L-R Michael Hazzard, Jones Day; Richard Timbol, Davis Polk; Khurram Gore, Verizon; and Karl Schoen-Rene, Knights of Columbus. Photo: Ian Lopez/ALM Media.

Legal technology has no shortage of buzzwords—think of “TAR” and many others. The latest slew to take the industry by storm were the topic conversation in a Dec. 5 panel at ALM's CyberSecure event in New York.

Titled “What You Need to Know about IoT, AI and the Blockchain: Buzz Words Demystified,” panelists discussed how these technologies are changing legal and other industries, as well as the implications of their increasing use.

|

AI—Not Quite 'I Robot,' but a Security Game Changer

The first technology brought under the lens was artificial intelligence (AI), a term that Richard Timbol, CISO at Davis Polk & Wardwell, said he dislikes.

“I don't think the term 'artificial intelligence' is really reflective of the technology they're referring to,” Timbol said. “To me, AI is something you see in 'I Robot.' What we have is advanced programming that learns through systematic adjustments of the inputs and comes out with a smarter result.”

However, Timbol noted that what's frequently touted as AI has been “a game changer for security.”

“The black hats are working in milliseconds,” he said. They have “mass zombie networks of thousands of computers … [and] tons of computational power. And they can make decisions and scan your network and pivot within it.”

This speed is crucial, as human analysts can take days to weeks to find suspicious network activity, Timbol said, noting it's been estimated that it takes 187 days after a breach occurs for it to be detected. “I think AI is going to help that, because it's going to allow the analyst to be a force multiplier.”

Timbol said there's much hype around tools for tasks like moderating firewall hits, as now organizations have “thousands of servers” and “millions of events a day.” He also mentioned AI being used for determining “what's normal traffic, normal behavior in an organization.”

|

Betting on Blockchain to Address Supply Chain Kinks

The latest technology to get as much attention as AI has been blockchain. Khurram Gore, associate general counsel at Verizon, described blockchain as “a distributed ledger” with “a bunch of transactions strung together into a record, and that record exists in a whole bunch of places at the same time.” For information to be recorded to the ledger, it must promulgate through the ledger's nodes, operated by individual's with access. “How do we know [information is] right? The most number of nodes says it's right,” Gore explained, thus making it a “consensus model.”

Gore explained that this technology is useful “when people or companies or different organizations don't trust each other. It's a trust solution, meaning that there's a record out there being replicated across different places, and we're going to believe that that record is true.”

And this technology already appears to be bearing results. IBM announced this year that it's working with food suppliers such as Walmart to apply blockchains to the food supply chain. Here, the chain would run through the producer to shipping, storage and retail, helping determine the origins of issues such as E. coli or salmonella contamination.

Blockchains are also frequently discussed in the context of smart contracts, or as Gore put it, “a contract that smartly executes itself.” In these instances, agreements and the ability to execute them can be placed on the blockchain, so when an agreed upon event occurs, money or other assets can be transferred.

While this technology looks to impact everything from finance to issue-spotting, Gore explained that it ultimately asks us to place trust in a technology. Gore noted the possibility of an event stipulated by a smart contract not occurring but the end result still being executed, ultimately leaving the question: What recourse does one have?

|

IoT Prompting a Reboot for the Wireless World

The last and perhaps most widely-used technology to be discussed was the internet of things (IoT). Karl Schoen-Rene, director of IT security at Knights of Columbus, discussed the context of organizational security. IoT, he said, is an “example of a technology that has become ubiquitous, like the telephone or personal computer. I believe that the implications of having sensors and basically processors all around us every day leads to a huge increase in the threat window, the ability of bad actors to get at our organizations.”

As an example of how easily this could happen, he noted how two employees at his organization had brought Amazon Alexa devices into the office. Luckily, they were detected by the organization's wireless units and removed.

“It's human beings trying to make their lives more efficient, and I think we will see a decrease in the interest in privacy for the increase in the ease of living your own life,” he said. But from a technical security perspective, this makes it harder to enforce a security perimeter and control what devices are allowed to enter.

Therefore, the security focus shifts from keeping track of devices coming in to controlling the sensitive data itself. Here, Schoen-Rene said, encryption and other security technologies come into play, allowing any data “used in any ways” to be detected by a monitoring system.

|

Peering Through the Hype

The three technologies in discussion have generated much hype for being transformative and revolutionary. But how much do they actually live up to expectations?

Timbol noted that the term AI alone is hype, so much that there's currently disillusionment with it. This is because the AI technology organizations are purchasing isn't the silver bullet they may have been expecting. However, he noted, the sheer computing power of AI has “changed the game dramatically.”

With blockchain, Gore said that “we're at the height of the hype cycle.” Yet this has positive implications, as more entrepreneurs can find use cases for the technology, the success of which depends on what Gore called the “social element.”

Meanwhile, IoT technology may just be in the early stages of takeoff. Schoen-Rene said that every manufacturer he knows is already putting sensors in their consumer devices. While they may not know how they'll apply them, they'll possibly be collecting and selling information.

“There are uses of this they haven't even become conceptually aware of yet,” he added.

Gore noted that the tools in in the near future will likely combine all three of these technologies.

“It's a really interesting time, because the cost of entry has gone down, and we're going to see a lot of really great ideas and a lot of terrible ideas that don't succeed. And we'll see them across all three categories,” he added.