SOUTHFIELD – Join Motor City ISSA for a discussion on Information Security with a Guest Speaker from New York State.
Date: February 17
Time: 6 to 8 PM
Location: Register to receive the meeting invite.
Speaker and Topic Information
Scott Aurnou, Esq., CISSP is an attorney and founder of The Security Advocate
Teaching Cyber Security to Lawyers
It’s crucial that lawyers understand essential security concepts because they play a critical role in supply chain & vendor risk management, compliance, auditing, privacy, cyber liability insurance and others. Law firms themselves often handle the kind of sensitive data that attracts highly skilled criminal hackers. And yet, as an audience for security training, they are often overlooked and difficult to engage with most common security awareness techniques. As a result, very few attorneys have a solid understanding of security and teaching them can present a number of unusual challenges.
In addition to those working at law firms, attorneys within various organizations are responsible for a wide variety of administrative security controls including negotiating and drafting contracts. At many organizations they play a role in (and sometimes oversee) privacy and security awareness training via General Counsel’s Offices and compliance departments.
Lawyers also have a different relationship with applicable regulations (GDPR, HIPAA, etc.) than people in other roles. Not only are they required to comply themselves, but they typically have to ensure compliance in others via negotiating & drafting agreements, writing policies & procedures and sometimes conducting investigations and audits.
This presentation will include examples of what can go wrong when attorneys don’t understand the security implications of their actions (or inactions), as well as techniques that actually engage lawyers and encourage them to seek out security awareness training on their own.
