Business Law Section PRMCLE Meeting Location: Attorney Resource Center

Date: June 10, 2019

11:45 AM – Noon Welcome/Introductions Peter Evans, Section Chair

A few words from One Legal today’s lunch sponsor.

Noon – 1:00 PM Program

Cybersecurity for Small-to-Mid-Sized Law Firms. Michele A. Piazza of MP Global Ventures, LLC

Speaker’s Bio

See attached

Presentation Summary

Michele will discuss the 2019 Cybersecurity trends. She will also discuss the lessons learned from breaches and attacks. There will be a discussion regarding cost of data breaches, compliance, privacy, security, risks and tips.

Next Meeting: As a sequel to our 6/10/19 Program that covered “Cybersecurity for Small to Midsized Law Firms”, the 7/16/19 Program is “A Lawyer’s Guide to Responding to a Data Breach by Reena R. Bajowala and Elizabeth R. Bacon”. This is the “Part 2” that advises lawyers on what to do to navigate their business clients through a data breach or other cyber incident. Click here to register for the July 16, 2019 meeting. https://www.dcba.org/events/EventDetails.aspx?id=1246092&group=

DCBA Events: June 13, 2019 Ask a Lawyer Help Desk. Rm. 2017– Judicial Center. 1:00 p.m. to 4:30 p.m.

June 20, 2019 11th hour PRMCLE Seminar 1:30 p.m.-5:00 p.m. @ Granite City, Naperville

June 20th Happy Hour @ Granite City, Naperville at 5:30 p.m.

June 27, 2019 Ask a Lawyer Help Desk Rm. 2017- Judicial Center. 1:00 p.m. to 4:30 p.m.

Earn CLE Online!

DCBA OnDemand CLE is Now Powered by IICLE The Illinois Institute for Continuing Legal Education (IICLE®) and the DuPage County Bar Association (DCBA) are excited to offer a new IICLE®Share collaboration to provide DCBA members a high quality and reliable online learning experience. Members can find the link to The Illinois Institute for Continuing Legal Education (IICLE) on the DCBA website under “Legal Community”OnDemand CLE Online CLE Catalog

View & Print All CLE Certificates through the DCBA Website:

Manage Profile -> Professional Development (under content & features) and choose the icon to the left of each meeting to print your certificate directly or choose to have them emailed to you to save to your computer (you MUST be logged in to view this feature)

The DCBA Brief is looking for substantive law articles over the summer for the September and October issues (and beyond). Due dates to make those issues are July 1 and August 1 respectively. Get a head start on your section’s article quota this summer. Ask your speakers, current, past and future to go the extra mile with their topic and turn their speaking notes into an article! Authors may earn up to one half

their total required MCLE credits for each reporting period from a single article submitted and published. Check dcbabrief.org for the current Writer’s Guidelines and Author Agreement. For questions or to submit an article, contact incoming Editor-in-Chief, Chris Maurer at maurer@aandalaw.com

Michele Piazza is a Global IT Executive who brings a unique blend of technology and business leadership experience as your strategic trusted advisor and security partner. Michele is the Founder, Principal & CXO of MP Global Ventures, LLC, a woman-owned, independent, business focused security & technology management advisory firm. Michele aligns with C-Level IT, Security, Business and Operations executives to provide sustainable technology , risk management , and compliance solutions, to meet your budget. Born in Indiana, Michele came from a family of 5 girls where her parents instilled independence, a strong work ethic, integrity, problem solving, and service as core values. Michele

began her technology career as a young programmer at US Steel in Chicago, where she was selected for a two-year international assignment in Venezuela as part of US Steel’s Consulting technology team. Her experience continued to blossom through various leadership positions in technology at Beatrice Foods Company, Citibank and American National Bank. She was instrumental in 5 mergers: American National Bank into First Chicago, First Chicago NBD, Bank One, WaMu, and finally JPMorgan Chase. Prior to launching MP Global Ventures, LLC, she had a 20+year career at JPMorgan Chase as a Senior Vice President. She progressed through multiple management positions in both technology and business. Her experience reflects direct management of all aspects of technology, including system development, operations, business intelligence, project management & governance, mergers & acquisitions, vendor management, risk management, security and compliance, domestically and globally. Michele was recently featured in the CBS Small Business Pulse: http://smallbusinesspulse.cbslocal.com/2015/08/17/interaction-collaboration-successful-business/ Michele holds an Executive MBA from Kellogg School of Management, Northwestern University and a Bachelor’s degree from Saint Mary’s College, Notre Dame, IN. She is an active member of SIM (Society of Information Management), ISACA (Information Systems Audit & Control Association), SWIT (Senior Women in Technology,) , ISSA (Information Systems Security Association) and InfraGard. Michele became a YWCA Metropolitan of Chicago Board Member in July 2105 and brings her energy and resources to empower women through the YWCA technology programs: techGYRLS, Innovation & Technology Institute, & Developing Digital Diversity. She is also an active member of the YWCA Audit and Enterprise Risk Management Committees. Michele recently accepted a Board of Director position with the Hispanic Innovation Center of Chicago (HIC) to collaborate with international Latino firms to understand the Chicago technology marketplace and provide access to experienced Hispanic technology professionals, while actively investing in the Pilsen / Little Village communities. She is an Advisory Board Member for the Naperville based high-tech incubator hub88. Michele is an avid runner and achieved “Marathon Maniac” status following the completion of her 8th marathon. She enjoys yoga, cycling, hiking and international travel. She recently laced up her boots to hike Mt Kilimanjaro in January 2016 with her husband, David. She resides in the western suburbs with her husband David and their blended family of 6 children.

Cybersecurity for the Legal Community

DuPage County Bar Association

Michele A. Piazza

MP Global Ventures, LLC

06.10.19

Cybersecurity for Small-to-Mid-Sized Law Firms

Learning Objectives:

Key Considerations for Law Firms

Data: Physical and Digital Controls

”Least Privilege”

2FA

Encryption

Segregation of Duty

3rd and 4th Party Supplier Relationships

Assessments using Industry Frameworks

Resiliency

Business Impact Analysis (BIA) /Business Continuity Plan (BCP)

Disaster Recovery Plan (DCP)

Incident Response Plan (IRP)

Crisis Management Plan (CMP)

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

2

Agenda Lessons Learned from Breaches/Attacks

Cost of a Data Breach – 2018 & Beyond

2019 Cybersecurity Trends

Law Firms’ Digital Treasure Chest

Cybersecurity Maturity: Where are you?

Identify, Protect, Detect, Respond, Recover

Industry Frameworks for Baseline Assessments

NIST Cybersecurity Framework

CIS Critical Security Controls

The Fundamentals – Key Security Risks in the Workplace

Looking at Defense In-Depth

Cybersecurity Risk Management Checklists

General

Email & Data Access

Networks

Takeaways & Best Practices for Effective Security

MP Global Ventures, LLC – Services

Q&A

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 3

Lessons Learned from Breaches/Hacks

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

Marriott /Starwood Breach

383Million Guest Records.

-----------------------

Pre-Merger, Starwood Network had been breached,

guest information copied and encrypted (made ready

to remove/extract) for 4 Years.

Post-Merger, Marriott detected anomaly, decrypted

and confirmed sources.

Quest Diagnostics:

11.9 Million Patients’ Information Exposed.

-----------------------

Optum360 Collections Contractor to Quest

AMCA Sub-Contractor to Optum360

Equifax Data Breach Costs Hit

$1.4B

Massive 2017 Breach Continues to

Bite the Credit Reporting Giant's

Bottom LineMathew J.

Schwartz (euroinfosec) • May 13,

2019

Financial Loss

Reputational Damage to Client, Firm, Customers

Professional Misconduct

Damage to economic infrastructure

Threats to National Security

4

Cost of a Data Breach – 2018 & Beyond

Records

Records Exposed: average = 12M, median = 1K

Per-Record Cost1: average = $308, median = $42 58

Organization (Company) Size

Predominantly SMEs: 85% less than $2B in Revenue

Overall Cost

Total Breach Cost: average = $603 9K, median = $61 2K

Crisis Services Cost: average = $307K, median = $40K

Large Company Breach: average = $8 8M, median = $5M

Legal Cost

Defense: average = $106K, median = $17K

Settlement: average = $224K, median = $58K

Regulatory Defense: average = $514K, median = $84K

Regulatory Fines: average = $18K, median = $11K

Business Interruption Cost

All Cost: average = $2M, median = $50K

Recovery Expense: average = $957K, median = $30K

Sectors Affected (top 4)

Professional Services: average = $168K, median = $43K

Healthcare: average = $555K, median = $68K

Financial Services: average = $854K, median = $50K

Retail: average = $1 2M, median = $94K

Cause of Loss (top 4)

Hackers: average = $1 05M, median = $114K

Ransomware: average = $229K, median = $53K

Malware / Virus: average = $1 2M, median = $93K

Lost / Stolen Laptop / Device: average = $195K, median = $41K

Source: NetDiligence 2018 Claims Study

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 5

2019 Cybersecurity Trends

Trends

Automation supports and improves cyber resilience (prevent, detect, contain and respond

Collaboration between Privacy Leader and cybersecurity improves resilience

Privacy Role and Compliance Roles are increasingly critical - GDPR,CCPA, State Data Protection Regulations

Zero Trust Model Cloud Security Solutions

C-Suite Awareness on metrics and cyber resilience to increase funding to increase stronger security posture

Evolving Threats & Challenges

Malvertising

Business Email Compromises (BEC)

Ransomware, Ransomware, Ransomware – Mobile Ransomware up 33% ; Enterprise up 12%

Phishing, Malware and Botnets – Malicious URL’s up 7.8%, 48% of malicious email attachments are office files , 1000% increase in malicious PowerShell scripts

3rd /4th Party Supply Chain Attacks –up 78%

IOT Vulnerability- greater attack surface via routers, connected cameras, printers, Smart TV, Smart Devices,

FORMJACKING- 4800 = average number of websites compromised each month; 3.7M blocked each month

CryptoJacking –trending down but not out; 4x more events blocked in 2018 than 2

Poorly Secured Cloud Databases- 70 million records leaked or stolen from AWS S3 buckets

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

Source: Ponemon Institute ,2019, Fourth Annual Study on The Cyber Resilient Organization

Source: Symantec Internet Security Threat Report, Volume 24, Feb 2019

6

Law Firms’ Digital Treasure Chest

Personally Identifiable Information (PII)

IPO and /or M&A Information

Asset Inventories

Litigation Strategies

Financial Account Details

Estate Planning Records, Financials and Investments

Health Information (HIPAA)

Business Strategies

IP, including Trade Secrets, patent applications

Confidential Witness Information

Drug Study Results

Billing Systems

Litigation Claims

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 7

Cybersecurity Maturity: Where are You?

Optimizing

Elements of Effective Cybersecurity Culture of Security Legal Requirements Training and Education Policy, Procedure and Controls Monitor and Auditing Response and Documentation Information Management Accountability

Ad Hoc • Informal • Reactive • Inconsistent performance

Developing

• Likely repeatable • Some consistency • Lacks rigorous process discipline,

reactive

Practicing

• Defined controls • Documented standards • Consistent performance

• Effective controls • Uses process metrics • Targeted improvement

Leading

• Integrated strategies • Innovative changes • Seamless controls • Continuous

Improvement

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 8

Identify, Protect, Detect, Respond, Recover

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

1.Does your firm use Two Factor Authentication (aka 2FA)?

2.How often does the firm update its operating system?

3.What’s encrypted and how?

4.Do you use a password manager to set strong passwords?

5.Do you regularly educate your employees about security? If so, how?

6.What’s your security insurance coverage? What and whom does it cover?

7. Do you have a disaster recovery and incidence response plan? What

does your physical security look like?.

8.Do you conduct regular security risk assessments?

9. What type of controls are in place for access and identity management.

Authentication and access controls are the first lines of defense. They are

the “keys to the kingdom”—controlling access to networks, computers,

and mobile devices

10.Remote Access – VPN, Remote Desktop

11.Wireless Networks- Guest, Firm, How is access granted?

Source: AboveTheLaw: What You Need To Know About Law Firm Cybersecurity

9

Use Industry Frameworks for Baseline Assessment

NIST – National Institute of Standards and Technology

ISO – International Standards Organization

CIS – Center for Internet Security

FISMA – Federal Information Security Management Act of 2002

SANS – ‘SysAdmin, Audit, Network and Security’ Institute

CSA - Cloud Security Alliance

PCI – Payment Card Industry [Data Security Standard]

National Cybersecurity Center of Excellence

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 10

NIST Cyber Security Framework (CSF)

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 11

CIS Critical Security Controls

Auditing, Assessing,

Analyzing:

A Prioritized

Approach using the

Pareto Principle

80/20

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 12

The Fundamentals - Key Security Risks in the Workplace

Failure to cover cybersecurity basics

Not understanding what generates corporate cybersecurity risks

Lack of a cybersecurity policy

Confusing compliance with cybersecurity

The Human Element– the weakest link

Bring your own device policy (BYOD)

Cloud Providers

Funding, talent and resources constraints

Lack of information security and awareness training

Lack of a recovery plan

Lack of data classification and destruction measures

No Metrics – need to monitor, measure & report

IOT- Asset Inventory

Chasing the wrong priorities

Lack of Cyber Risk Management as a cross-functional practice

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 13

Looking at Defense in-Depth

The Data is the key to the kingdom.

Know how long to keep the Data.

An unenforced policy is a suggestion.

Privacy Laws vary and need to be considered. If

a Control can’t be proved, it doesn’t exist.

Confidentiality, Integrity, Accessibility.

Know who has access to your Assets.

Know the Value of the data being protected.

7 lenses for your data. (Plus the Data.)

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

14

Source: ISSA CISO Forum, ”Risk v Security-Defense in Depth”; Philip Mahan ,2015

Cybersecurity Risk Management Checklist – General

Establish GRC – Cyber Committee, Benchmarks and Reporting

Establish a baseline with periodic Cyber Risk Assessment; update controls and risk profile

Username and Password Protection

IAM -Control Administrative Privileges and Access; monitor and review Qtrly

Scheduled and Automated, Routine Software Updates and Patching

Implement and Monitor: Anti-Virus, Email, Email Attachments and Website Filters

Only use Secure Standard Operating Systems; Remediate XP, Window 7 to Windows 10 or

current OS

Perform Regular Backups, Test Backups and Encrypt ‘crown jewels’

Provide Qtrly Cybersecurity Awareness Education

Oversight, review & due diligence of external 3rd & 4th parties, business, technology &

operations – Third Party Vendor Management Program (TPVMP)

Examine and Assess Cyber Hygiene of Clients, M&A candidates, Vendors, Partners,

Seller Firm

Adopt a MDM , Mobile Device Management Policy and Encryption Policy

Implement 2FA, Two-factor Authentication on all devices, especially BYOD

Develop and enforce Policies & Procedures ; Information Security Policy

Define, Plan and Test > Business Continuity, Disaster Recovery, Incident Response and Crisis

Plans

Establish a Culture of Awareness, Accountability and Responsibility

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 15

Cybersecurity Risk Management Checklist –

Email and Data Access

Secure Your Websites- ‘https everywhere’

Passwords should be complex phrases and changed from the vendor defaults on all software and devices

Encrypt & Segregate ‘sensitive’ and critical Data ‘at rest and ‘in transit’

Cloud Providers- conduct 3rd & 4th Party Risk Assessment and due diligence

Social Engineering – Phish , Vish and Smish your workforce (Leadership especially)

Ensure logging is adequate, monitored and retained with appropriate level of alerts

Limit Access to Credentials; Validate Quarterly

Implement Multifactor/2Factor Authentication-authenticates : Who you are, What You Know or What You Have Access to

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 16

Cybersecurity Risk Management Checklist –

Network

Define a company policy and controls for Network Access,

Updates, Resiliency

Secure Online Activities; limit accessible websites

Filter Downloads- only trusted sites; downloads need to be scanned

Ensure Routine Backups, with redundancy offline

All devices must be authorized to connect to the network

Establish a Social Media Policy and Enforce

Cybersecurity Awareness Education

VPN only for sensitive and critical information

Implement Intrusion Detection and prevention mechanisms

Whitelist the Applications to only allow trusted software

WiFI- Enable encryption and segregate: Guest, Internal and Confidential

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 17

Takeaways & Best Practices for Sustainable Cybersecurity Establish Leadership to Foster a Culture of Cybersecurity

Adopt a Risk-Centric Approach to Cybersecurity- Communicate the Big Picture

Know Your Risk

Have a third party conduct an independent risk assessment to determine risks,

key threat vectors, mitigating controls and ability to recover

Classify your Data

Obtain Inventory of Assets, The inventory should include both technology and

business process. You can’t protect it if you don’t know that you have it, where

it is, how it is used and what the dependencies are

Assess Your Cybersecurity Hygiene

Establish strong physical security

Focus on the Basics

Policies & Procedures

Educate the workforce, test, re-educate

Phish EVERYONE, including C-Suite

Define and enforce password policy with security questions

Patch Routinely, Backup Often and Segment Backups

Implement 2FA

Signature Based Antivirus /Anti-malware

Encrypt at Rest and in Transit (Air-gap computers , as needed)

Ensure Adequate logging; retain > 205 days

Explore Cybersecurity Insurance – make sure it covers productivity loss, data restoration,

technical and legal expenses and correlated to risk assessment findings

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization.

18

How Can MP Global Ventures Help You?

MP Global Ventures, LLC – Services Cybersecurity, Risk Management, Privacy & Technology Advisory Services

Engagement

Cybersecurity Strategy Definition

Cybersecurity Assessment Based on Industry Framework

Roadmap to Remediation

Oversight & Implementation of Remediation Program

vCISO – Chief- Information-Security- Officer-as-a-Service

Virtual ,Trusted Advisory Security Services

vCIO

Virtual, Trusted Advisory Chief Information Officer Services

Other Offerings

Third Party Vendor Management Program

Cybersecurity Policy ,Procedure and /or Guideline Review and Development

Disaster Recovery Planning (DRP)- Processes, resources, and capabilities to reestablish ongoing

operational and system requirements

Business Continuity Plan and Business Impact Analysis- BIA/BCP- Facilitates establishment of operations

at an alternate site, until the firm can resume operations

Incident Response Plan (IRP )– Plan, Policy, Playbook and tabletop test to immediately respond to a

cyber incident, Data Loss, Ransomware, and Outages

Crisis Management Plan (CRP )– Plans to address immediate threats and catastrophe to ensure safety,

business resiliency and technology resiliency

Identity Access Management

Cybersecurity Risk Management Program and Planning

Cybersecurity Budget & Planning

Cybersecurity Awareness Training

Steering Committee/ Board Presentations

Partner and Referral Program

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 20

Questions?????

Copyright © 2019 MPGV. No part of this presentation may be reproduced in any form without prior authorization. 22

1

Business Law Section Council – LEGAL UPDATE – June 2019

Case Law Update

Gasic v. Marquette Management, Inc., 2019 IL App (3d) 170756 (Opinion Filed May 17, 2019)

HOLDING: The Appellate Court answered the certified question presented to it in the affirmative, finding that a legal entity (such as a corporation, for example) can under certain circumstances be considered a “person” for the purpose of imposing civil liability on the legal entity itself under the Gender Violence Act.

The plaintiff sued an individual, Jose Canales Jr. (“Canales”), and the property management company for whom he worked as a maintenance engineer, Marquette Management, Inc. (“Marquette”), for damages stemming from a sexual assault that Canales committed against the plaintiff in her apartment. That apartment was part of a complex that Marquette managed. One of the counts of the plaintiff’s complaint sought liability against Marquette under the Gender Violence Act (the “Act”). The trial court dismissed the claim against Marquette under the Act with prejudice, finding that artificial entities are not “persons” who can be subject to liability under the Act, but permitted an interlocutory appeal to allow the appellate court to answer the certified question as to whether a corporation could in fact be subject to liability under the Act. In finding that the statutory duty imposed under the Act on “persons” could include artificial entities, the appellate court principally relied on Section 1.05 of the Statute on Statutes which provides that “persons” can apply to corporate and political bodies as well as individuals, and the growing body of caselaw treating artificial entities like natural persons.

Wei Quan v. Arcotech Uniexpat, Inc., 2018 IL App (1st) 180227 (Opinion Filed December 10, 2018, Posted May 17, 2019)

HOLDING: The appellate court reversed the dismissal by the trial court (pursuant to 735 ILCS 5/2-619) of the plaintiff’s conversion claim against Craig Piatti (“Piatti”), the president and executive director of the corporate co-defendant, Arcotech, finding no affirmative matter that precluded plaintiff from proceeding with his conversion claim against Piatti

The plaintiff’s complaint alleged that he entered into a written service agreement (“Agreement”) with Arcotech, which Agreement was signed by Piatti in his capacity as executive director and which Agreement indicated that a portion of the money paid by the plaintiff would be refundable if Arcotech could not secure an internship offer for the plaintiff. No internship offer came and Arcotech and the plaintiff entered into a refund agreement, but Arcotech never paid the refund and was eventually dissolved. Piatti argued that the refund

2

claim against him was a mere general obligation of Arcotech and the amount claimed was not subject to some special treatment by Arcotech. Piatti also claimed that, as an officer, he was generally not responsible for corporate debts and plaintiff did not allege any facts showing he should be treated differently. The appellate court found that plaintiff had plead the elements of a conversion claim against Piatti based upon his allegedly active participation in the unauthorized deprivation of plaintiff’s money, based upon the fact that, after the passage of the 120-day period in the refund agreement for the return of the money, Arcotech had no basis to continue to withhold the money, and based upon the fact that there was no debtor-creditor relationship between Piatti individually and the plaintiff. Futher, the court found that a claim for the conversion of money can be brought even if the money in question is not separately earmarked or segregated.

Legislative Update

Illinois Public Act 101-0008 (effective 1/1/21, conditioned upon the Illinois voters approving

a constitutional amendment to allow a graduated income tax structure in November of 2020)

This law changes the rate structure for state income taxes imposed upon individuals, estates and

trusts. Currently, there is a flat 4.95% income tax on all net income. This law would change that

structure to a graduated income tax rate. Taxpayers would be taxed at 4.75% for their first $10,000

in net income, at 4.9% for the remainder of their net income up to $100,000, and at 4.95% for the

remainder of their net income up to $250,000. Any taxpayers with more than $250,000 in net

income will pay taxes at rates between 7.75% and 7.99% on any excess net income over $250,000,

depending on the exact amount of their excess net income and their tax status.

Because the Illinois Constitution currently calls for income tax to be imposed on a “non-graduated

rate,” this law will not go into effect at all if voters do not approve a change to the Illinois

Constitution to permit a graduated income tax rate.

Submitted by: Desmond Curran, a partner with Sullivan Hincks & Conway in Oak Brook

3

Business Law Committee - Links for Committee Members

LinkedIn Group for Business Law Committee – DuPage County (IL) Bar Association

https://www.linkedin.com/groups/12013153

LinkedIn Group for DuPage County Bar Association

https://www.linkedin.com/groups/849357

Online Demand CLE on DCBA

http://www.dcba.org/ then log in.

From logged in on home page, go to bottom center of page beige bar to “Quick Links”. Then click

on “On Demand CLE”., which brings you to this page:

https://dcba.site-ym.com/?page=Online

Then go to “Click Here to Launch the DCBA Catalog”:

Which brings you to the IICLE Page at:

https://www.iicle.com/dcba?affiliateid=4&pagesize=12

Illinois Institute for Continuing Legal Education (IICLE) and the DCBA

https://c.ymcdn.com/sites/dcba.site-

ym.com/resource/resmgr/mcle_seminars/How_to_Access_OnDemand_CLE.pdf