security

Subscribe to security via RSS

In this week’s Geek in Review, we sit down with Patrick Waldo, CEO of Unicorn Forms and proud Houstonian, to explore the intersections of data, document automation, and legal tech innovation. From the vibrant startup culture at Houston’s ION and the Capital Factory’s SXSW House event to the regulatory grind of form design, Waldo shares how his journey—from working in compliance-heavy industries to launching a playfully named but technically serious platform—is reshaping how we think about document-driven workflows.

Waldo pulls back the curtain on Unicorn Forms’ approach to digitizing and structuring data trapped in PDFs. With a background in regulatory intelligence, he understands firsthand how critical, yet painfully inefficient, static documents can be. Unicorn Forms aims to transform the “eight-and-a-half-by-eleven world” into structured, field-driven digital tools. By mimicking the look and feel of familiar e-sign interfaces while embedding structured fields and integrations like Calendly or Stripe, the platform bridges the gap between legal formality and technical interoperability.

Security and compliance are at the heart of the conversation as Waldo outlines the different levels of electronic trust, explaining how Unicorn Forms distinguishes itself with hashed documents, timestamp authorities, and encryption standards that exceed many traditional e-signature solutions. He highlights how many professionals—especially in legal, healthcare, and finance—aren’t aware of the risks they take when using non-secure PDFs for sensitive data like social security numbers or payment details.

The episode also dives into the often-overlooked role of data ontologies in making government and enterprise forms interoperable. Waldo describes the complexity behind something as seemingly simple as a name or address field and how lack of standardization leads to inefficiencies and errors. By applying his years of ontology-building experience, Unicorn Forms aims to enable more intuitive, human-readable, and system-compatible data capture, with real-world use cases already in place—like improving film permitting processes for the Houston Film Commission.

From a startup perspective, Waldo gets candid about fundraising challenges, the paradox of needing metrics to raise money and needing money to build metrics, and how early-stage companies must balance marketing, sales, and product development. He emphasizes the value of angel investors and local ecosystems like the ION and the Canon, while acknowledging the rising bar of investor expectations in today’s post-2023 funding environment.

Finally, Waldo shares his philosophy behind the Unicorn Forms brand—born as an April Fool’s joke but grown into a conversation starter and signal for early adopters. With Party City swag, a pink logo, and a message that draws in the curious and the creative, Unicorn Forms is redefining legal tech not just through software, but through an intentional, approachable identity. As Waldo looks ahead, he sees opportunity in pairing strong data engineering with AI tools—not just to automate, but to make legal and regulatory processes smarter, faster, and more human-centered.

Listen on mobile platforms:  ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Apple Podcasts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ |  ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Spotify⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠YouTube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

[Special Thanks to Legal Technology Hub for their sponsoring this episode.]

Blue Sky: ⁠@geeklawblog.com⁠ ⁠@marlgeb⁠
⁠⁠⁠⁠⁠Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠⁠⁠⁠⁠⁠⁠

Transcript

Continue Reading Beyond the PDF: Patrick Waldo on Structuring Data for Security and Efficiency

In this episode of The Geek in Review, we welcome back Legal Tech and Security industry experts, Ken Jones and Josh Smith, to discuss the upcoming ILTA Evolve Conference. Reflecting on last year’s focus on AI potential, we discussed how the legal tech landscape is shifting towards practical applications of artificial intelligence and cybersecurity in 2025. Josh and Ken share their insights for legal professionals eager to understand current trends and the real-world impact of emerging technologies.

Evolving Legal Tech Trends: From Theory to Practice

Throughout our discussion, we highlighted the shift from the “what ifs” of AI to tangible, real-world use cases. Josh emphasized that this year, ILTA Evolve is focused on cost-saving AI applications and enhancing productivity, while Ken referenced the Gartner Hype Cycle to illustrate the movement from initial hype to actionable outcomes. The discussion underscores the importance of practical implementation in legal technology for anyone involved in artificial intelligence and cybersecurity.

Collaborative Theme Selection & Diverse Content

We get the behind-the-scenes process of curating ILTA Evolve content, showcasing how volunteer session coordinators and a diverse committee work together. By gathering input from industry experts, soliciting innovative ideas via LinkedIn, and balancing quantitative feedback with qualitative insights, Ken and Josh made sure that the conference features a wide range of topics. This collaborative approach not only enriches the legal tech experience but also makes ILTA Evolve an event where every legal professional can find valuable takeaways.

Highlighting Keynotes and Networking Opportunities

One of the episode’s focal points was Tarah Wheeler’s keynote, “Navigating the Digital Frontier.” Ken and Josh share their excitement about her deep dive into the intersection of AI and cybersecurity—a topic that mirrors our own discussions on legal tech advancements. In addition to high-caliber educational sessions, there is extensive networking opportunities at ILTA Evolve, including interactive workshops, built-in networking breaks, and engaging social events. These elements are critical for fostering professional connections in the legal technology community.

Future Challenges and Opportunities in Legal Tech

As our conversation wrapped up, we looked forward to the future of legal tech and the evolving challenges in data governance, cybersecurity, and regulatory compliance. We shared our thoughts on how rapid technological advancements call for a balance between automation and human expertise. Despite the complexities of emerging legal tech trends, we remain optimistic that ILTA Evolve will continue to educate, connect, and inspire the legal tech community well into the future.

Listen on mobile platforms:  ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Apple Podcasts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ |  ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Spotify⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠YouTube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Transcript

Continue Reading Exploring Legal Tech Innovations at ILTA Evolve 2025 with Ken Jones and Josh Smith

The International Legal Technology Association (ILTA) is launching a new conference called EVOLVE, which will focus on the rapidly evolving topics of generative AI and cybersecurity in the legal industry. Ken Jones, Principal Consultant at Xerdict Group LLC, and Josh Smith, Information Security Manager at Ogletree Deakins, join the podcast to discuss the conference and the challenges and opportunities presented by these cutting-edge technologies.

ILTA EVOLVE is designed to be a more intimate event compared to the larger ILTACON conference, with an expected attendance of 300-500 people. This smaller scale allows for deeper technical discussions, more personal interactions, and easier access to experts and speakers. The conference will feature a keynote speaker, a roundtable discussion, and 20 educational sessions led by a diverse group of talented speakers.

One of the key challenges faced by legal technology professionals is the need to balance the potential benefits of generative AI with the responsibility to protect client data. Law firms have a fiduciary duty to be strong stewards of their clients’ information, and the use of AI models that rely on vast amounts of data can create conflicts of interest. The conference will explore ways to make these models secure and compliant while still leveraging their capabilities to enhance legal services.

The keynote speaker for ILTA EVOLVE will be Joe Sullivan, former CSO of Facebook, accompanied by Lily Yeoh, founder and president of C1 Risk. Their presentation will focus on the legal issues faced by law firms in the event of a cybersecurity incident and how to respond effectively. The conference will also provide ample networking opportunities, including evening events, coffee breaks, and a business partner display area where attendees can engage with vendors and learn about the latest solutions.

Looking to the future, the co-chairs predict that both cybersecurity and generative AI will continue to evolve rapidly, becoming more sophisticated and valuable to the legal profession. In the realm of cybersecurity, the battle between attackers and defenders will likely be ongoing, requiring constant vigilance and adaptation. For AI, the application of best practices and methodologies from software development will be crucial in ensuring that these powerful technologies are deployed effectively and responsibly within law firms. ILTA EVOLVE aims to provide attendees with the knowledge and tools they need to navigate this complex landscape and harness the potential of these transformative technologies.

Listen on mobile platforms:  ⁠⁠⁠Apple Podcasts⁠⁠⁠ |  ⁠⁠⁠Spotify⁠⁠⁠ | ⁠⁠YouTube⁠⁠

Contact Us: 

Twitter: ⁠⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠⁠, or ⁠⁠⁠⁠⁠@glambert
⁠⁠⁠⁠⁠Threads: @glambertpod or @gebauerm66
Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠⁠ and Eve Searls

⁠Transcript

Continue Reading Exploring the Intersection of Generative AI and Cybersecurity at ILTA EVOLVE – Ken Jones and Josh Smith

This week we are joined by Brandon Wiebe, General Counsel and Head of Privacy at Transcend. Brandon discusses the company’s mission to develop privacy and AI solutions. He outlines the evolution from manual governance to technical solutions integrated into data systems. Transcend saw a need for more technical privacy and AI governance as data processing advanced across organizations.

Wiebe provides examples of AI governance challenges, such as engineering teams using GitHub Copilot and sales/marketing teams using tools like Jasper. He created a lightweight AI Code of Conduct at Transcend to give guidance on responsible AI adoption. He believes technical enforcement like cataloging AI systems will also be key.

On ESG governance changes, Wiebe sees parallels to privacy regulation evolving from voluntary principles to specific technical requirements. He expects AI governance will follow a similar path but much faster, requiring legal teams to become technical experts. Engaging early and lightweight in development is key.

Transcend’s new Pathfinder tool provides observability into AI systems to enable governance. It acts as an intermediary layer between internal tools and foundation models like OpenAI. Pathfinder aims to provide oversight and auditability into these AI systems.

Looking ahead, Wiebe believes GCs must develop deep expertise in AI technology, either themselves or by building internal teams. Understanding the technology will allow counsels to provide practical and discrete advice as adoption accelerates. Technical literacy will be critical.

Listen on mobile platforms:  ⁠Apple Podcasts⁠ |  ⁠Spotify⁠ | YouTube (NEW!)

Contact Us:

Twitter: ⁠⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠⁠, or ⁠⁠⁠⁠⁠@glambert⁠⁠⁠⁠⁠
Threads: @glambertpod or @gebauerm66
Voicemail: 713-487-7821
Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠⁠

Transcript

Continue Reading Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

In this episode of The Geek in Review, hosts Greg Lambert and Marlene Gebauer interview three guests from UK law firm Travers Smith about their work on AI: Chief Technology Officer Oliver Bethell, Director of Legal Technology Shawn Curran, and AI Manager Sam Lansley. They discuss Travers Smith’s approach to testing and applying AI tools like generative models.

A key focus is finding ways to safely leverage AI while mitigating risks like copyright issues and hallucination. Travers Smith built an internal chatbot called YCNbot to experiment with generative AI through secure enterprise APIs. They are being cautious on the generative side but see more revolutionary impact from reasoning applications like analyzing documents.

Travers Smith has open sourced tools like YCNbot to spur responsible AI adoption. Collaboration with 273 Ventures helped build in multi-model support. The team is working on reducing dependence on manual prompting and increasing document analysis capabilities. They aim to be model-agnostic to hedge against reliance on a single vendor.

On model safety, Travers Smith emphasizes training data legitimacy, multi-model flexibility, and probing hallucination risks. They co-authored a paper on subtle errors in legal AI. Dedicated roles like prompt engineers are emerging to interface between law and technology. Travers Smith is exploring AI for tasks like contract review but not yet for work product.

When asked about the crystal ball for legal AI, the guests predicted the need for equitable distribution of benefits, growth in reasoning applications vs. generative ones, and movement toward more autonomous agents over manual prompting. Info providers may gain power over intermediaries applying their data.

This wide-ranging discussion provides an inside look at how one forward-thinking firm is advancing legal AI in a prudent and ethical manner. With an open source mindset, Travers Smith is exploring boundaries and sharing solutions to propel the responsible use of emerging technologies in law.

Links:

Listen on mobile platforms:  ⁠Apple Podcasts⁠ |  ⁠Spotify⁠ | YouTube (NEW!)

Contact Us:

Twitter: ⁠⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠⁠, or ⁠⁠⁠⁠⁠@glambert⁠⁠⁠⁠⁠
Threads: @glambertpod or @gebauerm66
Voicemail: 713-487-7821 Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠⁠

⁠⁠TranscriptContinue Reading Deploying Cutting-Edge Legal AI: Travers Smith’s Cautious, But Open-source Approach. (TGIR Ep. 216)

In this episode of The Geek in Review podcast, host Marlene Gebauer and co-host Greg Lambert discuss cybersecurity challenges with guests Jordan Ellington, founder of SessionGuardian, Oren Leib, Vice President of Growth and Partnership at SessionGuardian, and Trisha Sircar, partner and chief privacy officer at Katten Muchin Rosenman LLP.

Ellington explains that the impetus for creating SessionGuardian came from working with a law firm to secure their work with eDiscovery vendors and contract attorney staffing agencies. The goal was to standardize security practices across vendors. Ellington realized the technology could provide secure access to sensitive information from anywhere. SessionGuardian uses facial recognition to verify a user’s identity remotely.

Leib discusses some alarming cybersecurity statistics, including a 7% weekly increase in global cyber attacks and the fact that law firms and insurance companies face over 1,200 attacks per week on average. Leib notes SessionGuardian’s solution addresses risks beyond eDiscovery and source code review, including data breach response, M&A due diligence, and outsourced call centers. Recently, a major North American bank told Leib that 10 of their last breach incidents were caused by unauthorized photography of sensitive data.

Sircar says law firms’ top challenges are employee issues, data retention problems, physical security risks, and insider threats. Regulations address real-world issues but can be difficult for global firms to navigate. Certifications show a firm’s commitment to security but continuous monitoring and updating of practices is key. When negotiating with vendors, Sircar recommends considering cyber liability insurance, audit rights, data breach responsibility, and limitations of liability.

Looking ahead, Sircar sees employee education as an ongoing priority, along with the ethical use of AI. Ellington expects AI will be used for increasingly sophisticated phishing and impersonation attacks, requiring better verification of individuals’ identities. Leib says attorneys must take responsibility for cyber defenses, not just rely on engineers. He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance.

The episode highlights how employee errors and AI threats are intensifying even as remote and hybrid work become standard. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. Technology like facial recognition and continuous monitoring helps address risks, but people of all roles must develop competence and vigilance. Overall, keeping client data secure requires an integrated and ever-evolving approach across departments and service providers. Strong terms in vendor agreements and verifying partners’ practices are also key.

Listen on mobile platforms:  Apple Podcasts |  Spotify

Contact Us:

Twitter: ⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠, or ⁠⁠⁠⁠@glambert⁠⁠⁠⁠
Voicemail: 713-487-7821
Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠

⁠⁠Transcript


Continue Reading Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

This week we bring in Christian Lang, the CEO and founder of LEGA, a company that provides a secure platform for law firms and legal departments to safely implement and govern the use of large language models (LLMs) like Open AI’s GPT-4, Google’s Bard, and Anthropic’s Claude. Christian talks with us about why he started LEGA, the value LEGA provides to law firms and legal departments, the challenges around security, confidentiality, and other issues as LLMs become more widely used, and how LEGA helps solve those problems.

Christian started LEGA after gaining experience working with law firms through his previous company, Reynen Court. He saw an opportunity to give law firms a way to quickly implement and test LLMs while maintaining control and governance over data and compliance. LEGA provides a sandbox environment for law firms to explore different LLMs and AI tools to find use cases. The platform handles user management, policy enforcement, and auditing to give firms visibility into how the technologies are being used.

Christian believes law firms want to use technologies like LLMs but struggle with how to do so securely and in a compliant way. LEGA allows them to get started right away without a huge investment in time or money. The platform is also flexible enough to work with any model a firm wants to use. As law firms get comfortable, LEGA will allow them to scale successful use cases across the organization.

On the challenges law firms face, Christian points to Shadow IT as people will find ways to use the technologies with or without the firm’s permission. Firms need to provide good options to users or risk losing control and oversight. He also discusses the difficulty in training new lawyers as LLMs make some tasks too easy, the coming market efficiencies in legal services, and the strategic curation of knowledge that will still require human judgment.

Some potential use cases for law firms include live chatbots, document summarization, contract review, legal research, and market intelligence gathering. As models allow for more tailored data inputs, the use cases will expand further. Overall, Christian is excited for how LLMs and AI can transform the legal industry but emphasizes that strong governance and oversight are key to implementing them successfully.

https://open.spotify.com/episode/4c2MXnFuGxZ7XczuvNJP68?si=fT0SYJdLSoOztJIVR–H1w

Listen on mobile platforms:  Apple Podcasts |  Spotify
Contact Us:

Twitter: ⁠⁠⁠⁠@gebauerm⁠⁠⁠⁠, or ⁠⁠⁠⁠@glambert⁠⁠⁠⁠
Voicemail: 713-487-7821
Email: geekinreviewpodcast@gmail.com
Music: ⁠⁠⁠⁠Jerry David DeCicca⁠⁠⁠

⁠Transcript⁠

Continue Reading Christian Lang on Governing the Rise of LLMs: How LEGA Provides a Safe Space for Law Firms to Use AI (TGIR Ep. 206)

With the partial government shutdown approaching one month, Marlene and Greg attempt to make some sense of what this means for those of us who rely upon the information produced by the US Government. On this episode, we have an extended talk with Emily Feltren, Director of Government Relations at the American Association of Law Libraries (AALL) to uncover what’s working and what’s shutdown. While the federal courts are still functioning, they are running on borrowed time, and are scheduled to run out of funds on January 25th. The Pew Research Center has listed a number of data sources which are not being updated during the shutdown. The OMB also has a list of agency shuddered at this time, and assume that the libraries are also closed. If you’re hoping to submit a Freedom of Information Act (FOIA) request… good luck. Agencies my accept them, but they may not have anyone to process them. Basically, it’s a cluster-fudge right now in D.C.

Joel Lytle, Director of Information Security at Jackson Walker, talks with Greg about the issue of .gov sites which are unable to renew their security certificates during the shutdown. It may not be all that bad… for now. However, there are already reports that the shutdown of sites like donotcall.gov and identitytheft.gov are already having some effects on consumers.

Joel’s advice… trust but verify. If you have questions about the website, call your technology security team and have them take a look at it. This is their area of expertise, so reach out to them.

Apple Podcasts LogoApple PodcastsOvercast LogoOvercastSpotify LogoSpotify

Information Inspirations:

The law library world lost a legend this month with the passing of Eileen Searls. In addition to being an influencer in the law library world, she is also the aunt of Eve Searls, who along with Jerry David DiCicca, performs the music you hear on The Geek In Review.
Continue Reading Episode 24: What Does the Federal Government Shutdown Mean for Legal Information?