Seen and Heard at ILTA 2014
If you ask legal IT professionals about their biggest cybersecurity concerns, you’ll likely get similar answers.
Small law firms are concerned that they don’t have the resources to respond to cyberthreats. Firms of all sizes are worried about a lack of cybersecurity awareness among end users, potential insider threats and the reality that they can’t stop a breach from happening. That’s what BizTech heard from legal IT professionals at the International Legal Technology Association educational conference in Nashville, Tenn., this week.
Professionals in every industry are under the same pressure.
What happened to Saudi Aramco in 2012 — the unleashing of a virus that crippled 30,000 of its computers — can happen to any organization in the world “because of advances in computer technology, attack technology and malware,” Rod Beckstrom, former president and CEO of the Internet Corporation for Assigned Names and Numbers (ICANN), said during his ILTA keynote speech on Tuesday.
It so happened that Saudi Aramco’s legal IT and information security manager was in the audience at the ILTA keynote, and she shared why the oil company is skittish about moving to the cloud and how security investments have ramped up since the attack. Beckstrom asked attendees to form small groups and share their concerns about cloud security, recent spear phishing attempts and cyberthreats.
Beckstrom, who also served as the founding director of the U.S. National Cybersecurity Center, used the Saudi Aramco example to get legal IT professionals thinking about the evolving cyber landscape and how they will navigate this new world of networked devices that are potential targets of online criminals.
The keynote address covered a variety of topics. Here are a few tweets from the session that we picked up.
Do a self-audit against a set of standards in order to prepare for client audits. #KEY2 #ILTA14
— Christopher Hunt (@bren924) August 19, 2014
@RodBeckstrom says that 50% of data that should be secure per government regulations isn't. Do a security audit! #ILTA14 #cybersecurity
— Brad Sowell (@BradSowell) August 19, 2014
Laminate your resilience map (w/ contact details) & put it in your wallet. If the network is down, U won't B able 2 find info. #KEY2 #ILTA14
— VMaryAbraham (@VMaryAbraham) August 19, 2014
.@RodBeckstrom's law of #cyber: 1. Anything networked can be hacked 2. Everything is being networked 3. Everything is vulnerable #ILTA14
— Nicole Blake Johnson (@nicoledblake) August 19, 2014
Only at #ILTA14 could you use Saudi Aramco as a #KEY2 example of cyber breach and then find the Legal IT manager is in the audience!
— Jason Plant (@planty) August 19, 2014
Interesting that at Saudi Aramco legal dept did not suffer the same cyber disaster the rest of the company did. #dumbluck? #ilta14 #key2
— Jeffrey Brandt (@jeffrey_brandt) August 19, 2014
Consider putting together a board of clients who are concerned about security to be proactive in addressing issues. #KEY2 #ILTA14
— Christopher Hunt (@bren924) August 19, 2014
Voicemail attachment mailware attack explained: https://t.co/xaaeb1o8hV (via Chris Hunt @Bren924) #ilta14
— ILTA LegalSEC (@ILTALegalSEC) August 19, 2014
Penetration testing is a great idea, but many put it off because we know we aren't ready yet. #ilta14
— William Caraher (@WilliamCaraher) August 19, 2014
@RodBeckstrom says more than 71% of attacks on firms have less than 100 employees, with 83% taking no formal measures. #ILTA14 #BizTech
— Brad Sowell (@BradSowell) August 19, 2014
To get more news on what's happening at ILTA, follow all of BizTech's coverage from the show by visiting our ILTA 2014 content hub.
