0:05 – Michael Gibeault

Welcome to TCDI Talks. Today we’re digging into a challenge most legal teams know all too well: technology decisions made under pressure, quick fixes that stick around for a long, long time, and that constant feeling of reacting instead of planning. Our focus today is how legal teams can shift from reactive to proactive when it comes to long-term technology evolution.

To explore that, I’m joined by Dave York, TCDI’s Chief Client Officer, and Michael Ubaldini from Strategic Technology Solutions. Mike is a legal technology business development leader with more than 20 years of experience working alongside law firms to help them get the most out of their technology. He spent nearly two decades in the legal tech space, supporting everything from managed IT and cloud services to complex system migrations.  And he’s especially known for his relationship first approach and deep connection to the legal community.

So, today’s conversation brings together two companies that approach legal technology from complementary angles. TCDI partners with legal teams to deliver scalable, defensible eDiscovery and legal technology services, while Strategic Technology Solutions brings a virtual chief information officer (vCIO) and advisory perspective focused on planning, modernization, and security.

So, today, together, we’re going to be sitting at the intersection of strategy and execution and talking about how more intentional technology decisions can better support legal teams today and into the future. So, welcome, gentlemen.

2:01 – Dave York and Michael Ubaldini

Greatly appreciate it.

2:04 – Michael Gibeault

So, Mike, let’s start with you. You know, when we’re talking about this reactive legal tech, what it really looks like, from your advisory & vCIO, if you will, what does reactive technology look like inside legal teams today?

02:21 – Michael Ubaldini

Well, I would love to say we’re moving away from reactive technology services, if you will. But that’s never going to be the case. There’s always going to be, we’ll just say “fires to put out” in an ever-evolving technology landscape, whether that’s technology itself or cybersecurity. Now with the integration of artificial intelligence, it’s a never-ending target to hit.

So, we always like to try to be ahead of the game, but I think we’re always kind of playing catch up, especially with the threat actors out there that are leveraging some of these tools to get in. But, you know, being able to try to mitigate a lot of that reactive work is what we try to do from a consultative and an advisory services perspective.

And that really comes from, Michael, truly understanding the current state of a law firm’s technology landscape. Being able to take care and the time to invest in really asking the right questions of the right stakeholders to help understand:

• What their current technology state is?
• What they’ve invested in to get to that technology state?
• What was the outcome of that technology state?

And then really digging into, who does the firm want to be from a strategic perspective 12 months down the road, maybe even 24-36 months down the road, and being able to align that technology strategy and roadmap to the overall vision of the firm.

And what we’ve seen is that helps us kind of mitigate a lot of that reactionary type of service and create the more proactive and strategic level of service, helping eliminate some of the gotchas down the road and create some level of predictability, not just from a technology roadmap perspective, but from an investment perspective.

4:11 – Michael Gibeault

So, Dave, let’s look from the TCDI side. How does that reactivity show up when legal teams come to you in the middle of a matter or investigation?

4:23 – Dave York

So, it shows up in a variety of ways. I mean, the nature of what we work on is we’re in a reactive industry. You know, there’s a lawsuit, there’s an investigation, a DSARs request. So. the type of work that we are typically doing, it’s naturally very reactive.

You know, when you’re in the middle of a particular matter and you have to switch gears and change things up, I think that’s where, you know, looking at a holistic approach of not just the technology side, but having the defensible, solid processes, good people, good teams that are tied to those.

That’s where you’re able to kind of bridge those gaps and hopefully take something that’s reactive, not necessarily turn it into a proactive situation, because you’re trying to put out whatever fires you’re dealing with, but you can hopefully control the chaos a little bit more by having that intersection of people, process, and technology.

5:24 – Michael Gibeault

Dave, tell me what are your downstream consequences that you see when legal teams rely on short-term tech fixes?

5:33 – David York

One challenge with putting a Band-Aid on a problem is it might solve the problem for the moment that you’re in. But if it goes unchecked, if you don’t come back to resolving it, or if you know, you completely forget about it, because that happens, you could put a Band-Aid in place to solve something today, and it could be six months down the road before you might see issues from it. But, you know, it’s always going to come back to pay you back if you don’t address it.

And so, being able to, you know, quickly deal with those problems when they come up so documents can get out the door, documents can get to reviewers, data can get where it needs to go. Things can be troubleshooted the way they need to be troubleshooted, whatever the issue is that comes up.

You know, we learned this a long time ago when we started doing Lean Six Sigma in our company, is, you know, the definition of a problem is “what is and what should be.” And if you, in the short term fix the “what should be,” but it’s going to continue to not be fixed and resolved, you’re just going to keep dealing with the same issue over and over again.

6:54 – Michael Gibeault

Well, Mike, from an STS perspective, you know, from an infrastructure and security standpoint, what risks quietly build up when systems are patched together instead of planned?

7:07 – Michael Ubaldini

Yeah, it’s a great question. And it goes along a similar path that Dave was talking about where there’s so many times we go into a firm, and you sit there and you start having some meaningful conversations and the topic or the phrase comes up, “Well, we don’t know what we don’t know.”

Well, we want to help them figure out what it is they don’t know. And really going again, going back and lifting up the hood, rolling up your sleeves, and getting really invested in what their current status is and their current state is, gives us the ability to uncover where that risk and exposure lies. And then coming back to the firm and sharing, “Okay, well, here’s where your risk is, here’s where your exposure is.”

And being able to help eliminate a lot of the assumption that a lot of firms have with regards to their cybersecurity or their security environment. We hear a lot about, “Yeah, we’re fine. Everything’s fine,” because there’s a lot of assumption. But what really, truly controls do you have in place? Are you looking at all aspects of your environment?

And Dave touched on people, processes, and technology. What is end of warranty? What is end of life? You guys are in the technology, the software business. What products are sunsetted? All these areas. Do you have MFA in place?

All these are control areas that, if they are not intact, opens up exposure and risk. As long as we’re able to communicate that to the firms, to help them understand where their risk lies, now it’s up to them to determine how much risk are they willing to take on.

We would like for them to truly know and understand they shouldn’t be taking any on, any risk on. But it all depends upon their business. It all depends upon their practice. So, leaving that risk unaddressed could result in long-term problems, but it really comes down to what they’re comfortable or not comfortable taking on, if that answers the question.

9:13 – Michael Gibeault

So, if the goal is to stop patching and start planning, let’s talk about what that actually looks like. Mike, when you help organizations as you do, plan long-term, what should a legal technology roadmap realistically include?

9:32 – Michael Ubaldini

Like I talked about already, Michael, you’re going in and you’re evaluating the tools, technology, and people from all aspects.

You’re also, that involves the cybersecurity maturity aspect. It also involves, now with artificial intelligence, you know, really taking the approach of evaluating, if you want to call it all three pillars of, what has the firm invested in over the course of the last, we’ll say, 12-36 months? We like to say 36 months. What did that get them to? Where is their current state?

And when we evaluate all those components and start evaluating where they want to be as a law firm, and we’ll just say in 12 months, is there alignment? Is what they’ve invested in for the last 36 months? Is that going to be sustainable to get them to the next 12 months?

And if not, those are areas that we start kind of evaluating and say, “Hey, listen, these are the recommendations we make to create a sustainable roadmap for you to hit that goal in 12 months.”

10:38 – Michael Gibeault

So, Dave, how do you and the team at TCDI help legal teams align that roadmap with real world litigation and investigations and regulatory demands?

10:52 – Dave York

Yeah. Well, I think, first of all, one thing that we’re good at doing with our clients is realizing that it’s not a one-size-fits-all. There are different approaches for different clients. They have different priorities. They have different goals. They have different budgets that are aligned with what they’re looking for when it comes to a roadmap and what they’re planning ahead for.

You know, we’ve definitely seen that with the rise of GenAI, which has a variety of use cases that can be applied, and there’s not one silver bullet that everybody’s pointing to saying, “I want,” you know, “this particular thing to be on my roadmap and to be part of my plan.”

It’s, you know, the hot topic of the day may change week over week depending on what the priorities are. So, realizing that it’s not something that needs to be set in stone for everybody right out of the gate, that it’s flexible enough to adapt to each individual client, and then also knowing that each individual client’s going to have priorities that are going to change.

I mean, we see it all the time where, you know, we may start at the beginning of the year, sitting down, going over the next 3, 6, 12 months priorities for big projects for a client, and what that looks like 3 months in and 6 months in, could be vastly different. So, I think being flexible in that regard is key. And realizing that it’s not a one-size-fits-all, it’s something that really has to be customized and adapted to each client.

12:35 – Michael Gibeault

Well, like you mentioned, Dave, roadmaps are only useful if the timing is right. So, especially with technologies like cloud and AI, Mike, talk to me. How should legal teams decide when it is the right time to move to the cloud or modernize infrastructure?

12:54 – Michael Ubaldini

Good question. And there’s, I guess, it’s a blessing and a curse with law firms being late adopters to technology, because most of them don’t want to be that case study, that first beta tester of a new emerging technology, as Dave was talking about.

So, believe it or not, we’re still going into firms that have quite a bit of their environment or infrastructure on-prem. And most firms we come across, they are living in the cloud in some way, shape or form. Usually around Office 365, Microsoft 365, document management. In some degree, their practice management.

But there are some applications that are still residing locally. And in those environments we want to meet them where they’re at. You know, it’s not up to us to dictate to them how they do business. It’s up to us to help educate them on the most effective and efficient and secure way to do business. And in some instances, staying on-prem might be the best case for them, depending on capabilities they’re looking for, depending on functionality that they might be looking for.

Now we want to start having the maturation discussion about, “Hey, listen, if you continue in this environment on-prem, what are the risks that are involved from a security perspective?” And if you start having and entertaining that conversation of modernizing your environment, this is the value that it could bring to you.

I want to come back to what Dave had mentioned, because it’s a very important topic. And you started off this conversation or this question, Michael, with respect to the roadmaps, right? It’s all great, I think it was Mike Tyson that said, “it’s all great to go into a situation with a plan until you get punched in the face,” right?

So, it’s all great to identify these roadmaps and making sure these roadmaps are aligned to the vision, but if you’re not having those consistent cadences, whether they’re quarterly or monthly, whatever that time period might be, to revisit progress and what might shift and what tool or technology or migration to the cloud might make sense now, you’re going to kind of miss the boat. And you’re going to really do a disservice to that roadmap that we all invested time in developing.

15:19 – Michael Gibeault

So, Dave, talk to me from your experience. Where does AI genuinely add value in legal workflows today?

15:29 – Dave York

So, I think technically it can add value in many parts in a workflow, but where it is going to add the most value is where it makes the most sense for each client in each situation.

And what I mean by that is there, there’s a lot of different use cases. You can use AI at the point of collection, at the point of processing, at the point of doing early case analysis, data analysis, preparing documents for review, going through the review process and privilege review and production.

So, you can use AI throughout that entire workflow. But really, if you take a holistic approach with how you’re adopting it and how you’re using it, you’re not just using it for the sake of using it, because like, you can use AI at any point in the process, it might not make sense. And so, you know, starting when, I say a holistic view, starting with security, for example. If it’s not checking the security boxes, then it makes no sense going into the workflow, regardless of what value it may add. So, not losing sight of the security aspect.

Being mindful of the data side of things, making sure you understand where it’s going, how it’s being used, what’s coming back in the process and how to work with that data. And then also, you know, knowing if you’re going to be using it in a workflow, where does it fit in that workflow? And are you fixing one part of the workflow but breaking another part before or downstream?

You know, if you’re implementing something, and you want to make a positive change, you need to make sure that you’re actually improving the whole process, not just one piece, and then creating more work downstream. That’s kind of that long-term planning that we were talking about.

And then, you know, there’s the people aspect of it as well. You got to understand how the teams are engaged with it. You can’t just roll something out and tell your teams, “Have at it.” There’s training, there’s understanding that it’s, you know, might be something that’s enhancing how they’re working or adding to what they’re doing. It may change how they’re engaging with data or technology.

So, you know, taking that holistic approach and holistic view, once you’ve done that, then I think you look at the specific use cases, look at the pieces of the workflow that make the most sense for you, and that’s where you’re going to get the greatest value.

18:08 – Michael Gibeault

Well, of course, technology is only effective if people actually use it. So, let’s sort of shift the conversation over to governance and change management if we can.

Dave, how do governance and training factor into successful legal technology adoption?

18:28 – Dave York

Governance is at the heart of defensibility. It’s at the heart of everything that we’re doing. I mean, it goes to process. That speaks to the process. That speaks to, “How are you going to get people engaged? How are you going to get them trained?”

Because you’re absolutely right. Yeah. You can have the best technology in the world, but if nobody’s using it, it doesn’t matter. So, certainly making sure that you’re aligned in all of those areas is absolutely critical.

Because you’ve got to…and that’s where the holistic approach comes into play. And part of that holistic approach is the people aspect of it and the processes that are tied to it. And that process is not just about training and usage, but it’s also about how to adapt when changes and issues arise, and making sure that you’re following those steps consistently, because that, again, it’s a marathon, not a sprint. So, making sure you’re looking down the road is certainly key.

19:36 – Michael Gibeault

And, Mike, from a broader governance and security standpoint, how can legal teams modernize while still managing that risk?

19:45 – Michael Ubaldini

Well, I mean, it’s kind of a repetitive answer to the question. It’s really, you know, I’ll use Dave’s term, a holistic approach, and really looking at all aspects of it.

And, you know, we talked about a little bit before again, going from the marathon and sprint analogy, when we take a look at that, and we’re kind of revisiting where we’re at in that journey, where we’re at in that roadmap, and being able to really identify what we’ve been implementing, what we are leveraging, what the team is using:

• Is it creating the results?
• Is it creating the performance?
• Is it creating the behaviors that we are looking for?

On the security side of it, and we talk about, you talked about training. I mean, who’s the most, who’s the culprits from a breach perspective, from a security perspective? We are. We click on something we shouldn’t be clicking on, and we go somewhere we shouldn’t be going, we download something we shouldn’t be downloading.

So, training is level one. And we talked about adoption too. And getting, there’s two aspects of adoption. One is yes, adopting the application or adopting the tool. Training the people to leverage the tool and technology the right way. But how much of the technology are they actually using? When a firm implements an actual application, are they using 25% of that application, or are they using that application to the full capabilities? And now we start talking about return on investments and being able to make sure that we’re investing in the right way, and we’re leveraging the investments appropriately.

So, being able to really, truly understand the holistic approach, and then revisiting in that consistent conversation with all the stakeholders involved, to once again start creating that level of predictability to a standpoint.

21:50 – Michael Gibeault

So, as we start to wrap up our conversation today, let’s talk some practical takeaways. Dave, what is one thing legal teams should stop doing when it comes to technology planning?

22:03 – Dave York

Stop skipping steps. You know, make sure you slow down to go fast. And not everybody skips steps. But you know, it’s when you’re trying to be reactive, when you’re in a hurry, that’s the natural human tendency, is to take shortcuts or skip steps.

But sometimes, I mean, it is so hard, especially in this industry, to slow down. To take that time and to think big picture, to think down the road. You know, there’s a lot of folks that are really good at it. And then even the best of us, it’s easy to get caught up in the chaos and just skip over those steps. So, in short, slow down to go fast.

22:54 – Michael Gibeault

And Mike, let me ask you this. What is one thing legal teams should start doing this year to become more proactive?

23:01 – Michael Ubaldini

Eliminate the assumption. Get as much knowledge and understanding of your environment, ofyour vision, as possible. You know, Dave touched it very, very well and eloquently. You know, slow down.

I wouldn’t even say slow down to speed up. I would just say slow down and take the care and invest some time in truly understanding, you know, the environment. And the more information, the more data we’re able to glean, the more assumption that we are able to eliminate, and the more predictability we can generate.

23:36 – Michael Gibeault

Well, Mike, Dave, this has been great. I really appreciate you guys joining me today. You know, clearly moving from reactive to proactive is not about chasing the newest tool. It’s about planning with intention, reducing the risk, building technology that can evolve with the legal team.

For those watching, what are your thoughts on how we can be more proactive in making long lasting tech decisions? We’d love to hear from you and let us know what you think! Use #TCDITalks on LinkedIn to join in the discussion.

Thank you both for joining me, and thank you all for listening. And we’ll see you next time. Thanks, Mike. Thanks, Dave. Take care.