Agentic AI is changing how legal teams work—enabling faster decision-making, better use of internal knowledge, and automation of high-value tasks. This conversation explores the real opportunities and serious risks that come with putting AI agents to work in law firms and legal departments.
⬥GUESTS⬥
Frida Torkelsen, PhD | AI Solution Architect at Newcode.ai | On LinkedIn: https://www.linkedin.com/in/frida-h-torkelsen/
Maged Helmy, PhD | Assoc. Professor - AI at University of South-Eastern Norway and Founder & CEO of Newcode.ai | On LinkedIn: https://www.linkedin.com/in/magedhelmy/
⬥HOST⬥
Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com
⬥EPISODE NOTES⬥
Agentic AI is rapidly moving from theoretical promise to practical implementation, and few sectors are feeling this shift as acutely as the legal industry. In this episode of Redefining CyberSecurity, Sean Martin is joined by Frida Torkelsen, a Solution Architect, and Maged Helmy, a professor of AI, to explore how law firms and in-house counsel are applying AI agents to reduce costs, improve efficiency, and unlock strategic capabilities—while navigating critical privacy and security concerns.
Frida explains how large firms are seeking to extract value from their troves of historical legal data through bespoke AI agents designed to automate workflows and improve institutional knowledge sharing. Smaller firms, on the other hand, benefit by building narrow, purpose-driven agents that automate core functions and give them a tactical edge. This democratization of capability—fueled by faster iteration and reduced development cost—could be a strategic win for niche firms that are disciplined in their focus.
Maged emphasizes the architectural shift AI agents introduce. Unlike static queries to large language models with fixed knowledge, agents access tools, data, and live systems to execute tasks dynamically. This expands the use case potential—but also the risk. Because agentic systems operate probabilistically, consistent outputs aren’t guaranteed, and testing becomes more about evaluating outcomes across a range of inputs than expecting deterministic results.
Security risk looms large. Maged shares how a single oversight in permissions allowed an agent to make system-wide changes that corrupted his environment. Frida cautions against over-permissive access, noting that agents tapping into shared calendars or HR databases must respect internal boundaries and compliance obligations. Both guests agree that human-in-the-loop validation is essential, especially in environments with strict data governance needs.
Law firms must reassess both internal information architecture and team readiness before implementing agentic systems. Start with a clear understanding of the business problem, validate access scopes, and track outcomes for accuracy, speed, and cost. Legal tech teams are forming around these efforts, but success will depend on whether these roles stay grounded in solving specific legal problems—not chasing the latest AI trend.
⬥SPONSORS⬥
LevelBlue: https://itspm.ag/attcybersecurity-3jdk3
ThreatLocker: https://itspm.ag/threatlocker-r974
⬥RESOURCES⬥
Newsletter: The Law's Great Recalibration: Inside the Tech-Driven Puzzle of Legal Firm Transformation: https://www.linkedin.com/pulse/laws-great-recalibration-inside-tech-driven-puzzle-sean-martin-cissp-clnoe/
⬥ADDITIONAL INFORMATION⬥
✨ More Redefining CyberSecurity Podcast:
🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast
Redefining CyberSecurity Podcast on YouTube:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/
Interested in sponsoring this show with a podcast ad placement? Learn more:
[00:00:00] Sean Martin: And hello everybody. You're very welcome to a new episode of Redefining Cybersecurity here on ITSP magazine. It's been, uh, a whirlwind of a few weeks here. Uh, so you, you may have caught a few episodes more on our on location as we covered RSA. See conference in San Francisco, and, uh, a lot of, a lot of topics there.
So I, my episodes here on redefining cybersecurity have been a little, uh, a little slow to come together. Funny enough, this topic was front and center at the conference. In fact, uh, agentic AI and, and more so its role in, in security and then also the impact on risk and privacy for organizations and society at large.
So I'm thrilled to have this conversation. Um, it was driven by, uh. Basically me attending Legal Week in New York a few weeks back, and a ton of people in the legal space saying they're opening [00:01:00] up the, uh, up the coffers and letting lawyers and, and others in the, in the firm write code write agents and do stuff for the firm that engineers would do and, uh, and others would do.
And I, I think it's driven by a lot of desire to. Under pull information together in ways that wasn't possible before, and automate things that might have been difficult to do, with just a single engineering team. So we're gonna get into some of this and I'm, I was thrilled to meet Frida, at the same conference.
I didn't get to meet again there, but, uh, I had a, had a chance to chat with Maged. you both for joining me for this conversation today.
Frida Torkelsen: Thank you very much for having us.
Sean Martin: Good, good stuff, and thanks for my, uh, for sitting there as I rambled on. But, uh, so it's interesting, I often look at, look at security with a wide [00:02:00] lens, uh, not necessarily in, in. relation to any particular sector. but having attended legal week, uh, this, this particular space struck me. So, um, and the two of you work deeply in this space as well, hence your presence there at the, at that, uh, event. we get into the topic, maybe a few words from each of you about your role and, uh, and then we'll, we'll get into the topic, freedom.
Frida Torkelsen: Yeah. Uh, hi. My name is Frida. I work as a solution architect at New Code ai, and uh, my role is very customer facing one. I help law firms implement AI into. Uh, their businesses and really implement that into their workflows. And so we work with law firms. We also work with the government sector, and I do courses and, uh, onboarding as well.
Sean Martin: Perfect again.
Maged Helmy: Thanks. Uh, so I'm the CEO and, uh, founder of New Code ai. Um, I started my AI journey eight years ago. Uh, I'm an AI engineer by, by training and by [00:03:00] education where I completed, uh, my PhD in artificial intelligence from the University of Oslo. Um, and then I went on and I became an associate professor, um, and then started new code. Uh, my focus really is designing AI agents, uh, and making sure that our end users get the best in technology, um, while not compromising on security or quality or accuracy and for today's matter costs.
Sean Martin: Exactly. Exactly. Well let, let's start with. I guess the, what law firms and, yeah, I certainly wanna look at law firms, but also inside counsel within organizations that may have business processes that can benefit from tapping into AI and, and building that are purpose built for specific tasks. what's the, let's look at both of those. What is the, well, actually, yeah, no, let's stay there. What? What's the. the main goal? [00:04:00] What are, what are firms trying to do and what are inside council teams trying to accomplish as they look to agents and agent tech, ai and, and maybe even just the broader ai. Um, yeah. So who wants to take that?
Maged Helmy: Yeah, I can, uh, start with that and definitely hand it over. Um, so the main sort of like when we started the generative AI journey, um, into law firms, main, um, architectural design of interacting with large language models was, um, sending a query to the large language model and then getting an answer directly. when you interacted with the large language model, the information that this model had was frozen in time, which people would refer to, um, the knowledge cutoff. So if you ask it about recent events, if you would ask it about recent changes in regulation and laws, it will either give you a completely inaccurate answer or it will tell you, I don't know. Um, in, in both cases, [00:05:00] um, the user would refer to this as hallucination. Now whether that's the accurate term or not, um, we can have a whole new podcast on that. Um, but the idea is they're not getting the information that they know very well Should be the reply, um, to that query. Um, and, and many methods came out of that.
So we heard about, uh, rag, which is a retrieval augmented generation. Then we heard like it went deeper into something called knowledge graphs and the likes. Um, what agents do is they add a new flavor to the mix, and the idea is that when I ask the large language model a question, instead of it relying on its frozen information and time. It either has access to a plethora of tools, um, where it can go into these tools, try to retrieve the latest information. That could be, um, a curated knowledge base that could be the internet, or could be u trusted URL websites, um, and touches these information to the large language models where it can then start acting on it and giving the reply to [00:06:00] the user. that basically opened up a whole new world of possibilities and a whole new world of use cases. Um, whether that's completely new use cases that were not possible with large language models or existing use cases that have gotten five to 10 x boost because the large language model is no longer frozen in time.
Frida Torkelsen: Yeah, and I wanna comment on that as well, that I think that in the large law firms and also the in-house teams, then as you mentioned, they might have slightly different, um, targets when it comes to developing AI agents. As the large law firms, of course, they have so much data and they really wanna make sure that they're utilizing that.
So we hear a lot of requests for people wanting to really, uh, benefit from that and extract the value that is. In all that experience and all those years of data. Whereas with the in-house teams, they might have slightly different, uh, targets with that. Maybe they wanna help with specific processes they have, such as say, onboarding clients and automating that process, um, and really [00:07:00] focusing on their targeted use cases.
And then we also see a big variety in the different size of law firms as well, where there may be smaller and more niche firms. They can really benefit a lot it seems from, um, structuring such processes with the help of agents, uh, that are specific to what they do, what they specialize in. 'cause you have these niche, uh, expert firms that.
Maybe they only specialize in two or three specific workflows. And so by putting in the effort to really develop agents for that kind of purpose, so uh, much of your workflow is actually then able to be driven partly, or um, quite a large extent now by these agents. And so this really see a big return on value on that as well.
So I think they will have slightly different approaches in how they choose to, uh, enable that technology within their firm.
Sean Martin: And are they, so when, when there's shiny new. Bells and whistles and technologies available. There's a couple different paths one can take, right? Which is, it's very [00:08:00] clear what what's possible, and I want to apply that thing to an existing process or part of my business. the other is, I have no idea what's possible.
Let me now explore all the new capabilities and see if there's something new and. So I'll, I'll stop there 'cause I have a different question as well. So what I, I presume it's both paths people are taking, but, uh, what, what are you seeing as, as, as law firms and inside council kind of explore what's possible with, with Agen ai?
Maged Helmy: When it comes to the, uh, law firm side, uh, what we're looking into is, uh, using AI agents, uh, to retrieve the best historical cases, um, that has, uh, that has maybe, uh, made them win. Um, understand what was the dynamics of the use cases that helped them win that case, and basically use that for a similar current use case instead of starting [00:09:00] all over. Um, and in larger, uh, law firms where they have multiple offices. Across multiple locations where perhaps maybe they cannot use the same partner or the same lawyer for a similar case the next time they wanna make sure that the knowledge, um, is inherited to that new use case. Uh, and that, that is where technically you're building a, a, like the Google search engine, uh, for a law firm.
Uh, only that it's not tagged, only it doesn't have metadata, um, only that it's stuffed. There with 20 versions, um, at different times. And oh, by the way, the latest version is not the version that we use. It was three versions earlier, but we don't even know, um, working with find that information. So, um, this is where AI agents can come in handy.
Not, not all the time, but can come in handy, um, to, to help the larger, uh, law firms, um, um, use, um, existing information or. Um, and, and when it comes to in-house, um, it's more of like [00:10:00] reducing the reliance on law firms. When do we really need to, um, call the lawyer from that law firm, um, so that we can reduce our bills and instead rely on a tool, um, that can, um, reduce our reliance on that. Um, I mean, some in-house have multiple law firms. Uh, usually the bigger and the more critical, the more law firms that they have on their, um. So in that case, they might be looking into, do we really need that or can we create a specific agent, um, to automate that aspect. Um, I wouldn't look into a hundred percent automation, but at least can we cut down the bill by 80% because we don't need, uh, someone to sit and do all these, um, steps right there. So these are the two, uh, top use cases that comes out of my mind, but I have many more.
Sean Martin: And maybe, so a picture from you, Frida. 'cause you're, you're looking at this thing from a big picture architecture. How does this fit into the, into the organization? [00:11:00] I'm just curious. again, touched on a few cases that touch data sets. Um, so there's internal, there's I'm sure public record.
There's, um, I don't know what, what are, are all the data sets that, stuff can tap into? I.
Frida Torkelsen: Yeah. Um, well of course with the agents there are a lot of options for that. So you can tap into the data sets and you can also then enable it to use tools to create extent. So, uh, for the data sets, uh, a lot of law firms are exploring how to really get the most out of template libraries, for example.
Reference texts and also in-house materials, as Maje was mentioning, um, really the previous cases that they have a good experience with in getting that out. Yeah. Um, additionally, you could also say, for example. Consider including calendars and including, um, access to, for example, who in the firm has experience, um, with a certain type of case or, uh, [00:12:00] have gone through a similar contract before, for example.
Um, so there can also be these types of, uh, internal databases, uh, more on the HR side of things as well. Um, so that might be some of the databases to use.
Sean Martin: What, so you mentioned calendars and it just. Struck a thought for me, and I'm sure we can think of unlimited number of use cases, but I'm curious if, how, how strategic are in terms of, let, let's just look at, um, case law where, and I'm not first in all this stuff, so you'll have to correct me where I misspeak, but they're, they're putting together a case.
They wanna present a case, they have to file things. You mentioned the calendar, how. How strategic can a firm get using and LLMs and agents to, to, thinking, is it better to put something on the calendar next week or wait two weeks, or is there some other case that we wanna wait for that that's pending that will help [00:13:00] our case, or we don't wanna wait for that because it, the outcome of that one. Might impact our case. So it's a very, very specific scenario there, but strategic firms get with with this capability.
Frida Torkelsen: I think that's a good use case considering the workload of the firm, considering also who is available, uh, by having maybe access to an internal calendar and seeing which kind of expertise do we need for this particular case. Maybe the agent can then help, uh, structure your team for you, maybe even assign some tasks and consider, um, who will we need for, uh, this exact work process.
So I think that is a good capability of, of this technology. Yeah. Do you wanna comment on that?
Maged Helmy: Yeah, I would say, in terms of strategy, um, it. The agents do level the field, um, for many smaller law firms to have a tactical, uh, advantage, um, to catch up without necessarily having three, [00:14:00] let's say three, um, support, um, to each partner. I. Um, so the part that I see it could help is a lot of reduction on the unbillable hours, um, from that angle, uh, but from a different angle, um, to, to look into the, uh, automating these things. But if I focus on the strategical, uh, advantages, um, it will be going deeper. Into due diligence that you will no longer just having like a surface due diligence process or redlining. You can already offer a deep due diligence off the bat. Um, you will be able to have more tailored, uh, and better, um, drafting for each of the cases that comes to you, uh, rather than, oh, here is a template.
Um, we have 20 templates. Let's start from one of these templates. You're more like, let's start with a unique combination of these templates against the customer requirement. So the idea of customizations will also, and personalization to that user or to the client that's arriving to the law firm will be a great, uh, [00:15:00] strategic, uh, a great strategic advantage. Um, that's on one angle, but the main thing, um. That many law firms or many of the users of the system will have to consider is that the bar to actually create, uh, a personalized agent workflow for your law firm is now a bit higher. When we started working with large language models, it was more of like, okay, we will do a prompt for the whole organization.
This is a prompt, uh, for this group. This is a prompt for that group. And then there's like sort of like a mega prompt for everyone. Um, and then when prompts has reached their limits, um, because of the knowledge that are frozen in the large language models, um, fine tuning came into the picture and last year was a lot of talk about small language models instead of large language models. Where the idea of large language models can tap into multiple small language models in order to enrich its response. Um, but to create your small language models, then you needed to collect data. You needed to [00:16:00] train data, so it was quite expensive, um, and the cycles was quite long. So you would then need to trigger a three to six month project in order to create, let's say, a single small language model for that department. And the idea kind of just disappeared. It didn't like fade away slowly. It's like no one's talking about it anymore. And less than a year ago, this was like keynote, uh, in many large conferences around the. And the reason that happened is that agents has increased the iterations. You're able to build an agent in a day, uh, and you're able to iterate fast against a, let's say, against a folder that you know what the correct answers are against to measure the accuracy of the agents. But in order to get to the agents you need, uh, a very much a practice group that has a standardized process, that has a standardized way of doing things, letting the agent replicate this process to a great extent. And then applying it to, to, to your daily workflows. um, it, it does reduce the bar of having small [00:17:00] language models, but it increases the bar.
It's now more than prompting. It's not like, guys, we're gonna spend one hour teaching you how to prompt you more, you more will need like a selective group. Um, that's, that's, uh, curious and has time, um, to, to, to start building specific, um, genic flows. And then, I mean, if you wanna talk about security and the security, uh, uh, and the cybersecurity implications of these technologies, there's two ways you can do on, you can go on with this, you can just go to a supplier or a vendor. And sort of like rely on the genic designs that they do. It's a blue, it's a black box, you know, okay, I need five in m and a. I need one that's, you know, client friendly. I need one that's this friendly, or I need one that's, you know, more tailored to the Supreme Court in, you know, Eastern New York district or something like that. And, and you know, you can just be happy with that. Um, but if you go a tad bit deeper and you wanna start creating your own genic workflows, simply what you're doing is you're giving, uh, a large language model the [00:18:00] possibility to tap into a set of defined tools, um, to achieve the goal that you ask it. a very example, um. I, I had an ai, uh, I created an AI agent actually just few hours before this call. Um, and, uh, I gave it access. Yeah. And I gave it access to a terminal. And I, you know, and I said, you, you can do whatever you want on this terminal. You just need to achieve the goal. Uh, and that goal is basically, you know, I wanted, I wanted it to print, um, um, a specific set of references in a certain format at the end of each line. challenge with large language models is that it's probabilistic. So if you ask the same question many times, you never get the same answer. And that's by design. It's not a flaw. So what I was trying to do is I, I was trying to make it deterministic, um, by making sure that when you give me a certain answer, I trigger another loop that ensures, uh, that everything is following that same, uh, format. in order to do that, I gave it access to a terminal. Um, and, uh, it spawned the terminal. And what it [00:19:00] did is it actually went to this, um, repository and it pulled a certain set of code that would allow it to do it, uh, uh, in a very certain way. what happened is that it installed, it, it installed that, um, certain repository across my whole system instead of that specific environment that I've created it for. I sort of like, I've been doing software for eight years now, so I know that you should never do that, but I never instructed the LLM to not do that because to me that was obvious that it shouldn't do that. Um, why would you install it across the whole system when you're just doing it for this specific task? So it actually broke the whole terminal. Um, and it's fun because this was in my little sandbox. Um, but if you have these little gaps in cybersecurity, where, let's say when you, when you introduce this as like, lawyers can start coding, um, they don't, they, they wouldn't, a non coder would not necessarily know.
They have to create an environment. They might actually introduce breaking changes across the whole, uh, law [00:20:00] firm. So experimentation has to be, um, as we say, we need to measure the blast radius of experimentation. When something goes wrong, which will happen, what does that mean and what's the damage? Um, so that kind of taps into the cybersecurity part, is AI agents reduces the bar drastically for introducing. Um, devastating, uh, um, errors, um, which were not possible before, and not, not just with a single command, right? we have to also take that into consideration that that's a, that's a technology.
That it's, yes, it's very capable of executing great things, but on the opposite side, it cannot just be let out there without certain amount of training and certain amount of practice.
Frida Torkelsen: Yeah, that's very true. And also, as we mentioned, if you give it access to your databases and also to your calendars, uh, we should also be careful of that and what it actually has access to do and what it might do with that data. So yeah, limiting also the amount of tools it has and. Tailoring it to the [00:21:00] specific purposes that you're trying to achieve, rather than maybe unleashing it, um, without any clear
guidelines.
But
Sean Martin: I want to take a step back 'cause you, you're talking about a bar and one thing that's always on my mind as I look toward the future, not just with the AI and lms, but just in general with technology, especially when we start. Tapping into lot of publicly available data that everybody can use to use it for their business. I, I feel we set a, a common bar that everybody then follows. And only when you have your own unique perhaps your own unique data sets, can you. in and fine tune and, and create something new that everybody else can't do. so my question is, your view on that are, are we approaching a common denominator set of firms And only those with a lot of money [00:22:00] and, and a lot of, a lot of history of data, um, can actually survive or. And or are we setting ourselves up for a longer term win where more firms will, or smaller firms can come together and, and collect their own data?
I guess you, your kind of view of the big picture. Are we, are we heading towards something nice or, something, a little blah.
Frida Torkelsen: No, I think that this is what we mentioned before, that they might be the, uh, different size of law firms and the different specialties of law firms will have their different approaches to this kind of challenge. And I think that, uh, really automating one task to a great extent and doing that very well, I.
And specializing in your niche. I think that can really get a lot of benefits, uh, from this type of technology. Uh, so you might see that they are very competitive actually with these tools, um, in those specific fields that they have chosen their areas of expertise because they have access [00:23:00] now. To these, uh, AI based tools.
Uh, so I think that that is actually gonna be a competitive advantage for a lot of the smaller or boutique firms that, uh, have really found their niche. Uh, however, of course, uh, the larger law firms will also be able to implement these strategies across the different departments. Um, so yeah, I wonder how we're gonna see that shape out between, uh, the different larger law firms, uh, and how that is going to affect what they choose to priorities as well.
I think we haven't really seen the effect of this yet.
Sean Martin: So a long, a long game here is my, my guess. the, the other thing I wanted to ask was, so people hear me talk, I used to, used to be in, uh, well engineering and in quality assurance, and we would have really quote unquote, well-defined product requirements documents. system is. Should look like this, can do these things, shouldn't do these things. then the architect would get [00:24:00] involved to design it and the, the developers would build out a plan to build it and we'd have use cases and scenarios to test it. two questions here. When it's something really small, purpose built for one task. Do we skip that process of formalizing what it should and shouldn't do? And then that's where I get, get concerned with cybersecurity as well. And then also, even though it's small, um, because it's large language model driven and to your point, maged, that it's, that it can, regardless of the prompt, even it's the same prompt over and over and over. You get different results. The. The results are different. So you can't, you can't expect one thing to result in, in exactly the one thing. So how do you test that? So those two questions, probably big ones, but uh, your thoughts on both of those,
Maged Helmy: From, I can, I can say from a computer science part or from an engineering part. Um, [00:25:00] engineers are very used to, um, if I do this, I shall get that the time. If I do one plus one on this calculator in Norway, and I, you know, and I've applied to Japan and I execute the same, um, command I'm expected to get to, um, because it's, it's defined by some, it's defined by the engineering rules there. Um, and when large language models came in, um, as engineers, we were like, okay, how can we test this thing? Because we cannot say this is the expected output. What's a successful, um, outcome in this case? and the best answer we could come up with right now is to use another large language model.
Sean Martin: Right.
Maged Helmy: we describe to that large language model, if the answer is around these objectives and adverbs, it looks like it actually, um, got that answer.
Um, because this technology is super new, um, in, in the world of, uh, engineering, um, in, in terms of practical and industrial use, we, I wouldn't say there is a concrete [00:26:00] way to test it. As of now, beside using another large language model and sort of like checking from the human perspective how that, how, how that works. Now, will this be the case next year? Highly likely not, um, because the technology is evolving quite, uh, quite fast. Um, so that's sort of like my, my short answer, uh, when it comes to testing. Um, but that doesn't mean we should shy away from using it, uh, because at the end of the day it's large language models.
It uses natural languages, uh, sorry. It uses natural language. Um, and we as humans are more or less capable of, let's say, picking up a sample and testing it against the sample and scaling it carefully, um, with the big sort of error as you or the big, um, warning sign at it can contain mistakes, you know. Consider, uh, checking the output, but that doesn't mean we'll not, uh, start, uh, you know, eating the fruits, uh, very soon from this technology. Uh, especially the.
Frida Torkelsen: An important part of [00:27:00] that testing and validating the processes as well is likely going to be the human in the loop concept. Uh, where we do ensure that the steps, uh, along the journey of the AI actually makes sense and that we have someone validating that answer and really looking into the data and seeing that indeed it retrieved that information that I asked for is structured it in the way that I expected and it has repeatedly worked with a number of different files, for example, and I think that is gonna be an important part of.
Uh, implementation of this, uh, bespoke agent workflows. Um, and certainly in the beginning of the testing phases when you roll this out. Uh, and maybe before you unleash this until a whole firm, uh, maybe you'll have your specialized, uh, legal tech group or your AI in-house group, uh, that will, um, validate that before releasing it as a final product.
Sean Martin: So are these new people? Are these new humans in the loop or. Are, are they humans doing other things that now are [00:28:00] the workflows and the process and the, and the, the decisions that we're handing over to agents and, and the rest of the system that ultimately will blindly trust. 'cause I suspect we'll get to a point where we think it's okay and yeah, let's let it roll. Are these new humans or it doing this work?
Frida Torkelsen: Well, a lot of the large law firms, they have, uh, established these, um, ai, uh, legal tech groups or in-house groups that are focusing on the technology, uh, that I will roll out to the firm. And of course, uh, generative AI is a big topic in these groups. So we do see that a lot, a lot of the large firms.
Decide to go with this specialized role. And yeah, so in a way that is creating a, a new kind of role where you do have the expertise, both from understanding the legal perspective, but also from the technology side. And knowing what options are out there and what the tools are suited for and what it might be not suited for at the current state or ever.
And so I think that is a very valuable [00:29:00] perspective to bring, uh, to the firm. And yeah, that might be, uh, newer roles today.
Sean Martin: And our. And are these roles focused on being versed in AI and, and creating agents or are they versed in legal processes and language and data? I guess what I'm trying to figure out is what are they gonna know? Yes. The, the LLM and the agent returns, what I expect it to. That doesn't matter 'cause it still screws up the, the workflow and the process because that's not what the process
Maged Helmy: Yeah. Yeah, so it will not, um, these new roles, uh, will be agnostic. Um, because if we take, if we would look sort of like the journey since, uh, 2022 till today, um, that, that role initially, um, was, was gonna be called prompt engineering. And then the role last year was called, uh, language model Tuner. And this role this year now is called, uh, [00:30:00] genic, uh, engineer, and probably next year it'll be called something else. So I think, um, that role will simply be very much focused on addressing the existing pain points of the law firms. And based on this existing pain points of the law firms, what kind of tools can we go out there and pick up? Is it an agent, is it a prompt? Is it a, is it maybe just a standard good old fashioned software engineering, you know, um, um, with a web crawler. So I think the strategic law firms are not gonna focus too much on prompting or, or genic because anyways, these are gonna change, uh, with time as technology improve, but rather come out and say. Okay, here are our 10 pain, 10 pain points. This is our results when we use prompting. This was our results when we use genic ai.
Now, let's say technology y, we want to compare against agents and prompts in terms of accuracy, speed, and cost. Um, because certainly AI agents can solve a lot of problems, uh, the [00:31:00] prompts console. But hey, if, if one chat query costs you $200 instead of half a dollar, do you really wanna solve it with agen ai? So it's also important to take into, uh, into the prospect the triangle, you know, latency, uh, latency, cost, and, and quality. And it will always be against these three. And, uh, the successful law firms, um, will already have the benchmarks of the data they will keep into. Um, they'll keep into mind the technologies that I've used, and then they will track these metrics.
How much did it cost me? How accurate was it? And how fast did I get my answer? 'cause again, if you ask a query, um, and you get an answer back in, in, in two weeks, but the court case is tomorrow, you've done not, you've not done much if it cost you a dollar, uh, and it was a hundred percent accurate. Well, you know, so, so these are gonna be the three, the three parts and a very much, um, uh, companies, um, will be focusing on pushing sort of like the framework, um, to, to benchmark this at the moment, um, in, in the coming, in the coming [00:32:00] months.
Sean Martin: So I like those three points. The, uh, the cost, the speed, and, uh, the accuracy. And two of them. Kind of crossover into the cybersecurity world, uh, which has three letters, CIA, confidentiality, integrity, and availability. So the speed is availability for me, the integrity is the accuracy cost is not, um, the, uh, the confidentiality piece.
And so you touched on it in your use case, Maje, the, um, the. I'll just say the, the leak of the, the leak of the jewels across the system instead of in its own little sandbox or its own little environment. how, how are firms looking at risk from a cybersecurity perspective, specifically around, around the confidentiality of the data, um, which may be their own firm's data, but also the results of that. Which might have a broader set of data come coming together to produce a result that [00:33:00] they wouldn't want a competitor to see or they wouldn't want. Some bad actor who might get access to, uh, some of the witnesses are, right. That could then tamper with the witnesses. So there's a lot of fun stuff there.
So how, how do we, are firm's looking at this, uh, from a risk management perspective?
Frida Torkelsen: Yeah, I think there's an additional factor there as well, which is actually, um, whether you can trust the results, which is also a risk that. The law firms are currently focused a lot on, um, there have been some publicity about this and, uh, a lot of, uh, lawyers seem to be, uh, wanting to just make sure that they can indeed trust the answers that they're getting from the model.
And so I think that just providing the references to the text and really saying where the AI. Uh, got that information and providing some level of explainability is something that will really, uh, help to alleviate that stress and maybe, uh, ensure that, uh, the lawyers feel able to trust it and that they can indeed trust the results that they get [00:34:00] as well.
Sean Martin: Yeah, I heard a, heard a few judges and, uh, a few lawyers having a conversation that they were saying that, that the, the, the context of the response was important. So it may have been accurate
Frida Torkelsen: hmm.
Sean Martin: in its response with the data had access to, I. missed the piece of context from another case that it didn't have access to or, or some other data that it didn't have access to that really shaped the response or the results of how it should be used, um, is, uh, super interesting.
Maged Helmy: Um, absolutely. And for most of the, uh, law firms, um, the first thing that we usually start with is the, you know, the InfoSec team. Which is the, the security, um, where is our data being processed? And, and more and more, um, law firms and their security team are getting aware, uh, of the generative AI and the, uh, implications for that. initially in a typical, um, software, software [00:35:00] architecture or a system architecture, there were three components, more or less. I mean, there is of course a lot of small moving parts, um, but you can group it to three main components, and that is, uh, compute. So where is my data gearing getting processed? Um, and then you had the storage, um, where is, uh, my data being, being stored like physically? Uh, and then the third part, it, it fell down also into databases. Um, and databases were like, okay, so even though my files are physically stored here, um, where is the metadata to those files? Who has access to it?
And, and who can check it? Let's say, um, when you're debugging, when there's a debug session or when. And most InfoSec team are kind of used to these three things, these three questions, you know, database storage and compute. but when large language models came into the picture, they have introduced two new components, um, that did not exist before. Uh, and one of the main components is obviously the large language model. Um, so, so when, when you're computing or when I'm sending a [00:36:00] request, um, to a server to compute, um, where is the large language model hosted? Um, and in, in many cases, if you're using like a certain system, um, you're either sending it over to OpenAI, you're sending it to Azure, you're sending it to Gemini. Um, and that was a new, sort of like a new angle or a new property that they had to check. on, on that aspect. Uh, and the fifth part was what we call, uh, is the vectorized databases. So there was a new form of databases and that's called vectorized databases. And again, you needed to send, uh, your data somewhere for it to get to be vectorized in order for the large language model to be able to consume it. So it, there has been a lot of, let's say, a learning curve, uh, for the InfoSec team because more or less for the past 20 years, it's been static compute storage database. But now you have the vector database, which is different. Uh, and then finally, um, the large language model parts. So, um, uh, a lot of the, uh, there has been a lot of upskilling.
I would say going on for the past two years [00:37:00] when it comes to the use of generative AI in the legal sector, uh, and this upskilling, um, a as it goes back also to what you mentioned earlier in terms of the roles, again, um, this is also going to be like with ai. So again, it could be gener, it's large language models today.
There's no guaranteed, it's gonna be large language models next year. But the idea of that there is sort of like a determin, uh, a probabilistic system. Generating answers or generating output based on input queries is gonna be here for a.
Sean Martin: Yeah. And the, the thing that strikes me is, um, traditional networked environment, you have systems and databases and perimeter components, and, you might segment the network in certain ways, but, and you, you do that based on the applications you're deploying, right? These things run on these systems, have access to these databases, do these things. You start, you start introducing agents everywhere. Um, either [00:38:00] the ones you build yourself stuff, things other, uh, the vendors you use are adding to their systems. third parties that plug in. now what was a contained system that used to operate in, in its own? Can tap out and, and, and connect to a data set or coordinate with another agent, uh, across the network, which completely changes the game and, and messes up by network isolation and access control and all this stuff.
So how do you, how do InfoSec teams kind of that part of things at the moment?
Maged Helmy: Not, not only that, but it can also switch off the firewall momentarily to execute, uh, a certain, um, a certain, let's say a certain code and then switch it back on. Um, so how do you do that? Um, is by simply not introducing, uh, autonomous agents whatsoever as of today. That, that, that is, that like, if [00:39:00] you really wanna have zero risk, then you just basically not give it the capability because, um, the alternative is you're gonna describe to it, if the user asks you to do this, please do not switch off the firewall.
Um, but what you have to do is literally. Physically make sure it has no way to disable your firewall, um, or even brute force its way there by maybe introducing a, a very, um, uh, like you have to introduce a specific fingerprint, for example, for in order for it to. So the InfoSec, um, the InfoSec upskilling is gonna increase, or there's gonna be a huge new aspect when it comes to introducing our AI agents and the capabilities. Which ties back to a very good point you raised earlier about, is about how do we test it and how do we evaluate this? Uh, and the answer is, uh, we cannot, for 100% certainty. Uh, I say that, okay, it's not gonna do this and this or that because the very, the very good definition of AI agents is that it's autonomous and will achieve [00:40:00] the goal, um, with whatever means it.
Frida Torkelsen: It might also be worth to touch upon the fact that yes, we are worried about external risks of this, of information leaking in or out of the system or the firm. But in fact, the law firm also has internal security, uh, considerations to take care of because, uh, one department may not necessarily have access currently to another department sources.
It may be that two lawyers are conflicted out of actually knowing what the other is working on in detail. And so, uh, we also need to be careful about the information that is put in and where that might resurface even internally in the firm. Um, which is another kind of aspect of, of that security measure as well to consider.
Uh, specifically though, in the law firm.
Maged Helmy: That's a brilliant point, Frida because. Uh, it'll be, let's say that again, back to this, uh, idea of, you know, the bar is getting harmed lower the bar to, um, the bar to retrieve information, let's say, as an [00:41:00] inside job is now much, much lower, um, with the, if your, if your gen AI instance is not isolated to that user and your AI agent, um, is not sort of like isolated to specific dataset, you give it. You can, you know, you can with let's say, much less effort, um, ask it to figure out how to bypass that and fetch the information if it has access to a terminal. that aspect. So I think it's the external threats are there and they're always gonna be there. But I think there is an increase in internal threats, um, for, let's say, um, actors, um, that perhaps are not so loyal, um, to, let's say, get access to other information or more information or bulk download information that perhaps they were not supposed to.
Sean Martin: Uh, it's a fascinating world we're, we're moving into, and I, I, as we talk about the bar being set high or low, I, I, I don't feel it's being reset. I think it's just getting bigger. So the top [00:42:00] end is getting higher and the bottom end is getting lower. But, uh, it's gonna be fun to watch where this goes. I want to, I want to close with a message for. Audience, you're typically security leaders and security practitioners, I wanna specifically speak to, uh, legal, legal firms and insider counsel. Uh, maybe a a point from each of you, maybe a best practice as security teams and firms begin to, to tackle the space of agentic AI in, in their, in their operations. I don't know a word of advice or a good place to start or. do. Don't make this mistake or whatever. Whatever comes to mind for you. Who wants to go first? Frida.
Frida Torkelsen: Sure. Um, I would just, uh, reiterate this about making sure that you can validate what is actually happening in the system that you're creating. If you are venturing out to do agentic workflows, uh, yeah. Make sure that you understand, uh, what does the AI have access to. Uh, [00:43:00] what are you trying to achieve with this?
And also are you able to achieve that successfully? And does that achieve that successfully on repeated runs as well? Considering this potential for variety that we might have in the results.
Sean Martin: Jed,
Maged Helmy: I say do not release genic AI without running a proper readiness test on your, um, internal knowledge base and file storage.
Sean Martin: very good. Short and sweet. I love it. Well, you're, you're both amazing. I appreciate you taking the time to, uh, to spend with me to discuss this topic. Um, hopefully the broader cybersecurity I. can gain, uh, gain some nuggets here. Uh, and clearly we're speaking to, uh, to legal teams and the legal sector as well, uh, more specifically.
So I wanna thank all of you for listening and watching Freedom Maged. Thanks so much. Uh, [00:44:00] again, hopefully I'll get to see you. Uh. At some point in the near future, at some conference somewhere. uh, until then, keep well and everybody, thanks for, uh, thanks for watching and listening. Please do subscribe and share with your friends and enemies, we'll catch you on the next one.
Thank you.
Maged Helmy: Yeah.