Ethical Risks & the Human Element of Information Security: Insiders and Social Engineering

(510 Ratings)

Produced on: August 28, 2017

Course Format On Demand Audio

Taught by

Categories:

Course Description

Time 94 minutes
Difficulty Intermediate

Cyber security is often viewed as a technological field. Despite this, study after study has found that criminal hackers’ often low-tech “social engineering” attacks, malicious insiders, and even simple human error are the initial cause of the majority of data breaches and other security incidents. How do these attacks work? And what can you do to safeguard your clients and your practice?

Attorneys can also be held responsible for security incidents as a result of 2012 amendments to the American Bar Association’s Model Rules of Professional Conduct. These changes address the increasing use of technology in legal practice and the ongoing need to safeguard client and firm data.

Attorney and information security consultant Scott Aurnou will discuss the amended Rules and the basic steps needed to comply with them, including measures to secure confidential client and e-discovery information. He will provide a background of how electronic data and system access can be at risk from both external and internal attacks (as well as mistakes), outline methods used by attackers, and highlight key steps needed to mitigate risks facing law firms and organizations of all sizes.


Learning Objectives:

  1. Learn about ethical obligations under the ABA Model Rules pertaining to attorney competence, technology, and behavior-based security issues
  2. Identify and understand social engineering techniques
  3. Understand the types of human error that can place an organization at risk
  4. Examine the risk presented by malicious insiders
  5. Understand effective measures that can be taken to mitigate the effect of human error, insider, and social engineering attacks

Faculty

Scott Aurnou

The Security Advocate

Scott Aurnou, Esq., CISSP is an attorney and founder of The Security Advocate, which helps organizations with information security and data privacy issues. This includes privacy and security awareness training, security consulting, compliance with cyber security and privacy laws and related legal concerns.

Scott spent over a decade as a litigation attorney in the NYC area, and served as lead counsel for a private client services group at Smith Barney. He uses his legal, security, and business background to make complex information security concepts easy to understand (and even entertaining on occasion) for non-technical audiences. He has published security related articles in national publications ranging from the New York Law Journal to SC Magazine. In addition, he has created and delivered numerous presentations on information security and data privacy issues for executives, managers, and professionals.

Scott is a Certified Information Systems Security Professional (CISSP), Certified Information Privacy Technologist (CIPT), Certified Information Privacy Professional (CIPP/US) and a Fellow of Information Privacy (FIP). He is admitted to practice law in New York, Colorado, the U.S. District Courts for the Eastern and Southern Districts of New York; as well as the U.S. Court of Appeals for the Second Circuit. He is also the author of the Introduction to Information Security LiveLessons video training series for Pearson Publishing. 


Reviews

LS
Lowell S.

Super interesting

BH
Benjamin H.

very good

LC
Lisa C.

Very good and liked his humor.

SO
Sean O.

Outstanding, highly informational and useful

LS
Lars S.

Very comprehensive review of the topic. Impressive!

NO
Neil O.

Excellent and densely packed presentation.

SB
Sylvia B.

Good information

GT
George T.

Very good program

IH
Ingrid H.

very clear explanation of threats and how to avoid them; good information on methods of breach and resources to prevent them.

AB
Amber B.

This course was very interesting and informative and I will be sharing the information with my staff.

TS
Timothy S.

Best cyber presentation I’ve listened tooZ... offered practical advice and made product recommendations

AS
Antony S.

Good stuff

JK
John K.

The presenter actually made the course fun!

CP
Caroline P.

very interesting topic and good speaker

DF
Douglas F.

Outstanding presentation and references for further study. Truly awesome.

JP
James P.

good

MC
Marion C.

This is the best Law- line course I have seen

CS
Christine S.

Scott was Excellent!

BS
Benjamin S.

excellent presentation and speaker

DR
Dale R.

Actually worthwhile!!!

DR
Dane R.

Fantastic course. Highest level.

PC
Patricia C.

Great presenter. Watching all of his courses.

SK
Shelley K.

This was very informative and helpful. The presenter was excellent and gave a great deal of information in a way that was easy to assimilate.

SH
stephen h.

Excellent content and presentation. Would thoroughly recommend.

ED
Egbert D.

Very helpful and practical

KS
Kimberly S.

Much more interesting and engaging than I expected from a cyber security program. Good stuff!

WK
William K.

Very helpful and timely course

LO
Lisa O.

Outstanding presentation.

Load More

$89

$ 89 Ethics and Privacy & Cybersecurity In Stock

Accreditation

Get Unlimited Access to Lawline Courses

Unlimited CLE Subscription gives you access to take almost any course from our catalog and earn as much CLE credit as you need.

Try Unlimited