State's top security officer to speak on cybersecurity


 By Jo Mathis

Legal News
When Dan Lohrmann, chief security officer for the State of Michigan, addresses the Washtenaw County Bar Association’s Bench Bar Conference May 2, he plans to learn a thing or two himself.
 “This is an opportunity to engage a roomful of lawyers that are very knowledgeable and certainly have a lot to bring to the table as well,” said Lohrmann, referring to the 3.5-hour event at the Travis Pointe Country Club. “So I want to have an engaging and intriguing conversation.”
Lohrmann’s talk—“Cybersecurity:  Top Things That Keep Me Up at Night” —will include information about what lawyers as well as the general public can do to protect themselves in cyberspace. 
He said he’ll talk about how law firms can protect their data; hot trends and threats; some of the challenges the state faces, and important concerns regarding cloud computing, mobile data, mobile computing, and the fact that more and more employees are bringing their own devices to work.
Asked what he’d do about cyber security if he were starting a small business today, Lohrmann said technology would be third on his to-do list.
“Start with the people, then talk about the processes, then apply the appropriate technology to solve issues,” he said. “I’ve often heard experts say that 90 percent of your issues with data security, with cyber security, and physical security as well are people issues. So, do background checks on your people. Do you know whom you’re dealing with? You say, ‘I’m going to hire a student.’ That’s great. But have you done a background check on them? Are they reputable?”
Lohrmann said business owners need to know who has access to what data, and who may be seeing things they shouldn’t be seeing, and what sensitive and personal data needs to be protected.
“And then you apply the technologies,” he said. “You ask: What’s the best way to accomplish the function or do this task I’m trying to complete? What’s the process? What’s the flow? Do we want this on mobile devices or not? Do we need to make this available 7-24-365? Knowing these kinds of things can then help you apply the right systems.”
Lohrmann said there are many vendors who can provide great solutions in the fight to stay safe in cyberspace. 
But the problem is worse than the public realizes, he said, noting that because technology is ubiquitous in our lives, we can be lulled into a false sense of security.
“The bad guys are getting very, very good,” he said. “I come from an NSA background, and their big adage is, ‘You don’t know what you don’t know.’ The bad guys are getting sophisticated.”
Lohrmann said he’ll share some of the well-crafted social engineering tricks the bad guys use to get personal data.
“I hope people become more aware and more educated on the kinds of things that are happening,” Lohrmann said. “Certainly there are practical steps they can take, but most of all, they need to take this very seriously. All of us do. Our children, our families, our businesses, and certainly our law firms. This is a very, very important matter.” 
For more information and tips about cybersecurity efforts, go to


  1. No comments
Sign in to post a comment »