heureka webinar – security, the growth engine for ediscovery professionals

Security – The Growth Engine for eDiscovery.

PANELISTSNate Latessa Heureka Chief Operating Officer nate.latessa@heurekasoftware.com

Ron CopferCEO

ronald.copfer@heurekasoftware.com

Donald WochnaCo-Chair, E-Data Law Group

dwochna@E-DataLawGroup.com

HEUREKA OVERVIEW

Heureka Meaning: “I’ve found it!”

Heureka was formed to allow clients to search and respond quickly to discovery, security, compliance and free-form investigation needs.

WHY?There is a need for quick information

regarding:

• Breaches• Data Classification• Lawsuits• Failed Audits• HR Issues• BSA Licensing • Process Changes• Data in the Cloud• IP Loss• Unpatched Endpoints• Proof of Compliance

HOW?

• Endpoint Intelligence

• Viewed via the search and correlation platform

• Numerous workflows – eDiscovery– Data Classification– Incident and Indicator

Response– Audit and Compliance– Free Form Investigation

WOCHNA LAW BACKGROUND

Attorney, Client and Technology:• We embed technology in our legal

solutions.• Created an E-data law group• New site opening January 1, 2015• dwochna@e-datalawgroup.com• 330.815.2891

OVERVIEW• Trends in eDiscovery and Security• Why security is ready for eDiscovery

professionals to lead• How to leverage eDiscovery processes to

impact security• Why your experience and expertise is

desperately needed • How to cross the boundary, impact your

company, and build your career

PANELIST OPENING COMMENTS

How and why did you get from eDiscovery to Security?

eDISCOVERY AND SECURITY • eDiscovery

– Episodic– Non-budgeted– Fractured data repositories– Immature standards

• Security– Continuous– Budgets Increasing– Holistic to the Enterprise– Mature standards

eDISCOVERY AND SECURITY • Similarities

– Data explosion– Needle in the haystack identification– Forensic analysis– Malware explosion– Need quicker response time– Need for enterprise-wide data analytics– Both assume huge risks to the business– Challenges in communicating needs to

mgmt.

WHAT ISSUES/COMMENTS/NEEDS HAVE YOU HEARD OR SEEN THE MOST FROM CLIENTS IN THE LAST 12 MONTHS?

TRENDS• Many articles written in last two years

• Executives Taking Ownership of Cybersecurity

• Players: IT, Legal, CFO, Insurance, Vendors, Experts

• Legal is moving to become CISO

WHAT ARE THE STANDARDS DRIVING THE

INDUSTRIES AND WHAT DO THEY HAVEIN COMMON?

ISO ALIGNMENT• ISO 9000—requirements and best practices for

the quality management systems

• ISO 27001, 27002 — The process and controls for an Information Security Management System (ISMS) .

• ISO/IEC 27050 — Information technology — Security techniques — Electronic discovery (DRAFT). This ISO standard is within the family of standards that focus on information security management.

ISO 27050

• The fundamental purpose of the digital forensics standards ISO/IEC 27037, 27041, 27042 and 27043 and 27050 is to promote good practice methods and processes for forensic capture and investigation of digital evidence

• This four-part standard concerns the discovery phase, specifically the discovery of Electronically Stored Information (ESI), a legal term-of-art for data.

IMPACT OF ISO

• Rise of Certification to ISO standard– Law firms– Vendors– Experts

• ISO standard requires “measurement of accuracy”

• How accurate are the results of the ediscovery process used

WHAT IS THE CHANGE FROM PROCESS TO ANALYTICS IN THE EDISCOVERY FIELD AND WHY IS IT IMPORTANT?

ACCURACY OF RESULTS

• Accuracy of Results measures the output—not the process

• Accuracy of Results relates to the Data—not the process

• Accuracy of Results requires moving beyond Process and analyze the Data being identified, preserved, and produced

ACCEPTANCE TESTING

• Establish whether or not it can be stated, at a given level of confidence, that recall is at or above a specified level.

• EG: a passing acceptance test would allow us to state with a 95% confidence interval that our retrieval efforts have achieved 80% recall or better.

STANDARDS REQUIRE SAMPLING

• Sampling is the “bridge” between e-discovery and cybersecurity.

• Sampling applicable to eDiscovery tests the Data—not the process

• Tools used in eDiscovery are applicable in cybersecurity to test the Data

SAMPLING AND DATA ANALYTICS• Data analytics is the key to the future of

eDiscovery and cybersecurity

• Data analytics is the result of the application of defensible sampling techniques to a universe of data in order to extract reliable intelligence about the data that informs business decisions.

• Data analytics is being applied to eDiscovery and to cybersecurity, data breach areas

EDRM

R3 MODEL

USING THE STRENGTHS OF AN EDISCOVERY BACKGROUND, HOW CAN ATTENDEES LEVERAGE THEIR LEGAL CONTACTS AND EDISCOVERY PROCESSES?

WHAT WOULD YOU RECOMMEND EDISCOVERY/LEGAL PROFESSIONALS LEARN TO INCREASE THEIR REACH AND INFLUENCE?

PANELIST CLOSING COMMENTS

Additional Questions?

THANK YOU!

HEUREKA – I’VE FOUND IT!

www.heurekasoftware.com