In this episode of The Geek in Review podcast, host Marlene Gebauer and co-host Greg Lambert discuss cybersecurity challenges with guests Jordan Ellington, founder of SessionGuardian, Oren Leib, Vice President of Growth and Partnership at SessionGuardian, and Trisha Sircar, partner and chief privacy officer at Katten Muchin Rosenman LLP.

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. The goal was to standardize security practices across vendors. Ellington realized the technology could provide secure access to sensitive information from anywhere. SessionGuardian uses facial recognition to verify a user’s identity remotely.

Leib discusses some alarming cybersecurity statistics, including a 7% weekly increase in global cyber attacks and the fact that law firms and insurance companies face over 1,200 attacks per week on average. Leib notes SessionGuardian’s solution addresses risks beyond eDiscovery and source code review, including data breach response, M&A due diligence, and outsourced call centers. Recently, a major North American bank told Leib that 10 of their last breach incidents were caused by unauthorized photography of sensitive data.

Sircar says law firms’ top challenges are employee issues, data retention problems, physical security risks, and insider threats. Regulations address real-world issues but can be difficult for global firms to navigate. Certifications show a firm’s commitment to security but continuous monitoring and updating of practices is key. When negotiating with vendors, Sircar recommends considering cyber liability insurance, audit rights, data breach responsibility, and limitations of liability.

Looking ahead, Sircar sees employee education as an ongoing priority, along with the ethical use of AI. Ellington expects AI will be used for increasingly sophisticated phishing and impersonation attacks, requiring better verification of individuals’ identities. Leib says attorneys must take responsibility for cyber defenses, not just rely on engineers. He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance.

The episode highlights how employee errors and AI threats are intensifying even as remote and hybrid work become standard. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. Technology like facial recognition and continuous monitoring helps address risks, but people of all roles must develop competence and vigilance. Overall, keeping client data secure requires an integrated and ever-evolving approach across departments and service providers. Strong terms in vendor agreements and verifying partners’ practices are also key.

Listen on mobile platforms:  Apple Podcasts |  Spotify

Contact Us:

Twitter: ⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠, or ⁠⁠⁠⁠@glambert⁠⁠⁠⁠
Voicemail: 713-487-7821
Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠

⁠⁠Transcript


Continue Reading Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

This week we have Debbie Reynolds, “The Data Diva,” join us to discuss the current state of data regulations, privacy, access, and what’s on the horizon for data in the legal industry. Debbie is a 2022 ABA Women in Legal Tech Honoree and the host of The Data Diva Talks Privacy Podcast.
According to Debbie, there is exponential growth going on in technology and the types of data that is being captured. At the same time, governments across the globe are trying to find ways of regulating how businesses and organizations can capture and use data they gather from individuals. These two event are not coordinated so it has created a “Wild West” situation where the law is trying to catch up to the realities of data gathering in the business world.
Training on data security is also lagging behind what is really needed today. Most training on data security is framed around the idea that “data security is everyone’s responsibility.” Reynold’s response to that is unless you are more specific about what it is you need people to do in regards to data security, then it turns out that “everyone’s responsibility is actually no one’s responsibility.”
As technology advances beyond encryption, satellite integration, IoT devices, and morphs into the Metaverse, the types of data produced and gathered is going to completely overwhelm any government’s ability to regulate it. The Data Diva thinks that if we don’t start creating more transparency when it comes to individual’s data privacy, it’s just going to get more and more complicated than it is right now.

Listen on mobile platforms:  Apple Podcasts LogoApple Podcasts |  Spotify LogoSpotify
AALL Crystal Ball Answer
Wolters Kluwer’s Anand Daga is our last AALL Crystal Ball response. His view of how the legal information industry will change in the next two to five years revolves around how the information is delivered to the end users. He sees things in much smaller chunks of information delivered to the researchers in shorter, practical methods in ways that value the practitioner’s time.
At Legal Value Network eXperience

Greg is going to LVNx this week and will have The Geek in Review stickers to hand out. So if you’re in Chicago at LVNx, be on the lookout and prepared to answer our Crystal Ball Question!

Contact Us:
Twitter: @gebauerm or @glambert
Voicemail: 713-487-7821‬
Email: geekinreviewpodcast@gmail.com
Music: 
Jerry David DeCicca
Transcript

Continue Reading The Data Diva and Two Geeks Talk Data Privacy – Debbie Reynolds (TGIR Ep. 174)

[Ed. Note: This week marks The Geek in Review’s 4th Anniversary. We thank you all for listening, subscribing, and telling your colleagues about what you hear. We’d love to hear more from you on what your favorite episodes are or what topics you’d like us to cover. Tweet us at @gebauerm and @glambert with your thoughts. Thank You Listeners!! – GL/MG]

We all know the saying “High Risk, High Reward.” But when it comes to data security, Peter Baumann, CEO and co founder of ActiveNav, we derive the value of the data because we just can’t get through the risk. There are three things always facing businesses whenever there is data involved, and that is the protection of the business’s reputation, the costs involved in non-compliance, and then the exponential growth of data within the organization. We are so focused on reacting to these three variables, that we simply cannot do anything on the value of the data itself.

Peter talks with us about the number of existing patchwork of regulations around the world, and how it makes it too difficult for business and organizations to comply. And while most experts suggested that regulations like GDPR would only govern those with businesses or people in Europe, it’s become the de facto compliance bar for privacy and data security for many businesses. He suggests that the US Government needs to step in an set a clear regulatory path around data privacy and security so that businesses know what the rules are, and the legal industry can better advise their clients on what steps they need to take to be compliant.

We dive deep in this episode and talk about what is structured and data. And how the existence of “dark data” within a business is what brings the highest risk of all. While doing data assessments on Terabytes and even Petabytes of data is extremely expensive, data breaches are even more expensive. The goal in Peter’s mind is to get to “zero dark data” so that you can stop worrying completely on the risks, and start understanding the value within your data.

Listen on mobile platforms:  Apple Podcasts LogoApple Podcasts |  Spotify LogoSpotify
Contact Us

Twitter: @gebauerm or @glambert
Voicemail: 713-487-7270
Email: geekinreviewpodcast@gmail.com
Music: Jerry David DeCicca

Transcript

Continue Reading ActiveNav’s Peter Baumann: There is So Much Value In Your Data… Once You Control the Risks (TGIR #163)

It only took us 31 episodes, but Marlene decided that what the show lacked was a phone number for listeners to call in. So, we now have one, and we have a question for you to vote on.
“Should The Geek In Review create a video promo for upcoming episodes?” (Greg says he has the face for radio, so vote no… Marlene says it’s a great idea, so vote yes.
Call 713-487-7270 and leave your voicemail of “YES” or “NO” and what other ideas you may have for the show.

This week we have a great guest, Vishal Agnihotri, who recently returned from a world wide Legal Hackathon session, and she and her team (called the Femme LeGALs) created over 180 ideas and concepts. Besides idea generation at a phenomenal pace, Vishal is also the Chief Knowledge Officer at Hinshaw Culbertson in New York. She walks us through her journey through Knowledge Management and where she sees opportunities in law firm KM through data security.

Greg is spending the week in Austin at SXSW, and is live-blogging as much as he can here. Wish him luck, as he has taken to riding those electric scooters through the streets of Austin.

Listen on mobile platforms:  Apple Podcasts LogoApple Podcasts | Overcast LogoOvercast | Spotify LogoSpotifyContinue Reading Episode 31: Vishal Agnihotri on Legal Hackathons and her ‘Femme LeGALs’ team