On May 22-24, 2022, Brian Edelman joined fellow thought leaders at the Lido House, Newport Beach, CA for panel discussions at the eDiscovery & Information Governance Retreat hosted by the CJK Group and the 2022 Security, Privacy, Risk & Compliance Retreat hosted by Sub-Four Capital.
“I am honored to participate in these high-level discussions and contribute expert knowledge on cybersecurity best practices and technical controls to safeguard private data,” Edelman expressed.
Robert Dibert, Counsel at Frost Brown Todd, lead the “Cybersecurity in eDiscovery” panel discussion with reference to the 9 phase Electronic Discovery Reference Model (EDRM) that guides Legal & eDiscovery Practitioners through the process of data discovery and transmission in legal proceedings. The panel discussed ways in which parties, their counsel and service providers may act to reduce the probability and impact of a cybersecurity incident during eDiscovery.
“This was a great session, which revealed that cybercrime is infiltrating legal firms and legal processes. The cybersecurity solution is implementation of zero trust, which considers users, devices, and systems as potential threats until proven otherwise” remarked Edelman.
“It is critical to safeguard discoverable data, which is an asset and a liability, as it transits through the phases of eDiscovery. Establish cybersecurity before engagement, for the benefit of both the eDiscovery firm as well as the entity from which data will be acquired. Before processing, having awareness of possible effects on existing regulatory requirements, cyber program, and cyber insurance as well as evidence of cyber posture are key” said Edelman. “Once in production, know what systems and cybersecurity controls are being used in order to move and securely deliver electronically stored information (ESI). Finally, be sure to follow an evidenced based decommission process to validate that information collected in preservation and processing was properly destroyed” Edelman shared. The panel centered discussion on the importance of third-party risk management and due diligence strategies to reduce cyber risk and ensure secure transmission of collected data.
On day two, M. Scott Koller, Privacy and Data Security Attorney at BakerHostetler, lead the “Exploitation of Remote Work by Cybercriminals” panel discussion on actively exploited security gaps in remote work programs put into place in sudden response to the COVID-19 pandemic. The panel addressed mitigation of cyber risks associated with the remote work model and tactics to harden cybersecurity to protect against continued threats.
Panel speakers shared the types of breaches they’ve seen since the remote work environment became commonplace and engaged in detailed conversation about missing cybersecurity safeguards that contribute to the exploitation of remote access solutions and unknown endpoints. Each speaker proposed cybersecurity solutions to effectively secure a remote workforce including assignment of roles & responsibilities, regulation requirements, third-party risk management, securing systems, endpoints and networks, implementation of cybersecurity controls and end-user awareness training.
“Having a Security Assessment performed is crucial to learning where your firm’s risks exist” Edelman declared. “Understanding your requirements (Regulatory, Cyber Insurance, Governmental) combined with security assessment findings are the foundation for a strong cyber program, which when implemented properly, remedies risks and secures your remote workforce” Edelman explained to the highly engaged audience.
The 2-day security retreat was a resounding success and enjoyable event for all in attendance who departed with heightened awareness and new strategies for strengthening cybersecurity.
For more information about managed endpoint and network protection or security assessment contact FCI: https://fcicyber.com/contact-us/
Brian Edelman, FCI CEO & Cybersecurity Expert is a member of the National Speakers Association and is available for cybersecurity speaking events delivered in-person and virtually. For more information, please send an email to: [email protected]