Your Network Has Been Locked: What I Learned at ILTACON 2022

It was wonderful to meet with you all! Last week was the first fully in-person annual educational conference of the International Legal Technology Association (ILTA) since 2019. ILTACON is truly an event of peer-to-peer sharing. Many of the members have relationships dating back decades. Having an in-person event again was fantastic.

Security was one of the most in-demand topics. There were sessions on phishing, ransomware, breaches, and solutions. Here are three takeaways from sessions which I attended on what to do when a breach occurs. Note: I am not a cybersecurity expert. These are commonsense points which anyone can learn from.

Darkside Ransomware Email – Source: Acronis
  1. First Call

At 10 PM on Saturday night, Asher in Support gets a call from an attorney who says, “I’m looking at a screen which says, ‘Your network has been locked!'” Asher was educated to escalate any such messages immediately. Let’s assume that this message gets to the CIO within minutes.

Who does the CIO call first?

  • Is it a contracted or pre-vetted cybersecurity services provider?
  • Is it the cybersecurity insurance carrier?

In a session which included both a panelist from a top cybersecurity services provider and a panelist from a major cybersecurity insurance carrier, each argued that they should be the first call. Each may have distinct objectives.

The cybersecurity insurance carrier will immediately send in their SWAT team. This expertise may be quite welcome at the law firm. A good carrier will bring great expertise to bear. At the same time, law firms report that when the insurance carrier team arrives, they lose control of the process. The firm IT team may be sidelined, by contract. The insurance company may have as its top priority forensics. One of their objectives is to discover if the law firm were out of compliance with the policy.

The cybersecurity services company will also send in their SWAT team and bring great expertise and experience to bear. If the firm has vetted the services company their objectives should be aligned with the law firm’s.

Objectives include stopping exfiltration of firm data and business continuity. Law firms will want to safely get back to business-as-usual as quickly as possible.

2. Breach Counsel

One of the first things that the cybersecurity insurance carrier will do is to get their breach counsel engaged in the process so that communications are privileged. Law firms are uniquely positioned to get their own attorneys involved. Whether it is the insurance carrier’s attorney or a firm attorney, involve an attorney on all communications immediately. There will be public communications following the breach and perhaps legal action. Need I say more?

3. CIO Fiat to Shut Down Systems

When there is a breach, time is of the essence. Data may still be exfiltrating. While no law firm wants to do so, the best action may be to shut down all systems immediately. The moment when the firm’s data is flowing out to the hackers is not a good time to educate and negotiate with the firm’s executive team regarding shutting down systems. The CIO should have clear authority in advance to shut down systems.

Bonus: Have a Plan

Your firm is a target. Services, like Dark Utilities, make it easy for hackers to to set up a command center (C2) for malicious operations. Prices for C2-as-a-Service start at EUR 9.99. Easy, inexpensive tools mean that firms of any size are a target for “drive-by” attacks.

Even while your full incident recovery program is in development, it’s time well-spent to have a plan for the three points above in order to respond quickly.

One of the benefits of ILTACON is that we learn what has worked for other law firms in real world settings. Each firm should assess their own response plan.

See you in Orlando at #ILTACON23!

-Maureen

ILTACON ended one week ago, are you caught up yet? 🙃

LOL. I am by no means caught up. I’ve got to-do lists and piles of sorted business cards. Plenty of follow-up yet to go. How about you?

If you were there, wasn’t ILTACON fantastic this year?

A View from a Booth

ILTACON 2019 was the first year of Joy. Not only do I mean the first year of ILTA’s vibrant new CEO, Joy Heath Rush, but the first year that ILTA felt truly back on-track.

ILTACON 2019 broke all attendance records, at over 3,500 legal techies comprised of over 1,800 members and 1,700 business partners. Over 800 members were first-timers, which is fantastic. I can imagine that some of the booth locations were poor at the Dolphin. We were fortunate to have good traffic and terrific interest in our LINK app.

Continue reading

Mobile Helix LINK App at ILTACON 2017

Mandalay Bary Day_low

Twisting by the pool? Well, maybe on Sunday. Mandalay Bay has an 11 acre sand and surf beach pool. It’s incredible.

We are happy to once again be a Gold Sponsor for ILTACON 2017 at the Mandalay Bay Hotel, August 13th – 17th.

Once you drag yourself away from the pool, stop by and say hi at our booth, 703. 

We will be demonstrating LINK’s two new features:

  • Annotating PDFs within the LINK secure container app
  • Secure editing of a doc with the Microsoft Word for iOS apps using Azure AD IRM

To see a short video demo of LINK in action please click HERE

Visit us in booth 703 to see a demo of the LINK app for lawyers. See you in Las Vegas!

Continue reading

Biggest Challenge: Security Management – 2015 ILTA Technology Purchasing Survey

The 10th Annual 2015 ILTA / InsideLegal Technology Purchasing Survey was released at ILTACON last week. It’s a quick read and I recommend taking a look at the entire report.

As an introduction to the tech survey, I’ve highlighted the five points that I found most interesting and indicative of our times.

Continue reading

Mobile Helix Demonstrates New LINK Mobile App Productivity Features for Lawyers at ILTACON 2015

See you Sunday at Caesars!

Ceasars_Palace_atrium Wikimedia Commons greater crop

Mobile Helix, a pioneer in encrypted mobile solutions for lawyers, announced today that it will unveil the latest features of its LINK mobile app at ILTACON 2015. LINK is a single secure app which enables lawyers to work with DMS, NetDocuments, Outlook, SharePoint, and the firm intranet from smartphones and tablets.

Mobile Helix will demonstrate LINK’s new line-up of features which no other single app offers including: viewable NRL attachments; Send-and-File-to DMS; secure document edit; and search of all repositories, including DMS.

Continue reading