expensive and, what’s worse, the events that are detected are frequently ignored due to a lack of trained personnel or an organization’s information security analyst that has been re-assigned for another priority. Fortunately, however, an organization will need to rely much less upon such costly and occasionally ineffective technology if regularly scheduled network security monitoring and other routinely engaged cyber-investigatory services are deployed.

As mentioned, the appliances that are presently touted are inevitably very costly and some are of questionable efficacy. The new hot security tool of today is an appliance with “intelligent” logical and historical indictors to aid in network defense. These are both almost prohibitively expensive and may have a limited useful life. Rather, it is suggested that an organization start small, but systematically, in securing its cybersecurity environment; get a “health check” first, before the organization invests in any “heavy machinery”. First, look to leverage the systems and personnel already in place with a “doctor” who makes house calls to your office.

Moreover, hire trusted individuals to access and review an organization’s data. One should be cautious of the Big Data enterprises who claim to have every solution for an organization’s cybersecurity needs. Seek a smaller, , adaptive, well-trained group with a multi-discipline range to advise you for whatever.


Advanced Persistent Threat (APT) is a set of clandestine and continuous computer hacking assaults, targeting a specific entity. APT usually targets organizations and nations for business and political motives. APT processes require a high degree of covertness over an extended period of time and often turn the victims IT infrastructure into a digital espionage collection station that “phones home” via a covert data channel(s).
22 Operation Aurora was a cyber-attack conducted by advanced persistent threat actors originating from, in or near Beijing, China and believed to be affiliated with the Chinese military. The recent indictment of five Chinese military hackers by a grand jury on May 19, 2014 in western Pennsylvania (USDC, W. Penn., Criminal No. 14-118) underscores the prevalence and severity of the threat.

comes your way. The group you select should help find solutions whether internally or by leveraging outside resources.

Finally, develop a plan to conduct a Security Gap Analysis for the law firm before an incident occurs or a major client determines your security does not measure up to your competition.

Tuesday, July 15, 2014

Empire Consulting Group & Bloomberg/BNA Webinar July 31st 1:00 pm to 2:30 pm EST.











The Empire Consulting Group (ECG) – a consortium of experts in eDiscovery and Data Security – frequently strives to provide guidance and services in areas that are not sufficiently addressed within both these disciplines. 

It is an article of faith for The Group that it will aggressively seek to shed as much illumination as we can upon these gaps in knowledge and service.

In this regard, ECG together with Bloomberg/BNA, is privileged to present a webinar on July 31st 2014 from 1:00 pm to 2:30 pm EST.   The program focuses on cybersecurity in the law firm environment in particular, an area that has not, to date, been sufficiently addressed.  The program also explores data security in a corporate setting as well.

Our clients, colleagues and friends can register for this program - Fortifying the Corporation and Law Firm Against Cyber Threats:  Steps to Establish an Effective and Economic Cybersecurity Regime  (click on this link for a program description) - at a discount of 20% off the standard registration fee.  To obtain this discounted registration, please follow the instructions below:

Single registrant discount via promo code:

  1. Navigate to the registration page for the program on the Bloomberg BNA website:  http://www.bna.com/fortifying-corporation-law-w17179890827/.

  1. Choose “Live webinar” from the drop-down menu and add it to the cart.  (At this point, you may be asked to create an account.  If so, please be certain to complete all required fields.  If you have an existing account but have forgotten your password, this link will lead to a place where a new one can be set:  https://profile.bna.com/profile/forgotpw.)

  1. Type the promo code LGAUEBR4 into the specified field.  The dollar amount will be decreased by 20 percent, and then click upon "Proceed to check out" to complete the process.  An automatically-generated email will arrive containing the connectivity information to be used the day of the program.


Monday, July 14, 2014

Congratulations to the Empire Team on Achieving iCONECT Xera Accreditation


Empire Discovery is proud to announce it has received multiple iCONECT Certifications:  












Kevin Karapetian - XERA Certified Administrator














Frank Canterino - XERA Sales Certified














The iCONECT Certification Program was designed to equip administrators and consultants with the necessary tools to manage any type of review using the XERA document review platform. By covering all of XERA’s features, they empower administrators and consultants to set up efficient workflows and maximize the user experience, helping to solidify XERA as the go-to platform for any review.


Friday, July 4, 2014

Spanning the Globe - A look at eDiscovery on Four Continents
















A free webinar featuring a panel of eDiscovery experts from all over the world. Coming this summer! Stay tuned for more details.