CEIC® 2015 began with a one-day CISO/CLO Summit that gathered security and legal chiefs to collaborate on emerging best practices in defending the enterprise, as well as an energetic CEIC welcome keynote from our president and CEO Patrick Dennis and Roger Angarita, our head of product development. Patrick talked about how the legal, security, and forensic investigation communities are blending together, both to collaborate and even to expand their own professional areas of responsibility. Our data is converging—and so are our professions—which is good news, since as we collaborate, we are turning the tide in the defense of our organizations, our citizens, and our economies.
Federal Agencies Tackling Cybercrime
At the CISO/CLO Summit, guest speaker Ed McAndrew of the
Department of Justice said that the Sony attack included the first example of
what he sees as an upcoming trend: the cyber bullying of corporations by
nation-state threat actors and other hacker groups. Our Assistant General
Counsel and Vice President of E-Discovery Chad McManamy led a panel that
included U.S. Cybercrime Attorney McAndrew as well as Michael Succi of the
Secret Service. Called “Tales from the Front Lines in the Fight Against
Cybercrime,” the discussion focused on how the Department of Justice, Secret
Service, and other federal agencies are tackling cyber crime, including
everything from hacking and intellectual property theft and identity theft to
any other type of crime that involves digital evidence.
Describing their work, McAndrew noted that federal law
enforcement had made 5,490 cyber crime arrests in 2014, including suspects
ranging from high-school grade hackers to some indicted for involvement in the
Home Depot and Target cyber attacks.
Different hacking
groups have varying motives, but they now include spying, theft, hacktivism,
disruption and destruction of the organization, terrorism and extortion, and
outright warfare. The good news is that the Department of Justice and other
agencies are eager to work with organizations to capture evidence and help bring
cyber criminals to justice, and have done so in recent years with notable
success.
Proposed Changes to
the Federal Rules of Civil Procedure (FRCP)
Daniel Lim of Shook, Hardy & Bacon led a panel, "Judicial
Roundtable on Current E-Discovery Issues," with the Honorable Andrew Peck of the
U.S. District Court of Southern New York and the Honorable Matthew Sciarrino,
Jr., of the Kings County Supreme Court. Many evolving aspects of e-discovery
were discussed. Of particular note were the proposed changes to the FRCP. One
judge noted that the change to Rule 1 is primarily about efficiency. He made
several recommendations, including gaining an organizational commitment to
information governance to ease the e-discovery workflow, to make a record of
any preservation decisions in case explanation is needed later, and to bring
information technology (IT) and legal tech staffers into preservation
discussions early to save time later in the process.
Also noted was the removal of the word “sanction” from FRCP
Rule 37(e), which the judge said can eliminate most fear of sanction by a judge
except when there is evidence that there was intent to deprive the harmed party of access to relevant ESI. He said, “The serious sanctions would then only come
when you lie to the court.” Acting in good faith, documenting decisions, and
working on a sound process that follows the latest EDRM and information
governance workflows will stand any legal team in good stead.
Malware Labs Aplenty
In addition to the tracks aimed at corporate management,
legal teams, and law-enforcement were some with highly focused sessions on
incident response. These sessions were always full, and included “Rootkits,
Exfil and APT: RAM Conquers All,” “EnCase® Cybersecurity Incident Response
Walk-Through featuring Gh0st RAT,” “APT Attacks Exposed: Network, Host, Memory
and Malware Analysis” with SANS' Rob Lee, Anuj Soni of Booz Allen Hamilton, Chad
Tilbury of CrowdStrike, and Jake Williams of Rendition InfoSec.
We’ll have more blog posts summarizing the highlights and
hot buttons of CEIC 2015, and we invite your thoughts and comments in the
section below.
No comments :
Post a Comment