True North.

Back to Blog

Charting the Course: Q&A with Nuix on What's Ahead in eDiscovery

From time to time, H5 likes to check in with other experts in the field of eDiscovery to get a fresh take on what may lie ahead in light of evolving data challenges. Today, we speak with Angela Bunting, Vice President – eDiscovery at Nuix.

Angela, thank you for taking the time to share your views with us on True North.

All companies in the eDiscovery space have to constantly adapt to changing forces. What have been the most challenging data trends that Nuix has had to consider in the past few years?

The growing volume and variety of data remains the biggest challenge for our customers—it’s certainly the one Nuix is constantly tackling. Over the past few years we’ve seen real changes in the way people work. They want to work in the most productive way they can in an “always on” environment. It has never been easier to download a productivity app onto one or many of our devices to get a team working collaboratively, sharing documents, and having conversations (audio, video or text-based).

The number of mobile devices now outstrips the number of PCs we use. In addition, people are comfortable speaking to and collaborating over these devices, especially when they can record the conversation to create a formal record of business to share with others. Of course, much of the data generated by employees when using these apps and devices is stored outside the realm of the corporate IT and legal teams. This “Shadow IT” was listed as the top concern of CIO’s in 2015 and I’d be very surprised if things were different this year. For Nuix, keeping up with being able to forensically process such a variety of data formats, devices, and stores is crucial for our customers’ business successes.

How have these developments impacted the eDiscovery and investigatory efforts that companies face?

Time is still the most crucial element when it comes to any legal or regulatory investigation or response. Having a wider array of data stores with their own proprietary formats has not made it any easier to find answers quickly. And that’s just the data stores you know about. Then there are the ones a custodian signed up for that you only find out about during a discovery or investigation. If you don’t understand the data stores a key person of interest might be using, or are simply ignoring a data store, this will not be seen favorably by increasingly tech-savvy judges or regulators.

It’s also essential to employ techniques and technologies that can help you get through those volumes of data in an intelligent way. It is no longer practical to view every document or listen to every audio recording, and in some cases the records created by these systems won’t mean a lot in their raw form. However, with the right expert advice guiding the right technologies to use and at the right time, you will see answers, trends, and perhaps even more questions appearing very quickly, removing the risks that time imposes. This is also true of all other efforts with data such as cybersecurity and governance, where time to answers can mean a lot more to a business than just sanctions for missing a deadline.

Can you share a real-life example of how Nuix faced a situation like this in an eDiscovery or investigation context?

It’s an older example, but it’s the time a few years ago when we were asked to process, deduplicate, search, and cull 330 terabytes of data from a series of obsolete email archives for a major regulatory request. There was no settlement option, time was of the essence, and the stakes were high. The incumbent technology vendor said this would be possible in a time frame of years, literally, but we put together a solution that ingested all the data in 45 days. It took an in-depth understanding of the way archives and compliance storage systems formatted their data at a disk level.

At the time, this volume of data was really stretching the limits of what our technology could handle. There may have been a certain amount of custom stitching together involved in getting it to work. With the Nuix technology we have today, using Elasticsearch as a back end for case files, it would almost be a breeze.

In what ways do you think the cloud/Office 365 is affecting decisions that the enterprise is making about their data and how it is managed and processed?

Putting data in the cloud is a mixed blessing. On one hand, the cloud gives corporations more agility to be “change ready” and deal with infrastructure or software challenges as they arise. It can also eliminate the need for a large IT infrastructure or staff overhead. Large public cloud storage vendors also provide a level of security that many corporations couldn’t keep up with, so shifting that burden is a huge savings.

On the other hand, making the move to this type of environment is just as challenging as changing a major piece of enterprise software. Do you need to move it all? Are there risks in the data that should be mitigated as you migrate? What happens to the legacy data you leave behind on premise? Do you have a contingency to retrieve data on both the new and old platforms if needed for a legal or regulatory request?

Another consideration of data in the cloud is, how do you get it out? This is where expert advice with an understanding of discovery and regulatory data issues is invaluable. Some cloud enterprise systems are designed to throttle downloading data. Most don’t have any obligation, if you read their terms of service, to keep the data stored in the same way in the back end, as long as it is presented correctly in the applications when retrieved.

Your IT department will probably say “No worries, we’ll just use the inbuild discovery tools!”  We have seen time and time again that many of these tools are not built to the high defensible standards required for legal or regulatory matters —“good enough” search, especially. Nuix has had a strong focus on ensuring we can work side by side with enterprise applications in the cloud as well as behind the firewall when collecting and processing data. We invest in sharing our experiences on the nuances of these systems, as we discover them, with our partners around the world.

When it comes to technology and data, companies constantly have to balance productivity and convenience against regulations and security—quite a difficult task in such a dynamic landscape. Is it your experience that most are managing this balancing act successfully?

I know that it’s a very fine line. If you lock down your systems too much, you inhibit productivity and perhaps encourage the wrong type of creativity as people find workarounds just to be able to do their jobs. If your controls are too loose, it can be a threat actor’s easiest payday.

In many companies, security is one of many functions of the often overburdened IT department. They will often find comfort in checking a box that says the firewall and antivirus have been set up.

Security is a journey that should protect your greatest asset, your company’s critical information, in a manner that allows you to identify issues in near real time. It should also enable you to correct internal behaviors that are creating unnecessary risk, even though they’re often not malicious in nature.

What important steps do you think companies can take to avoid some of the more common eDiscovery pitfalls related to data collection and processing?

First and foremost, understand how your employees work to get a true picture of what data you have. Don’t assume they’re only using the software you provided them, even if you have policy to enforce that.

Understand how your systems work and bring in experts who can help you understand any shortcomings early. “Litigation readiness” used to be a buzzword, but in reality, engaging a data expert will prevent you from making incorrect assumptions that could lead to financial penalties down the track. Common mistakes include not turning on some logging, fields, or compliance rules in archive systems; assuming cloud applications are not in your possession or control; and reusing logins or devices without preservation.

Having a data discovery expert at the table alongside your information IT and legal team will help you explore if your policies and procedures expand the reality of the systems you have. They may also be able to derive an immediate ROI on data issues if using the right toolkit.

If litigation is afoot, ensure you understand the procedures of your service provider. They should be more than willing to explain, in detail, how they plan to deal with your issue, the toolkit they will be using to support their efforts, and the checkpoints and process they have in place to deal with the issues that will arise from your data; all data has quirks. They should be a trusted advisor and an extension on your business, working to achieve a successful outcome for your current issue.

We understand that Nuix is beginning to look to cybersecurity as a new frontier for its technology. What was the rationale behind the expansion into this space?

Nuix has a long history in digital forensics. Our technology has been used in many, many breach investigations so really we’ve always been in the cybersecurity space. Like all the other problems we solve, cybersecurity at its heart is a question of giving people access to meaningful data faster. That’s what we’ve always excelled at.

These days, everyone recognizes that the traditional approach to cybersecurity isn’t working – if it was, there wouldn’t be so many significant data breaches. So now we’re seeing a lot of startups and also established players releasing new products and novel approaches to address the fundamental problems of cybersecurity. But while many of these new technologies are clever and innovative, none of them solves the whole problem.

Our approach to bridge that gap is two-fold:

  • An endpoint protection technology that blocks malicious behavior and attack patterns rather than known bad files or static indicators of compromise
  • Data breach investigation software that enables analysts to connect people, objects, locations, and events across the widest variety of information sources, including data from the endpoint!

It’s ironic that while many law firms are pressing ahead with services to help their clients improve cybersecurity, the security of their own systems is often very poor. This is something they should address as soon as possible—no one wants to be the next Mossack Fonsecca!

We hear a lot about new data sources on the horizon, especially with big strides in the Internet of Things (IOT) technology, social media, etc. Some of these are relatively light from a data volume perspective, but what do you think is the next Big Data information source that corporations should be considering as we look to the future?

In my opinion, the volumes of recorded audio that corporations are now amassing will become a real issue in the near future. Many corporations have regulatory requirements to record their business interactions. However, they’re often just listening to all the files to identify potential issues. This simply can’t be effective as volumes grow.

At the other end of the spectrum, some of the same companies are racing to use advancements in artificial intelligence, especially neural networks and natural language processing, to give customers a more personal and unique experience by talking to an application or device.

All these interactions will be recorded and may need to be searched effectively to derive answers, either to deliver a better customer experience or as part of a legal or regulatory issue. We have already seen the start of what this might look like with the “hot tub murder” and the Amazon Alexa device late last year. Can you imagine how much audio Amazon is amassing in the background?

Tackling these emerging technologies and data challenges are the things that drive us at Nuix, because at the end of the day, while our customers work in many different use cases, it is all about the data.


 Angela Bunting, Vice President – eDiscovery, Nuix,  is a highly skilled technologist and consultant who has worked with unstructured and structured data technologies for more than 18 years. She is one of Australia’s electronic discovery pioneers and has held technical and managerial roles at global law firm King Wood Mallesons and Law in Order, the country’s leading litigation support bureau. Angela is an active contributor to the Australian technology and eDiscovery communities, supporting programs such as Girl Geeks, Code Dojo and Women in eDiscovery.

ABOUT NUIX   Nuix protects, informs, and empowers society in the knowledge age. Leading organizations around the world turn to Nuix when they need fast, accurate answers for investigation, cybersecurity incident response, insider threats, litigation, regulation, privacy, risk management, and other essential challenges. Learn more at

Learn more about how H5 leverages Nuix and other industry-leading technologies here, or contact us at


Thank you for subscribing to the H5 blog, True North.

We strive to provide quality content on a variety of topics related to search, eDiscovery and the legal realm.

Please check your email inbox for your subscription confirmation!