The cyber threat landscape for law firms seminar – Ascertus brings together security experts and legal software suppliers
Ascertus Limited is bringing together security experts and three prominent legal software suppliers, including Mimecast, iManage and DocuSign, to discuss one of the most burning issues for the legal industry in 2017 – cyber security.
This free to attend seminar is hosted at the Auditorium in the new Central London offices of Bird & Bird LLP.
The keynote address will be delivered by Rob Dartnall, Cyber Intelligence Director, Security Alliance, an intelligence-driven cyber security consultancy with global reach. Rob has recently authored a white paper entitled, ‘The Cyber Threat Landscape for Law Firms’, a copy of which will be provided to all attendees. His address will be followed by insightful presentations from Mimecast, iManage Inc., DocuSign and others.
The special guest presenter is Jenny Radcliffe aka ‘The People Hacker’ who will talk about her own experiences as an ethical social engineer; discussing the tricks, tactics and methods she uses to illustrate how ‘people’ are the weak link in organisations. In her highly entertaining presentation, Jenny will also provide some tips and guidance on how to ‘wake up the workforce’ to this danger.
“With the pace at which technology is advancing alongside the skill set and dogged resolve of cyber criminals, it isn’t far-fetched to believe that a security breach is almost a certainty for most organisations,” said Roy Russell, CEO of Ascertus Limited. “Law firms are especially vulnerable due to the nature of their business. Rather than only focus on breach prevention, loss mitigation is potentially a sounder business approach. It requires all facets of security to come together – i.e. technology, people and processes. At this seminar, attendees will hear from experts and leave with actionable understanding of how they can manage the cyber security challenges faced by their organisations.”
The seminar is aimed at individuals responsible for IT, security, data privacy, operations and strategy in law firms and corporate legal departments.
What to expect
08:30am | Registration
09:00am | Welcome & Housekeeping
09:05am | The Cyber Threat Landscape for Law Firms | Rob Dartnall, Cyber Intelligence Director, Security Alliance
09:45am | Information Security, The Past, The Present and The Future | Niamh Muldoon, EU Information Security Director, DocuSign
10:15am | Business Held Hostage: Are You Ready for a Ransomware Attack? | Steven Malone, Director of Security Product Management
10:45am | Tea & Coffee
11:00am | The Perfect Storm - How culture, coincidences and con artists are still Social Engineering their way past your security measures (and what you can do about it!) | Jenny Radcliffe aka 'The People Hacker'
11:40am | Using Analytics and Machine Learning to Detect Threats | Frank White, Subject Matter Expert, iManage
12:10pm | TBC
12:40pm | Ascertus | Wrap Up
13:00pm | Close
Host and chair for the event: Roy Russell, managing director, Ascertus Limited
Roy is the Founder and Managing Director of Ascertus Limited. He has over 25 years’ experience of implementing and supporting software technologies within the U.K., European, and North American legal markets. In 1992, Roy co-founded a software distribution company responsible for introducing the first legal document management systems into the UK marketplace. He has also held senior management positions at Huron Consulting Group, PC DOCS Group, CompInfo and Hummingbird.
Roy was one of the UK’s first advocates of PC network based document management, imaging, and workflow systems and has spent the last 18 years advising many corporate in-house legal departments and law firms about their use of technology to improve productivity, reduce costs, and mitigate risk. Today he is well recognised as an authority in the document lifecycle and work product management space
Ascertus provides information and document lifecycle management consultancy, software solutions and IT support services to law firms and corporate legal departments. Based in Central London, the company offers a full range of professional services – from consultancy, business analysis and project management; to software implementation, training, documentation and technical support – delivering bespoke email, contract and document management solutions in on-premises and privately hosted environments. The company has successfully delivered and managed some of the largest iManage Work installations at customer sites in the UK.
Ascertus has curated this event to educate the audience on one of the biggest issues facing law firms and their clients – the security of their digital assets, documents and emails. Last year the security breaches of law firms came in even more thick and fast and the threat only looks worse for the coming year. We have invited well known security experts and prominent legal software vendors to discuss, not only the where those threats may come from, but how they can mitigate the risks.
The cyber threat landscape for law firms: Rob Dartnall, Security Alliance, cyber intelligence director
This presentation provides insight into the multitude of cyber threats faced by the legal sector, and how threat intelligence can be used to identify, understand and mitigate some of these threats.
The presentation begins by outlining the key tenets of threat intelligence, how it should be defined, and how it should be practically applied in an organisation. The presentation then goes on to clarifying some broad categories of threat actor, from the nation state to insiders, and explaining why each category may want to target a law firm.
Rob will also provide details on example case studies where law firms have been targeted by cyber threat actors. He will then summarise key findings from the Security Alliance research, before explaining how future events and trends may impact the severity of the cyber threat to law firms.
Rob is a CREST Certified Threat Intelligence Manager (CCTIM) and Cyber Intelligence Director of Security Alliance - a Bank of England certified Cyber Threat Intelligence provider under the CBEST framework.
With specialist interest areas of Insider Threat and Nation State Fusion Warfare, Mr Dartnall has unique experience and insight into the threat landscape. In his role as the Associate Director of Cyber Threat Intelligence to Gartner, Rob and Security Alliance are the global providers of Threat Intelligence services to Gartner consulting.
From a conventional Military Intelligence background Rob has been creating cyber threat assessments and testing programs for some of the largest organisations in Europe, North America, the Middle East and Africa.
Security Alliance is a UK based cyber security company, founded in 2007 and specialising in the provision of highest quality cyber threat intelligence and security testing programmes. We bring together conventional intelligence methods and deep technical knowledge, helping our clients to understand their cyber threat landscape and make better security decisions.
Security Alliance is able to provide a range of consultancy services designed to fortify existing cyber security programmes against the specific threat actors and vulnerabilities unique to your organisation. We deliver them using carefully-chosen analysts with traditional intelligence backgrounds. That means we have a firm grounding in intelligence fusion and intelligence exploitation, with a broad understanding of the geo-political context in which your organisation operates.
The perfect storm: Jenny Radcliffe, Jenny Radcliffe Training
How culture, coincidences and con artists are still Social Engineering their way past your security measures (and what you can do about it!)
Jenny Radcliffe aka “The People Hacker” has been getting past security systems using non-technical methods all her life. In this energetic and informative talk she will discuss why the “human element” is still such a popular way to “hack” into organisations, and why it is so difficult to “patch” this area of a company.
The talk discusses how an organization can be “profiled” by a malicious human hacker, who then uses this information to design a hack that will work well within the culture of the target company. Jenny will explain why culture is such an important element in the shape and nature of an attack on an organization, as well as in communicating the threat to its people and ultimately in the defence against attacks.
Jenny will talk about her own experiences as an ethical Social Engineer and will discuss the tricks, tactics and methods she uses to attack organisations via their people. She will give tips and guidance on how to “wake up the workforce” to the threat of Social Engineering, and will discuss how to maintain the engagement of all staff to help you prevent these threats from hitting your organization through its people.
Jenny Radcliffe is an expert in Social Engineering, negotiation, persuasion and influence, non-verbal communication and deception, using her skills to help clients from global corporations and law enforcement, to poker players, politicians and the security industry.
Jenny speaks, consults and trains people in the skills of “people hacking” and explains how “Social Engineering” using psychological methods can be a huge threat to organisations of all sizes. She reveals how that same knowledge is a valuable tool for security professionals of all types in the prevention of these attacks, scams and cons of all kinds.
Jenny is the host of the internationally successful podcast “The Human Factor” which interviews people from all walks of life about social engineering, security, business and life.
Using analytics and machine learning to detect threats: Frank White, iManage, subject matter expert
Protecting client data is no longer a matter of simply ‘securing the perimeter’ when sophisticated types of cyber-attack like spear-phishing give attackers the same access as the users who have been compromised. By making information governance a part of their overall cyber security strategy, firms can ensure that hackers have limited access to information, reducing the potential damage of a breach.
Frank has worked in legal IT for over 25 years, having occupied a number of technical roles through to IT Director of Ince & Co, responsible for delivering a professional yet personalised IT service and cost-appropriate IT solutions to a diverse global practice.
Frank joined iManage in February 2015 as a Subject Matter Expert to utilise his knowledge and experience to help iManage customers realise the best return on their investment in their iManage products, and to enable the company to deliver better products and create more value.
iManage is the leading provider of work product management solutions for law firms, corporate legal departments, and other professional services firms such as accounting and financial services.
iManage helps these firms serve their clients more effectively by improving productivity and governance throughout the creation, sharing, and security of work product. iManage is the comprehensive, integrated and reliable solution, trusted every day by over 3,000 organizations and one million professionals worldwide.
Information security, the past, the present and the future: Niamh Muldoon, DocuSign, EU information security director
Niamh will talk through the history of Information Security, how we got to the situation we find ourselves in today and what the Information Security challenges we face in the future.
Niamh Muldoon joined DocuSign with 15 years’ experience in the Information Security profession. The first 12 years of her career were spent working on Information Security teams for an Irish Financial Institution (AIB), she then progressed her career to manage the security strategy program portfolio for an Irish online eGaming company (Paddy Power). In 2014 she took her career global and set-up the EMEA Privacy and Compliance team for a cloud application provider (Workday) embedding privacy and compliance into the European headquarters based in Dublin.
She describes herself as “Born to Protect” as she protected the goals in her football sporting life and continues to protect data in her professional life. Niamh qualified as the youngest female in Ireland to obtain the Information Security CISSP qualification back in 2004. In her spare time she likes to give back to the Information Security industry by lecturing at National College Ireland, sitting on Global (ISC)2 Scholarship review panels and mentoring those new to the Information Security Profession.
DocuSign is changing how business gets done by empowering more than 250,000 companies and 100 million users in 188 countries to sign, send and manage documents anytime, anywhere, on any device, with confidence.
DocuSign replaces printing, faxing, scanning and overnighting documents with the easiest, fastest, most trusted way to make every approval and decision digital.
Organizations of all sizes and industries are accelerating contracts, approvals and workflows with DocuSign’s Digital Transaction Management (DTM) platform and eSignature solution. DocuSign keeps life and business moving forward.
Business held hostage: Are you eady for a ransomware attack?: Steven Malone, Mimecast, director of security product management
No organization is immune to a ransomware attack. In recent months, nearly half of all malware blocked by Mimecast for its 20,000 customers has been ransomware.
How ready is your organization to face a ransomware attack? This presentation will help you to understand and explore;
- The impact of ransomware: Just how serious a threat is it?
- How could ransomware get into your organization?
- Why is ransomware happening more now than ever before?
- How can you best defend against a ransomware attack before it locks up your critical information assets?
Steven will discuss how a three-pronged strategy of prevention, business continuity and email archiving can help defeat ransomware before it takes your business hostage.
Steven Malone is Mimecast, Director of Security Product Management.
Having joined Mimecast in July 2013, he is tasked with defining and bringing the security product roadmap from vision to reality. Steve works closely with the all areas of the organization to bring new security products and services innovations to our customers.
Steven is a passionate advocate for security in technology. Prior to joining Mimecast, he held senior roles in the security channel and also technical positions in a number of global organizations.
Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
Our best-of-breed services protect the email of over 21,800 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.