Increasing Reporting and Notification Obligations
Reports of data loss or exfiltration during cybersecurity attacks are growing.
Network infiltrations often go unnoticed while corporate or personally identifiable information/personal health information (PII/PHI) is compromised. This may include proprietary company information and private data such as names, addresses, ID numbers, bank details, or credit card information.
Data privacy and protection regimes such as GDPR, CCPA, and BIPA are serving as the foundation for a growing patchwork of regulatory constructs governing the protection of PII/PHI. Many of these regulations require a description of the PII/PHI impacted that indicates, where possible, the approximate number of data subjects, categories concerned, and affected records in a tight timeframe. Various jurisdictions in the United States and around the world have and continue to institute similar requirements.
Strategies to Tame the Complexities of Cybersecurity Incident Readiness and Response
KLDiscovery sponsored a Today's General Counsel Webinar discussing pre- and post-event strategies for cybersecurity incidents. Topics include:
- M&A due diligence
- Foundational elements of incident response readiness
- Importance of conducting incident related work under the protection of attorney-client privilege
- Addressing the growing urgency for insight in hours and days not weeks and months
- Advantages of using machine learning developed to identify PII/PHI
Harnessing post-incident insight to refine internal data management practices
Please fill out the form below to access a recording of this informative webinar for on-demand viewing.
Types of Cyber Incidents
Regardless of location, attack mechanisms, or vectors, KLDiscovery’s experienced teams help you navigate cyberattacks of every type, including:
- Business Email Compromise (BEC)
- Email Account Compromise (EAC)
- Data breaches
- Privacy incidents
Addressing the Challenges of Cyber Incident Response Data Mining
Purpose-built data mining software Canopy, combined with our dedicated teams and tailored workflows, ensure the efficient identification and evaluation of data impacted during a cyber incident.
The first step in incident response is to determine which data has been compromised. Next, all PII/PHI must be processed and parsed for proper disclosure to the impacted entities and regulatory authorities.
KLDiscovery supports your organization with leading technology and specialized data mining services:
Your organization can rely on us when you need to:
- Leverage specialized teams, purpose-built technology, and tailored workflows for cyber incident response
- Quickly assess impacted entities and related data elements to offer early and accurate insight that helps you regain control after an incident occurs
- Compile notification lists to contact entities potentially affected by a breach
- Lean on a partner with a steady and experienced hand at a moment of crisis with no limits on volume of data, global location, or data composition
- Conduct a proactive evaluation of data protection measures to increase preparedness
KLDiscovery leverages intelligent, purpose-built data mining solutions to help locate, categorize, process, and review PII/PHI, enabling you to report impacted entities to supervisory authorities within the scope of mandatory reporting requirements. With an understanding of the fundamental differences between specialized cyber incident response and eDiscovery, we employ machine learning at every stage to deliver unmatched early insight and overall efficiency. Additionally, we use AI to address the most persistent challenges of data mining: lack of early insight on scope, handling of tabular data, and deduplication of impacted entities.
Best-in-Class Technology – Our Partner: Canopy Software
KLDiscovery leverages Canopy Software to reduce the time, cost, risk, and effort necessary for the defensible detection of sensitive data. From finding each element of protected data to identifying every person who was affected, Canopy’s AI-powered software is designed to help organizations achieve a fast, accurate response to every security incident.
The Fundamental Difference Between eDiscovery and Cyber Incident Response
Many organizations turn to eDiscovery services for resolution in the wake of a cybersecurity incident. This approach, however, can jeopardize the efficiency and accuracy of the incident response work. Despite similarities between eDiscovery and data breach response, eDiscovery tools fall short in many ways when it comes to resolving data breaches and cyber security incidents.
By using eDiscovery tools, teams are spending more than necessary on time-consuming review services that do not produce the necessary data for resolution. Cyber Incident Response review also differentiates from eDiscovery as, following a data breach, review teams look to link the necessary PII components to each impacted entity. Ultimately, the goal of each review is not the same. eDiscovery aims to produce a set of documents in response to a specific case while in Cyber Incident Response, documents are insignificant—the necessary deliverable is a completed list of compromised individuals or companies.