SlideShare a Scribd company logo

Heureka Webinar – Security, the Growth Engine for eDiscovery Professionals

Download as PPTX, PDF
Heureka Software, profile picture
Heureka Software

The document discusses the integration of security and ediscovery practices, highlighting the need for quick information on various issues such as breaches and compliance. It emphasizes the importance of data analytics, standards like ISO, and the role of legal professionals in enhancing cybersecurity measures. The panelists explore trends, challenges, and strategies for leveraging ediscovery expertise in the security field.

Law
Related topics:
Data Security
1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Security – The Growth Engine for eDiscovery.
PANELISTS Nate Latessa Heureka Chief Operating Officer nate.latessa@heurekasoftware.com Ron Copfer CEO ronald.copfer@heurekasoftware.com Donald Wochna Co-Chair, E-Data Law Group dwochna@E-DataLawGroup.com
HEUREKA OVERVIEW Heureka Meaning: “I’ve found it!” Heureka was formed to allow clients to search and respond quickly to discovery, security, compliance and free-form investigation needs.
WHY? There is a need for quick information regarding: • Breaches • Data Classification • Lawsuits • Failed Audits • HR Issues • BSA Licensing • Process Changes • Data in the Cloud • IP Loss • Unpatched Endpoints • Proof of Compliance
HOW? • Endpoint Intelligence • Viewed via the search and correlation platform • Numerous workflows – eDiscovery – Data Classification – Incident and Indicator Response – Audit and Compliance – Free Form Investigation
WOCHNA LAW BACKGROUND Attorney, Client and Technology: • We embed technology in our legal solutions. • Created an E-data law group • New site opening January 1, 2015 • dwochna@e-datalawgroup.com • 330.815.2891
OVERVIEW • Trends in eDiscovery and Security • Why security is ready for eDiscovery professionals to lead • How to leverage eDiscovery processes to impact security • Why your experience and expertise is desperately needed • How to cross the boundary, impact your company, and build your career
PANELIST OPENING COMMENTS How and why did you get from eDiscovery to Security?
eDISCOVERY AND SECURITY • eDiscovery – Episodic – Non-budgeted – Fractured data repositories – Immature standards • Security – Continuous – Budgets Increasing – Holistic to the Enterprise – Mature standards
eDISCOVERY AND SECURITY • Similarities – Data explosion – Needle in the haystack identification – Forensic analysis – Malware explosion – Need quicker response time – Need for enterprise-wide data analytics – Both assume huge risks to the business – Challenges in communicating needs to mgmt.
WHAT ISSUES/COMMENTS/NEEDS HAVE YOU HEARD OR SEEN THE MOST FROM CLIENTS IN THE LAST 12 MONTHS?
TRENDS • Many articles written in last two years • Executives Taking Ownership of Cybersecurity • Players: IT, Legal, CFO, Insurance, Vendors, Experts • Legal is moving to become CISO
WHAT ARE THE STANDARDS DRIVING THE INDUSTRIES AND WHAT DO THEY HAVE IN COMMON?
ISO ALIGNMENT • ISO 9000—requirements and best practices for the quality management systems • ISO 27001, 27002 — The process and controls for an Information Security Management System (ISMS) . • ISO/IEC 27050 — Information technology — Security techniques — Electronic discovery (DRAFT). This ISO standard is within the family of standards that focus on information security management.
ISO 27050 • The fundamental purpose of the digital forensics standards ISO/IEC 27037, 27041, 27042 and 27043 and 27050 is to promote good practice methods and processes for forensic capture and investigation of digital evidence • This four-part standard concerns the discovery phase, specifically the discovery of Electronically Stored Information (ESI), a legal term-of-art for data.
IMPACT OF ISO • Rise of Certification to ISO standard – Law firms – Vendors – Experts • ISO standard requires “measurement of accuracy” • How accurate are the results of the ediscovery process used
WHAT IS THE CHANGE FROM PROCESS TO ANALYTICS IN THE EDISCOVERY FIELD AND WHY IS IT IMPORTANT?
ACCURACY OF RESULTS • Accuracy of Results measures the output—not the process • Accuracy of Results relates to the Data— not the process • Accuracy of Results requires moving beyond Process and analyze the Data being identified, preserved, and produced
ACCEPTANCE TESTING • Establish whether or not it can be stated, at a given level of confidence, that recall is at or above a specified level. • EG: a passing acceptance test would allow us to state with a 95% confidence interval that our retrieval efforts have achieved 80% recall or better.
STANDARDS REQUIRE SAMPLING • Sampling is the “bridge” between e- discovery and cybersecurity. • Sampling applicable to eDiscovery tests the Data—not the process • Tools used in eDiscovery are applicable in cybersecurity to test the Data
SAMPLING AND DATA ANALYTICS • Data analytics is the key to the future of eDiscovery and cybersecurity • Data analytics is the result of the application of defensible sampling techniques to a universe of data in order to extract reliable intelligence about the data that informs business decisions. • Data analytics is being applied to eDiscovery and to cybersecurity, data breach areas
EDRM
R3 MODEL
USING THE STRENGTHS OF AN EDISCOVERY BACKGROUND, HOW CAN ATTENDEES LEVERAGE THEIR LEGAL CONTACTS AND EDISCOVERY PROCESSES?
WHAT WOULD YOU RECOMMEND EDISCOVERY/LEGAL PROFESSIONALS LEARN TO INCREASE THEIR REACH AND INFLUENCE?
PANELIST CLOSING COMMENTS Additional Questions?
THANK YOU!
HEUREKA – I’VE FOUND IT! www.heurekasoftware.com

More Related Content

PDF
CISSP Preview - For the next generation of Security Leaders
NUS-ISS
 
PPTX
Big data in term of security measure
Yaakub Idris
 
PDF
Ofer Maor - Security Automation in the SDLC - Real World Cases
centralohioissa
 
PPTX
Data Connectors San Antonio Cybersecurity Conference 2018
Interset
 
PPTX
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Netskope
 
PDF
Security Risks: The Threat is Real
ePlus
 
PPTX
3 Reasons Why Manufacturing Companies are Moving to Dynamics 365FO
Nandita Nityanandam
 
PPTX
Making Cloud Security Part of Your DNA Webinar Slides
Netskope
 
CISSP Preview - For the next generation of Security Leaders
NUS-ISS
 
Big data in term of security measure
Yaakub Idris
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
centralohioissa
 
Data Connectors San Antonio Cybersecurity Conference 2018
Interset
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Netskope
 
Security Risks: The Threat is Real
ePlus
 
3 Reasons Why Manufacturing Companies are Moving to Dynamics 365FO
Nandita Nityanandam
 
Making Cloud Security Part of Your DNA Webinar Slides
Netskope
 

What's hot (20)

PDF
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir
 
PDF
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Schellman & Company
 
PPSX
William Diederich - Security Certifications: Are They Worth the Investment? A...
centralohioissa
 
PDF
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Global Business Events
 
PPTX
Alert Logic - Corporate Overview
bmiller144
 
PDF
To MSSP or not to MSSP IISF 2015
Paul Hogan
 
PPTX
If We Only Had the Time: How Security Teams Can Focus On What’s Important
Nathan Burke
 
PPTX
NTXISSACSC2 - Why Lead with Risk? by Doug Landoll
North Texas Chapter of the ISSA
 
PDF
2015-11-17 Time for an IT Assessment
Raffa Learning Community
 
PDF
Technology Assesment
David Duncan
 
PPSX
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
PDF
Addressing the Cyber-Security Landscape
ePlus
 
PDF
ePlus Enabling a Total Healthcare IT Transformation to Deliver the Future of ...
ePlus
 
PPTX
Hipaa Reality Check
SecurityMetrics
 
PDF
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Druva
 
PPT
IT Security Strategy
Laura Vanassche
 
PPT
Acqueau lumin ultra
ACQUEAU Cluster
 
PPTX
NTXISSACSC2 - The Evolving DMZ by John Fehan
North Texas Chapter of the ISSA
 
PPTX
Managed it business leader ppt
BimadRajSinha1
 
PPTX
The Case For Secure Data Science
Daniel McEnnis
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir
 
Locking Up Your Cloud Environment: An Introduction to ISO/IEC 27017 and 27018
Schellman & Company
 
William Diederich - Security Certifications: Are They Worth the Investment? A...
centralohioissa
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Global Business Events
 
Alert Logic - Corporate Overview
bmiller144
 
To MSSP or not to MSSP IISF 2015
Paul Hogan
 
If We Only Had the Time: How Security Teams Can Focus On What’s Important
Nathan Burke
 
NTXISSACSC2 - Why Lead with Risk? by Doug Landoll
North Texas Chapter of the ISSA
 
2015-11-17 Time for an IT Assessment
Raffa Learning Community
 
Technology Assesment
David Duncan
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
Addressing the Cyber-Security Landscape
ePlus
 
ePlus Enabling a Total Healthcare IT Transformation to Deliver the Future of ...
ePlus
 
Hipaa Reality Check
SecurityMetrics
 
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]
Druva
 
IT Security Strategy
Laura Vanassche
 
Acqueau lumin ultra
ACQUEAU Cluster
 
NTXISSACSC2 - The Evolving DMZ by John Fehan
North Texas Chapter of the ISSA
 
Managed it business leader ppt
BimadRajSinha1
 
The Case For Secure Data Science
Daniel McEnnis
 
Ad

Similar to Heureka Webinar – Security, the Growth Engine for eDiscovery Professionals (20)

PDF
The Sherpa Approach: Meeting the Demands of the Digital Age
Sherpa Software
 
PPTX
BDO-ACEDS 10-29-14 Webcast
Logikcull.com
 
PDF
IDOL eDiscovery
Darren Gallagher
 
PDF
5 Key Things to Know About eDiscovery and How to Implement Them in Your Practice
ESI Attorneys LLC
 
PDF
ZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB
 
PDF
Aceds 2015 wie nycpa final oct panel slides
Joe Bartolo
 
PDF
Weekly eDiscovery Top Story Digest - November 20, 2013
Rob Robinson
 
PPT
Unit 4 standards.ppt
ClashWithGROUDON
 
PDF
Demystifying analytics in e discovery white paper 06-30-14
Steven Toole
 
PDF
Technical track chris calvert-1 30 pm-issa conference-calvert
ISSA LA
 
PPTX
Empowering the business for eDiscovery in Office 365 - BRK2112
Joanne Klein
 
PPT
Contoural Kazeon Webinar Insourcing E Discovery Nov 08 V1 1 3
J. David Morris
 
PDF
standards1.pdf
Karthick Panneerselvam
 
PDF
Conference on Digital Forensics & Cyber Security 2016
Kayisa Herman Dube
 
PPTX
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON
 
PPTX
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
PDF
Focused agile audit planning using analytics
Jim Kaplan CIA CFE
 
PPT
E-Disccovery Best Practices 20090710 Ver02
bretthancock
 
PPTX
Gov civilworkshop
Christopher Wynder
 
PDF
ACEDS Dallas - Back to School Lessons on the EDRM
PatrickBilgere
 
The Sherpa Approach: Meeting the Demands of the Digital Age
Sherpa Software
 
BDO-ACEDS 10-29-14 Webcast
Logikcull.com
 
IDOL eDiscovery
Darren Gallagher
 
5 Key Things to Know About eDiscovery and How to Implement Them in Your Practice
ESI Attorneys LLC
 
ZyLAB White Paper - Bringing e-Discovery In-house
ZyLAB
 
Aceds 2015 wie nycpa final oct panel slides
Joe Bartolo
 
Weekly eDiscovery Top Story Digest - November 20, 2013
Rob Robinson
 
Unit 4 standards.ppt
ClashWithGROUDON
 
Demystifying analytics in e discovery white paper 06-30-14
Steven Toole
 
Technical track chris calvert-1 30 pm-issa conference-calvert
ISSA LA
 
Empowering the business for eDiscovery in Office 365 - BRK2112
Joanne Klein
 
Contoural Kazeon Webinar Insourcing E Discovery Nov 08 V1 1 3
J. David Morris
 
standards1.pdf
Karthick Panneerselvam
 
Conference on Digital Forensics & Cyber Security 2016
Kayisa Herman Dube
 
44CON 2014 - Security Analytics Beyond Cyber, Phil Huggins
44CON
 
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
Focused agile audit planning using analytics
Jim Kaplan CIA CFE
 
E-Disccovery Best Practices 20090710 Ver02
bretthancock
 
Gov civilworkshop
Christopher Wynder
 
ACEDS Dallas - Back to School Lessons on the EDRM
PatrickBilgere
 
Ad

Recently uploaded (20)

PDF
Notes to accompany the TMT and FRAND Overview Slides
Jane Lambert
 
PPTX
Income under income Tax Act..pptx Introduction
Vaishali Sharma
 
PDF
SUMMARY CASES-42-47.pdf tax -1 257++/ hsknsnd
ibrahimnorlainie
 
PDF
APPELLANT'S AMENDED BRIEF – DPW ENTERPRISES LLC & MOUNTAIN PRIME 2018 LLC v. ...
Jeremy Bass
 
PPTX
Digital Security in Cyber Law and Mitigating Cyberxrimes
Shibly Ahamed
 
PDF
Constitution of India and fundamental rights pdf
abiramianitha2509
 
PDF
New York State Bar Association Journal, September 2014
LexArchive
 
PDF
TRAFFIC-MANAGEMENT-AND-ACCIDENT-INVESTIGATION-WITH-DRIVING-PDF-FILE.pdf
chouziyu14
 
PDF
Trademark, Copyright, and Trade Secret Protection for Med Tech Startups.pdf
Ortynska Law PLLC
 
PDF
Notes on Plausibility - A Review of the English and EPO Cases
Jane Lambert
 
PDF
Louisiana Bar Foundation 2023-2024 Annual Report
LexArchive
 
PPT
wipo: IP _smes_kul_06_www_6899913 (1).ppt
jyotsnarani13
 
PPT
Over view on IPR and its components :ppt
jyotsnarani13
 
PPTX
2.....FORMULATION OF THE RESEARCH PROBLEM.pptx
pacifey700
 
PPT
Criminal law and civil law under of collage corriculum
HerobrinediamondPane1
 
PPTX
Ethiopian Civil procedure short note.pptx
awesomeabebe
 
PPTX
PART-3-FILIPINO-ADMINISTRATIVE-CULTURE.pptx
JadeParreno1
 
PPTX
RULE_4_Out_of_Court_or_Informal_Restructuring_Agreement_or_Rehabilitation.pptx
sherileeneva3
 
PPTX
FFFFFFFFFFFFFFFFFFFFFFTA_012425_PPT.pptx
bLackseaL2
 
PDF
Vinayaka Mission Law School Courses and Infrastructure.pdf
monash2629
 
Notes to accompany the TMT and FRAND Overview Slides
Jane Lambert
 
Income under income Tax Act..pptx Introduction
Vaishali Sharma
 
SUMMARY CASES-42-47.pdf tax -1 257++/ hsknsnd
ibrahimnorlainie
 
APPELLANT'S AMENDED BRIEF – DPW ENTERPRISES LLC & MOUNTAIN PRIME 2018 LLC v. ...
Jeremy Bass
 
Digital Security in Cyber Law and Mitigating Cyberxrimes
Shibly Ahamed
 
Constitution of India and fundamental rights pdf
abiramianitha2509
 
New York State Bar Association Journal, September 2014
LexArchive
 
TRAFFIC-MANAGEMENT-AND-ACCIDENT-INVESTIGATION-WITH-DRIVING-PDF-FILE.pdf
chouziyu14
 
Trademark, Copyright, and Trade Secret Protection for Med Tech Startups.pdf
Ortynska Law PLLC
 
Notes on Plausibility - A Review of the English and EPO Cases
Jane Lambert
 
Louisiana Bar Foundation 2023-2024 Annual Report
LexArchive
 
wipo: IP _smes_kul_06_www_6899913 (1).ppt
jyotsnarani13
 
Over view on IPR and its components :ppt
jyotsnarani13
 
2.....FORMULATION OF THE RESEARCH PROBLEM.pptx
pacifey700
 
Criminal law and civil law under of collage corriculum
HerobrinediamondPane1
 
Ethiopian Civil procedure short note.pptx
awesomeabebe
 
PART-3-FILIPINO-ADMINISTRATIVE-CULTURE.pptx
JadeParreno1
 
RULE_4_Out_of_Court_or_Informal_Restructuring_Agreement_or_Rehabilitation.pptx
sherileeneva3
 
FFFFFFFFFFFFFFFFFFFFFFTA_012425_PPT.pptx
bLackseaL2
 
Vinayaka Mission Law School Courses and Infrastructure.pdf
monash2629
 

Heureka Webinar – Security, the Growth Engine for eDiscovery Professionals

  • 1. Security – The Growth Engine for eDiscovery.
  • 2. PANELISTS Nate Latessa Heureka Chief Operating Officer nate.latessa@heurekasoftware.com Ron Copfer CEO ronald.copfer@heurekasoftware.com Donald Wochna Co-Chair, E-Data Law Group dwochna@E-DataLawGroup.com
  • 3. HEUREKA OVERVIEW Heureka Meaning: “I’ve found it!” Heureka was formed to allow clients to search and respond quickly to discovery, security, compliance and free-form investigation needs.
  • 4. WHY? There is a need for quick information regarding: • Breaches • Data Classification • Lawsuits • Failed Audits • HR Issues • BSA Licensing • Process Changes • Data in the Cloud • IP Loss • Unpatched Endpoints • Proof of Compliance
  • 5. HOW? • Endpoint Intelligence • Viewed via the search and correlation platform • Numerous workflows – eDiscovery – Data Classification – Incident and Indicator Response – Audit and Compliance – Free Form Investigation
  • 6. WOCHNA LAW BACKGROUND Attorney, Client and Technology: • We embed technology in our legal solutions. • Created an E-data law group • New site opening January 1, 2015 • dwochna@e-datalawgroup.com • 330.815.2891
  • 7. OVERVIEW • Trends in eDiscovery and Security • Why security is ready for eDiscovery professionals to lead • How to leverage eDiscovery processes to impact security • Why your experience and expertise is desperately needed • How to cross the boundary, impact your company, and build your career
  • 8. PANELIST OPENING COMMENTS How and why did you get from eDiscovery to Security?
  • 9. eDISCOVERY AND SECURITY • eDiscovery – Episodic – Non-budgeted – Fractured data repositories – Immature standards • Security – Continuous – Budgets Increasing – Holistic to the Enterprise – Mature standards
  • 10. eDISCOVERY AND SECURITY • Similarities – Data explosion – Needle in the haystack identification – Forensic analysis – Malware explosion – Need quicker response time – Need for enterprise-wide data analytics – Both assume huge risks to the business – Challenges in communicating needs to mgmt.
  • 11. WHAT ISSUES/COMMENTS/NEEDS HAVE YOU HEARD OR SEEN THE MOST FROM CLIENTS IN THE LAST 12 MONTHS?
  • 12. TRENDS • Many articles written in last two years • Executives Taking Ownership of Cybersecurity • Players: IT, Legal, CFO, Insurance, Vendors, Experts • Legal is moving to become CISO
  • 13. WHAT ARE THE STANDARDS DRIVING THE INDUSTRIES AND WHAT DO THEY HAVE IN COMMON?
  • 14. ISO ALIGNMENT • ISO 9000—requirements and best practices for the quality management systems • ISO 27001, 27002 — The process and controls for an Information Security Management System (ISMS) . • ISO/IEC 27050 — Information technology — Security techniques — Electronic discovery (DRAFT). This ISO standard is within the family of standards that focus on information security management.
  • 15. ISO 27050 • The fundamental purpose of the digital forensics standards ISO/IEC 27037, 27041, 27042 and 27043 and 27050 is to promote good practice methods and processes for forensic capture and investigation of digital evidence • This four-part standard concerns the discovery phase, specifically the discovery of Electronically Stored Information (ESI), a legal term-of-art for data.
  • 16. IMPACT OF ISO • Rise of Certification to ISO standard – Law firms – Vendors – Experts • ISO standard requires “measurement of accuracy” • How accurate are the results of the ediscovery process used
  • 17. WHAT IS THE CHANGE FROM PROCESS TO ANALYTICS IN THE EDISCOVERY FIELD AND WHY IS IT IMPORTANT?
  • 18. ACCURACY OF RESULTS • Accuracy of Results measures the output—not the process • Accuracy of Results relates to the Data— not the process • Accuracy of Results requires moving beyond Process and analyze the Data being identified, preserved, and produced
  • 19. ACCEPTANCE TESTING • Establish whether or not it can be stated, at a given level of confidence, that recall is at or above a specified level. • EG: a passing acceptance test would allow us to state with a 95% confidence interval that our retrieval efforts have achieved 80% recall or better.
  • 20. STANDARDS REQUIRE SAMPLING • Sampling is the “bridge” between e- discovery and cybersecurity. • Sampling applicable to eDiscovery tests the Data—not the process • Tools used in eDiscovery are applicable in cybersecurity to test the Data
  • 21. SAMPLING AND DATA ANALYTICS • Data analytics is the key to the future of eDiscovery and cybersecurity • Data analytics is the result of the application of defensible sampling techniques to a universe of data in order to extract reliable intelligence about the data that informs business decisions. • Data analytics is being applied to eDiscovery and to cybersecurity, data breach areas
  • 22. EDRM
  • 24. USING THE STRENGTHS OF AN EDISCOVERY BACKGROUND, HOW CAN ATTENDEES LEVERAGE THEIR LEGAL CONTACTS AND EDISCOVERY PROCESSES?
  • 25. WHAT WOULD YOU RECOMMEND EDISCOVERY/LEGAL PROFESSIONALS LEARN TO INCREASE THEIR REACH AND INFLUENCE?
  • 28. HEUREKA – I’VE FOUND IT! www.heurekasoftware.com

Editor's Notes

  • #5: Pain Story – why Something bad happened. People are yelling You're in trouble and you need answers from across the enterprise...ASAP!
  • #12: Ron to take lead via remote collections, Don second with cost-effective, standardized solution gets out of spoiliation. Pre-collection analytics from Nate.
  • #15: Don to Lead – Maturing industry moving to standardized protocols. ISO is under the security umbrella. Validation. eDiscovery is a process under security and info technology.
  • #26: Need to add links