Federal rules now require institutions to manage their data so it can be produced quickly and completely if demanded by district court cases.
In this session Deputy CISO David Matthews will use his first-hand experience to provide your organization up to date information and documents on:
Compliance with Federal Electronically Stored Information (ESI) standards;
Real life case studies and examples - Do's and Don'ts;
Actual e-Discovery documents and samples.
How can your institution be affected? Matthews shares recent case law about e-discovery issues, and he walks you through real situations he's encountered -- and how he's responded successfully. He also shares samples of the policies and documents he's prepared to improve ESI procedures in his own organization.
As Matthews emphasizes repeatedly: When it comes down to a court case, it doesn't matter what your policy says - what counts is 'What procedures did you follow?'
In December of 2006, the Federal Rules of Civil Procedure (FRCP) were revised to require organizations to manage ESI such that it can be produced quickly and completely if required by civil cases in U.S. district courts.
The challenges for organizations are that ESI:
Is often stored in greater volume than hard documents;
Is dynamic and often can be modified simply by turning off a computer;
Can be incomprehensible when taken out of context;
Often contains meta-data that offers greater context to the information.
And then there are the issues of creating - and enforcing - records retention policies within your organization, so you're prepared to respond effectively when summoned by the law.
In this session, David Matthews, Deputy CISO for the City of Seattle, will walk through electronic evidence issues of which you need to be aware, including:
Recent case law;
Case studies from the e-discovery trenches;
New e-discovery issues inherent in cloud computing and social networking.
Matthews will leave you with strategies for integrating e-discovery into your organization's existing cyber event management procedures.
former Dir. of Incident Response, Expedia; Principal Consultant, Public Sector Cyber Security Contracting Services
David Matthews has worked in the information technology (IT) field since 1992. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city's information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city's law department as part of his collaboration with them on e-discovery issues.
Matthews is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers.He is also the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association's Science and Technology and Electronic Discovery committees.
David holds the titles of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Digital Recovery Forensics Specialist (DRFS), and CyberSecurity Forensic Analyst (CSFA).