Enemies at the Gate: Responses to Data Security Threats at Law Firms

By Joseph Raczynski

The 5th Annual Law Firm CFO/CIO/COO Forum

In eerie silence, law firms could be easily breached like JPMorgan Chase, Home Depot and Sony by cyber criminals.  The difference with law firms, few would know the sensitive data was absconded.  While law firms do not have to report such penetrations we learned at the Data Privacy, Security & the Globalized Law Firm CFO/CIO/COO Forum that they must increasingly stay vigilant to avoid such a plight.

In the first panel discussion of the day with Mike Marsilio, Director of Security and Compliance, DTI; Mark Connelly, CISO Thomson Reuters; Steve Katz, Board member Glasswall Solutions; John Masserini, CSO, The MIAX Exchange; Mark Olson, VP and CISO, Iron Mountain, they focused on a few key data security topics.

What keeps them up at night?

John Masserini expressed several concerns which were mutually shared by the panel.  Simply put, employees create significant anxiety.  What are they downloading?  What links are they clicking?  Are they using dirty unencrypted jump drives on their computers?  All were in agreement that internal employee’s actions can cause the most harm to a network.

Other concerns expressed:

  • Regulatory requirements
  • Not having enough skilled people
  • Complexity of vendors systems and vendors who are not mindful of the security concerns

Answering some of these issues Mark Olson of Iron Mountain offered a few suggestions.  There has to be processes in place.  Enact physical requirements on your data rooms, e.g. isolating buildings and spaces.  In addition have vendors escorted into your buildings.  Knowing that you have to trust some vendors, log absolutely everything.  Do not allow jump drives unless cleansed by your security professionals.  Ultimately the mantra of the day was educate, test, create and follow process and procedure and retrain constantly to guard against breaches.

How do you speak with the partnership about security?

The panel discussion also touched how best to convey the magnitude of security and risk with the firm partnership.  One distinction they made was that the Chief Information Security Officer (CISO) must show that their investment in IT is directly related to retention and new business.  If there was a breach the harm to the brand could be irreparable.  When explaining security they suggested staying away from tech talk and painting a picture that non-technical people could understand.  Partnership tends to lean-in regarding financial discussions from the CISO.  When they do IT should state it in a fashion that “they know you know” the business is about making money.  The concept driven home was that security and risk is not a cost center rather a retention and new business play.

As the panel closed the session they emphasized that law firms are in a precarious position.  They are brokers of sensitive and important information (think IP and merger information), and to that end they are a massive target.  It is the responsibility of the Chief Information Security Officer (CISO) to put in place process, procedure and pound the drum for employee education and awareness.  The unseen enemy is really those employees that are uneducated, unaware, and unwilling to properly care for the firm’s tools and technology; thus exposing the firm to the outside attacks.

Stanford, Sights Set on Legal: Part 3 – School Projects Create Significant Companies

By Joseph Raczynski

The Legal Lessons Learned from Stanford Series

Stanford University is fully embracing the legal industry, a historically cautious mover, as a focal point of its innovative solutions.  The industry is primed to evolve through more transformative processes by pairing inventive thought and applied technological advancement to solve niche legal process issues.  Recently at the Emerging Legal Technology Forum, hosted by Thomson Reuters and Stanford University, we learned how and what the school has developed to further advance the legal space.

Lex Machina Blazes a path:

As I mentioned in the previous post, not too long ago Stanford decided to coalesce departments across its graduate campuses.  This meant combining groups that had always been housed in separate buildings.  Once they started this project, the nascent ideas emerged.

Lex Machina – one of the first and most successful of the emerging projects, started with a mashup of the university’s law school and computer science department’s collaborating.  It is an IP litigation research company which creates legal analytics data and software.  It began as a project on campus under the broad and supportive limbs of Stanford’s incubator environment before being spun off into what it is today, a full-fledged company based in Menlo Park, CA.  This exemplifies the university’s core, to intertwine siloed departments, leverage strengths, and thus seek out whitespace.  In this instance they were able to leverage computer algorithms from the CS department with the publically available legal data to produce visualization of IP litigation data and predictive outcomes.  Never before had these two disparate groups collaborated.

Securities Litigation Analytics is a similar type of project still sitting inside of Stanford.  In a similar way SLA is an analytics based legal platform focused on federal shareholder lawsuits.  It allows a user to query a database of over 2,000 federal shareholder lawsuits across hundreds of variables and see the statistics for outcome, settlement size and resolution.  Like Lex Machina there is an ability to display the results of your search through interactive graphics.1

What is remarkable about these projects is that it took comingling of two different cultures and philosophies into one venture to produce them.  One surprise during their discussions was the realization that both Michael Klausner CEO of SLA and Josh Becker CEO of Lex Machina did not know the other existed and yet they were a few floors apart working on their respective projects in a similar field.  Given the advanced and innovative approach that Stanford is taking, I was rather surprised to hear them say they did not know about each other.

Ultimately Stanford is pushing into the legal space with the hopes of engaging the industry, its respected schools and technology.  They are actively establishing an ecosystem of innovation by driving experimentation and promoting new ways of working within the legal space.  Based on the projects evolving into established companies, we know their imaginative processes are creating a furtile ground for pushing legal forward.

 

Stanford, Sights Set on Legal: Part 2 – “Designing” a Legal Industry

By Joseph Raczynski

The Legal Lessons Learned from Stanford Series

Stanford University is fully embracing the legal industry, a historically cautious mover, as a focal point of its innovative solutions.  The industry is primed to evolve through more transformative processes by pairing inventive thought and applied technological advancement to solve niche legal process issues.  Recently at the Emerging Legal Technology Forum, hosted by Thomson Reuters and Stanford University, we learned how and what the school has developed to initiate increased efficiencies in this arena.

In my last post I wrote about how Stanford’s Design School created a better process for Fidelity Investments when it came to driving more customers to create estate plans.  What was most fascinating about the talk was Margaret Hagan from the Stanford Institute of Design perspective and approach.

In her opinion, in any one of these scenarios it is all about collaboration and rapid prototyping.  She set the stage by recommending the legal industry create more “Popups” i.e. brief rapid-fire meetings that have the following:

  • Different backgrounds – people from various perspectives and specialties
  • Innovative spaces – bright, colorful, open rooms
  • Music, force people to stand, uncomfortable chairs, intimate space, white boards, pens in hands
  • Keep the conversation going by saying “Yes and…” don’t worry if this will work or not
  • Concept of “flaring” which is putting all ideas up on the board

Margaret started a Legal Design Initiative to explore new areas and draw out ideas.  Over an eight week period she set up popups with partners like Orrick.  They worked in collaboration targeting teams of JD/MBAs and d.School to come up with fresh concepts.  The goal was to be exploratory.  The benefits to this was that Stanford came away with a host of clever ideas and new projects that could eventually be elevated to the realm of a Lex Machina or SLA, which I will delve into more in the next post.

Stanford, Sights Set on Legal: Part 1 – Fidelity Investments Estate Planning

By Joseph Raczynski

The Legal Lessons Learned from Stanford Series

Stanford University is fully embracing the legal industry, a historically cautious mover, as a focal point of its innovative solutions.  The industry is primed to evolve through more transformative processes by pairing inventive thought and applied technological advancement to solve niche legal process issues.  Recently at the Emerging Legal Technology Forum, hosted by Thomson Reuters and Stanford University, we learned how and what the school has developed to initiate increased efficiencies in this arena.

Designing a Better Legal Process:

Fidelity Investments had a problem.  They have 20 million customers and 70% of them did not have an estate plan.  Being a customer centric organization they wanted to significantly lower that gap.  Fidelity reached out to Stanford and the school brought the Design School (d.School) and Law School together to collaborate.  Margaret Hagan of the Stanford Institute of Design and Philippe Mauldin of Fidelity used some of the basics of the design program to figure out how to help find a solution.  Interestingly enough, core to this process was determining what the problem was, and not focusing on the solution.  They began by visiting people’s homes to see firsthand what their customers chatted about when it came to finances.  Fidelity had a focus on how they could help people protect their assets.  What they uncovered is that the problem was education which bled into a lack of execution for their customers.  Simply stated, people did not know what they did not know and so they did nothing.

Fidelity went back to Stanford and they all collaborated on what this process of establishing a state plan would look like on fideleity.com.  Their focus was on how to help the customer prepare.  Thus they created a wizard interface with step by step templates from Stanford Law School and linking out for complex legal terms.  In addition the wizard helped guide users through a list of pertinent information assisting them in preparation about decisions that they would have to make.  Once that piece was completed the next step was to assist people in partnering with trusted attorneys.  Stanford ultimately recommended a vetted attorney for each state to keep in compliance for local jurisdictions and to review finalized documents.

 

In an effort to create a simple legal process, driving understanding and efficiency, Stanford combined their Design School with the Law School through a real world problem to create a better customer experience.  In the next post I will delve into how the d.School tactically innovates through process which I believe all industries could benefit.

The Next Legal Era: Artificial Intelligence and Cognitive Computing

By Joseph Raczynski

We are on the cusp of a new era in computer technology.  What could possibly connect rapid automated legal decisions; systematized stack ranked medical diagnosis, and never created scrumptious food recipes?  At the IBM Cloud Innovation Forum in Dana Point CA, Mike Rhodin SVP of IBM Watson connected the three with a provocative overview of what our future in legal entails.

Here is some brief history.  The computer is entering its third era.  In the beginning we focused around the computation of numbers called the Tabulation Era.  Simple calculations ruled this phase.  After decades passed we moved into the use of magnetic tapes and programmed storage of information.  The central piece surrounding this period was programming and so is known as the Programmatic Era.  Currently we find ourselves in this phase but edging into the third known as the Learning Systems Era.

Our current era is in a troubled state.  In 2020 all data available will surpass 40 zettabytes (40 trillion GBs).  The slope on a graph which represents this change from today is nearly straight up.  For comparison, in 2009 the entire World Wide Web was estimated to contain close to 500 exabytes which is about one half a zettabyte.  Every electronic act, button pushed, video or picture taken, word written, is a magnification of significant proportion.  However, where data storage multiplies is as we create and store meta data and learned connections from the base data.

Why is data exploding?  When Watson competed against Ken Jennings and Brad Rutter on Jeopardy, IBM gave it a brain (offline hard drive) of all the information they thought was pertinent to win.  Initially they found it was about 10 gigs of information.  However when the engineers extracted the meta data from the 10 gigs using every algorithm imaginable, the storage ballooned 10 times to 100 gigs.  Lastly they applied other computer assisted cognitive learning against the data and the storage grew by 100 times.  This is one reason the amount of data is exploding as we move toward 2020.  The data we create about data is actually more voluminous than the original data set, and the learning’s from that are even greater.  The volume of data is at a tipping point.  We are nearly at capacity to understand it as humans.

Rhodin says we make decisions through four phases.  We observe, interpret, evaluate and then decide.  Watson now has the ability to tap into this same process.  This was made evident when doctors saw Watson on Jeopardy ranking top answers based on evidence and supporting hypotheses.  These data points can help form decisions.

Expertise matters more than ever before and with the amount of data coming online it is increasingly challenging for any one human in a field such as law to have mastery.  Cognitive computing enhances, accelerates and scales human expertise so that the attorney can wrap their head around the patterns and make intelligent decisions.  The attorney has to be especially aware of this as they are presented with much larger volumes of discovery data than ever conceived.

In a very unique example of Watson’s prowess, it digested all of Bon Appetite’s recipes.  The system was trained in underlining chemical combinations thus bringing never tried together favors with very different blends.  It connected the dots on things never created and spit out several recipes.  The food was launched in a food truck at the festival South By Southwest (SXSW).  The truck produced the biggest buzz with lines extending three blocks.  Chef Watson’s cookbook of 100 recipes is coming out in the coming months.

Ultimately what Watson is doing is exploring the whitespace, attempting to connect the dots into what has not been found.  As we are inundated by data, cognitive computing will help experts sift through the data and retain their expertise.  It is clear that this is the future of many industries including the legal sphere.  Watson is in beta trials for medical and life sciences, law enforcement, financial services and legal.

 

Law Firm Innovation: Do or Die

By Joseph Raczynski

The last five years have seen significant change in the legal marketplace.  According to this panel, delivering services to clients is chief among the transformations.  At this ILTA session, Ron Friedmann of Fireman & Company, Scott Rechtschaffen at  Littler Mendelson, P.C., and Andrew Perlman from Suffolk University Law School discussed “The Legal Industry Inflection Point: The Time for Innovation is Now!“.

In the first pass at uncovering how firms can adjust Scott Rechtschaffen mentioned it must start with preparing law students.  He went on to state that, “The technology and process lawyers use to deliver legal services to their clients must inevitably change”.  These were his three tenents:

–              Clients will no longer accept annual rate increases from outside counsel

–              Clients continue to prefer to bring more work in-house

–              Clients will look for alternatives to outside counsel for routine and repetitive tasks

In essence no client is going to pay top dollar for lower associates anymore.  They would rather hire their own attorney and teach them the basics for the more mundane routine tasks.

In one of the more interesting anecdote’s Scott Rechtschaffen at Littler Mendelson described a firm leadership meeting he ran with 450 shareholders in attendance.  He asked the following of his audience.  Would you bank with a firm that did not have online account access?  Would you buy tickets from StubHub if they did not disclose the location of your concert tickets?  Would you book a flight with an airline that did not display your seat location?  To each question it was a unanimous, “no”.  So he asked, “Then why are your clients denied that level of basic access?”  He mentioned that story resonated with everyone in the room.  Their firm began a rapid movement and adoption of innovation from that point onward.

From the scholastic perspective, Andrew Perlman from Suffolk University Law School stated “Traditionally Law Schools have done a dreadful job for their students.”  As he leads innovation for the institution, they have a new focus for their students.   The concept is for people to skate to where the puck is going, not where it currently is located.

This is a very unique take on reinventing law school.  This is the class list for Suffolk’s Legal Technology/Innovation Concentration:

–              Legal Project Management (LPM)

–              Lawyering in the Age of Smart Phones

–              21st Century Legal Profession

–              eDiscovery

–              Externships with a New Generation of Employers (think eDiscovery processors, KM companies)

–              Legal Tech Audit: Law School Edition

Some of the final thoughts from the panel echoing concepts from above were:

–              There will be a major LegalZoom type company which will serve large swathes of the public with quality legal documents

–              The biggest area to be disrupted at firms is with associates.  Currently they primarily focus on rudimentary tasks.  The twist is they will need to train the associates to be partners, i.e. sell, understand pricing structures; while others do eDiscovery, brief writing, or document review.  They will find their niche early and stick with it.

Lastly the panel summed up the entire conversation with the following quote, “Law Firm Innovation: If you don’t cannibalize your business someone else will.  Constant innovation is now paramount.”

 

On the Edge of Law Firm Technology

By Joseph Raczynski

Over the previous three years at ILTA, one of the most popular sessions has been “What’s That? New and Cool Technologies”.  This year was no different.  A capacity crowd of legal technologists listened to the witty foursome of Jeffrey Brandt of PinHawk LLC, Mark Manoukian of Kegler, Brown, Hill & Ritter, Beau Mersereau of Fish & Richardson P.C., and Ben Weinberger with Phoenix Business Solutions.  The cast injected levity into their dialog about predictions of where technology is headed.

They focused on several areas: Windows 8, Wearable Technology, Enterprise Content Management (ECM), Digital Currencies, and The Internet of Things (IoT).

Windows 8:

The panel mentioned that Windows 8 is lightning fast.  The difference between Windows 8 and 8.1 is that in the latter, a start button was added which is key for most users.  Previously people had to hunt out where to begin and it was less intuitive.  The other key takeaway, many firms have not implemented Windows 8 for a singular reason, many vendors do not support IE11 which comes standard on the OS.

Wearable Technology:

The group cited many examples of how wearable technology will start creeping into law firms.  Ben Weinberger stated that “The NFC ring could be used to unlock doors, mobile phones, transfer information and link people.”  This could be a nonintrusive way to acclimate users to this sort of technology.  It is easy and subtle.  Others weighed in with current examples.  Disney World uses Magic Bands worn by park goers.  They are easily able to tap down for food, gift shop purchases, and unlocking their hotel room door.  The goal with wearable said Jeffrey Brandt, is that the form will be small and help establish convergence.

Enterprise Content Management (ECM):

In a statement that seemed to shock the audience, several panelists stated that they thought law firms were on the cutting edge of ECM.  Where firms are typically more conservative to adopt new technology, this is an area firms have a precise focus on organizing data into scalable structural components.

Digital Currencies:

The panel was definitely split on this topic.  Some saw the true value of having an unregulated currency while others bluntly said this was a disaster without government control.  Bitcoin dominated the discussion as the crypto-currency of choice, but Mark Manoukian mentioned a new coin called Ripples which has the endorsement of MIT.  Ultimately the panel suggested that some sort of regulation would be important for true adoption.

Internet of Things (IoT):

The Internet of Things is very popular these days.  It is essentially applying an IP address to almost everything, e.g. each light at your home, doors, and appliances.  The panel saw a great deal of opportunity here and mentioned law firm books as a great way to incorporate this type of technology.  They spoke about placing RFID chips in books to keep track of inventories.

The fast paced discussion covered a wonderful array of topics that may have a major impact on the law firm of the future.  The wearable technology discussion specifically referring to the NFC ring, seemed to strike a chord with most as something very plausible in the near future.  Lastly, it does appear that ECM will continue to evolve within the firm to become more seamless and search dynamic.

 

Should Law Firms Build Apps?

By Joseph Raczynski

On the first day of ILTA’s 2014 convention I attended a rather fascinating session.   The title was “To App or Not To App?” and focused around if it makes sense for a law firm to produce their own Apps.  The following questions were posed: Do law firm apps really do the useful things they are intended?  Do clients use them?  Is now the time to get your firm on board with creating an app, and are they worth the investment?  We entered into a discussion with three firms and how they got from the drawing board to release and lessons they learned along the way.

The panel addressed these questions by talking about three different apps they had each built.

  • Mark McCreary of Fox Rothschild LLP led the discussion on an App that they built at the firm called Data Breach 411. It is an App that “Privacy and Data Practice attorneys created to inform businesses of these state laws so they can better understand their rights, obligations and potential liability.”
  • Marika DaPron of Bracewell & Giuliani LLP discussed The ShalePlay App, which is a comprehensive resource on news and information related to shale gas and hydraulic fracturing, including the latest industry trends and updates.
  • Elyse Lazaruk of Latham & Watkins LLP discussed The Book of Jargon which was a firm written book that they turned into an App. It covers corporate and bank finance slang and terminology.

The major thrust of this session was these three apps were extremely beneficial to the firm.  They cited several reasons for the success.  The number one reason to build an App was the exposure reaped from its creation.  The App simply demonstrated significant expertise by the firm in a specialty area.  They were able to leverage this with potential clients.  In addition, the firms saw a great deal of press from the likes of The Wall Street Journal, Legal Week and The American Lawyer.

Some of the major challenges that the firm’s faced with building the Apps were limited resources, having teams of attorneys collaborate with developers, and watching costs.

When asked by an attendee if the firm would consider building more Apps, the panel universally said “Absolutely!”  Based on this session and while we are in a more competitive legal landscape, it would seem to behoove firms which wish to distinguish themselves to delve into the possibility of creating their own App within their area of expertise.

Unlocking the Power of the Cloud

By Joseph Raczynski

Pressures are increasing for legal IT professionals to increase productivity and reduce costs.  Couple that with the demand for anytime and anywhere access to law firm data and the result is a multi-front push for cloud based solutions.  At the forefront of this struggle are core functions of a firm like content management, collaboration, search, eDiscovery and records management.  At ILTA 2014 HP Autonomy explored with a holistic approach the fundamental factors for unlocking the power of the Cloud.

The three primary factors that drive Cloud have a genesis with the new portrait of today’s attorney.  Neil Araujo of HP mentioned that fully 50% of practicing attorneys in middle to large law firms are 35 years of age and younger currently.  That ushers in a new attorney mindset bent on technology.  These individuals are mobile and connected; and so the panel identified “The New Attorney” as the first driver for Cloud adoption.  The second factor illustrated dealt with “The New Economy”.  Cloud can assist with finding new ways to deliver efficiency and cost savings.  The last factor mentioned was “The New Client”.  Clients are now expecting more for less and desire data in more rapid, easy, and secure platform.

Shawn Misquitta of HP Autonomy cited several major product bets across the industry going forward.   Shawn said, “A consistent, intuitive user experience is of the utmost importance.”  This will lead to clean, clear user interfaces that will display and function well on any device.  The Cloud will be a Hybrid Cloud consisting of both On-Prem and Private Cloud.  This delivers a secure accessible platform that allows for firm governance of data and processes more easily.

Ultimately the panel stated that while there is no simple Cloud solution, there is no question Cloud is here to stay.  The economies of scale, flexibility, scalability, and mobility all make it a rich solution, provided it is implemented and planned carefully.

Google Glass – Thoughts on Glass: Privacy, Security and Its Future

By Joseph Raczynski

This is part two in a series of video’s surrounding Google Glass. This is the Privacy, Security and future of Google Glass. In this video we get to see the complete Google Glass. Take a look at the Google Glass Explorer program.

Glass Series Includes:

1) Glass Unboxing

2) Thoughts on Glass: Privacy, Security and Its Future

3) Usability Demo

4) Law Firms and Glass

5) Full Demo