How FedRAMP Security Authorization Can Help Federal Agencies and Businesses

LISA HAWKE

Machine learning deployed in cloud-based services gives lawyers powerful tools to sort and review new information, automating the discovery process. This makes it more efficient and allows legal teams to spend more time building cases rather than manually reviewing data.” Says Lisa Hawke, VP of Security and Compliance at Everlaw, in an exclusive interview with Enterprise Talk.

ET Bureau: Tell us about the growing relevance of the Federal Risk and Authorization Management Program (FedRAMP)?

With this recent achievement, Everlaw joins an exclusive group of cloud service providers in the U.S. that have achieved a FedRAMP Authorization, meaning their technology has met the FedRAMP security assessment, authorization, and continuous monitoring requirements for cloud products and services. As federal agencies look to modernize their technology, they must focus on deploying the most secure technology to protect data in cloud environments. Because any cloud services that hold federal data must be FedRAMP authorized, this program enables agencies to adapt their legacy IT solutions to more secure, cloud-based IT.

ET Bureau: How has technology modified the legacy investigation processes across the legal industry?

As the digital universe expands rapidly, litigators and internal investigators are tasked with mining through mountains of data and documents – the majority of which end up being irrelevant. Today, the amount of discoverable data and devices only continues to grow, especially in light of remote work that relies on video meetings, email, and chat. Technology, like machine learning deployed in cloud-based services, gives lawyers powerful tools to sort and review new information, automating the discovery process. This makes it more efficient and allows legal teams to spend more time building cases rather than manually reviewing data.

Read More: Patient Data Breach – Cybercriminals Targeting Healthcare Organizations

ET Bureau: Amongst the current COVID-19 crisis, how will the future of remote legal work change?

For the first time at this kind of scale, legal teams who are accustomed to building cases in person are determining their strategies while working remotely at home. Emailing document attachments back and forth and keeping track of multiple revisions is unwieldy and time-consuming. The pandemic has shown the need for technology that allows lawyers to brainstorm and collaborate in real-time, saving both time and effort. Acknowledging this need, legal teams are more likely to invest in collaboration software that will empower them to work together more efficiently, whether using remote or in-person.

ET Bureau: Can you guide us through the top data privacy and security concerns across the legal industry in the current times?

Lawyers work with some of the most sensitive information, including financial statements, medical records, and calendars that reveal the whereabouts, patterns, and behaviors in people’s private lives. Yet when that data becomes part of the discovery process, it enters a chaotic pipeline, passing through a variety of users, and any link in that chain can be the weak one that leads to a data leak or privacy violation. Legal teams are collecting more and more data with the rise in devices that monitor and log people’s lives, which means more data that needs to be protected.

Read More: COVID-19 – Majority of IT Leaders Expect a U-shaped Recovery

The legal industry needs to prepare to fend off a serious threat to the data they hold— law firms are contributing to the growing numbers of cyber attacks, data breaches, and leaks. A Law.com investigation last October found that more than 100 law firms had reported data breaches in the past five years, and those were just the reported cases. In the 2019 ABA Legal Technology Survey Report, one in four respondents said their firm had experienced a data breach. Meanwhile, hackers are targeting law firms by exposing or threatening to disclose sensitive client data on the internet if law firms don’t pay ransom fees. Insiders are also a threat, with 96% of IT leaders in the legal space citing insider breach as a significant concern, according to one recent survey.

Lisa Hawke is the VP of Security and Compliance at Everlaw. Before entering tech, she spent almost a decade in the energy industry working for BP in Houston, Texas, and a shorter time as a Law Fellow at the Center for International Environmental Law (CIEL) in Washington, D.C. In addition to her currently role, she is serving as a Board Member and Vice-Chair of Women in Security and Privacy of the Information Security Leadership Foundation.