Skip to content
Legal Technology

Talking threat intelligence & organizational risk profiles at ILTA’s LegalSEC Summit

Kenneth Jones  Chief Operating Officer / Xerdict / Tanenbaum Keale LLP

· 5 minute read

Kenneth Jones  Chief Operating Officer / Xerdict / Tanenbaum Keale LLP

· 5 minute read

The strong link between legal technology and security for law firms and their clients became crystal clear during last week’s LegalSEC Summit, sponsored by the International Legal Technology Association (ILTA), as panels, discussions, and workshops underscored this critical relationship

The LegalSEC Summit, held virtually, followed ITLA’s return to live programming at its August ITLACON 2021 conference, which was a hybrid event occurring both online and in-person in Las Vegas.

The annual LegalSEC Summit offers two days around the topic of security for the legal industry, focusing on delivering premier information-security education to address the challenges specific to legal organizations.

One of the truly unique aspects of LegalSEC is the extensive technical content. The event is far more about technical action steps than managerial topics. Thus, the even becomes as much of a “can’t miss” for technical security professionals in the legal sector than anything else out there.

One of the interesting aspects of the Summit is how ITLA sought to make LegalSEC work well through the virtual medium by offerings such perks as Networking Coffees with Conversation Starters. Also, the advanced functionality of the event is supplied by Boomset Platform, which also provides the backbone technology of the sessions, such as polling, advanced Q&A, breakout rooms, etc. Vital social programs were on the menu as well, such as the Women in Security Networking Reception.

Joy Heath Rush, ITLA CEO, described the conference objective succinctly. “Security is legal technology — the two cannot be separated,” Rush explains. “It is through education that we will advance the technology. We have to continue to stay ahead of the curve, to stay ahead of the very real threats, or be left vulnerable and that is simply not a chance we can collectively take.”

The summit opened with a keynote address by Kristy Westphal, Vice President of Security Operations at HealthEquity, on the important topic of threat intelligence. Westphal’s opening salvo defined threat intelligence — a science focused on evidence-based knowledge, including context, indicators, implications, and actionable advice, about a security hazard which can be used to assist decision-making regarding the response to the hazard.


“Security is legal technology — the two cannot be separated.”


Westphal suggested methods to organize information into threat feeds and briefings (such as modeling, profile, hunting, and sharing), and continued by describing how threat intelligence adds value to the role of legal technologists as they help to defuse or mitigate harmful events. Westphal’s keynote closed by summarizing the State of Threat Landscape and some current interesting legal developments, including the Biden administration’s May 12. 2021 Executive Order about sharing threat intelligence data and a subsequent  30-nation meeting in mid-October to discuss counter-ransomware and threat intelligence topics.

“The key to threat intelligence is to tie it back to your organization’s risk profile,” Westphal concluded. “Everything else falls into place from there.”

Following the keynote, a series of technically oriented panels and workshops covered such pressing issues as Zero Trust, network segmentation tactics, Microsoft 365 compliance and security tools, how to develop cloud governance policies, ransomware reaction action plans, and how to assess and prevent third-party risks.

It may be helpful to peel back the onion slightly on one topic to help legal practitioners understand the direct value of LegalSEC, as I was involved in the curriculum for one session, the Zero Trust offering. A few of the key lessons learned in that session were the Castle Philosophy (in that you need more than a perimeter wall to fully protect against cyber-threats as internal walls and checkpoints are also essential), conditional access policies, and the mindset of Zero Trust that requires continuous verification and the commitment to the adage, “Never trust, always verify.” Indeed, it’s critical to adopt this mindset to guard against a culture of convenience that undermines efforts to properly secure an enterprise.


“The key to threat intelligence is to tie it back to your organization’s risk profile — everything else falls into place from there.”


In the Summit workshops, which offered longer sessions to delve into complex topics in more detail, topics such as How to Secure Your Hybrid Work Force and Incident Management were covered in detail, with the latter featuring a live-play of the popular Backdoors & Breaches card game, from Black Hills Infosec.

Then, of course, there is the value of networking, that events like LegalSec can deliver on — even in a virtual environment. In fact, the event highlight the value of volunteering with others in the legal technology industry. In my case, it provided me the opportunity to meet and work with industry experts such as David Forrestal and Rich Lilly (both top-tier independent security consultants), and Kevin Moore (a chief information security officer at a large law firm who has strong real-world practical experience). In the session for which I was responsible, Zero Trust, I found it tremendously beneficial in terms of expanding my knowledge and horizon on the security front.

All of these speeches, panels, and workshops continued to underscore the importance of the key theme of the Summit — evident in both the planning and the delivery: Developing technical content while also providing event attendees with actionable steps to bring back to their organizations regardless of the size or technological complexity of their law firm or corporate law department.