Our Chief Technology and Security Officer,Michael McAndrews, is a principal speaker this week at the prestigiousLawyers for Civil Justice2022 Fall Meeting in New York City. Other scheduled speakers includefederal judges Robert Dow, Jr., and Robin Rosenberg, former U.S. House Ethics Committee Chairman Charlie Dent. The meeting runs from November 30th to December 2nd. Twice a yearLCJ assembles nationally recognized policymakers and practitioners, including members of Congress, distinguished judges, and other opinion leaders, to discuss the latest developments in civil justice reform.
Michael’s session is “Who’s Discovering Your Discovery?” He’ll provide a tour of the Dark Web and show the audience what they need to know about how it exposes confidential information exchanged in civil litigation. They are a few other sessions throughout the day discussing the importance of cybersecurity and privacy during the civil discovery process.
The organization’s membership includes over 60 law firms and 25 corporate members. Corporate attendees this year include Google, Microsoft, AstraZeneca, CVS Health, Johnson & Johnson, Walgreen Co., Bayer, Campbell Soup Company, Chubb, Comcast, ExxonMobile, Toyota, Walmart, and many others.
“Law firms and healthcare providers are enticing targets at the moment because they hold so much confidential information.” – Michael McAndrews
The audience was introduced to the way the Dark Web works—it can be eye-opening and a little scary for most law-abiding citizens. Michael walked them through:
How tor and a tor browser work
How people remain anonymous on the Internet
How ransomware groups extort victims
How Confidential Information gets posted on the Dark Web
How contraband is sold through Dark Net Markets
The primary takeaway was seeing how quickly and easily criminals can capitalize on stolen information. Securing data is hard work. Enterprises invest heavily in people, processes, and technology to keep their trade secrets, proprietary information, and employment records safe and out of the hands of criminals. But once a judge requires that it must be shared as part of Discovery, the security of that data is now in the hands of multiple, smaller organizations (i.e., law firms). Criminals know their job just got easier—the defenses likely won’t be enterprise-grade, and there are more people to target (phish).
If you are in New York City for the conference, be sure to stop by the session on Thursday or reach out to Michael onLinkedInif you want to connect in person.