Tracking Incidents and Data Breaches with Smart(er) Breach Management

The following is the eighth post in a new blog series from Exterro CEO Bobby Balachandran, where he shares his thoughts on the issues legal leaders care about and his vision for addressing them. Read Bobby's last blog here.

The business landscape today is more fraught with risks from data breaches than ever before. In terms of both the risk of damages from a breach and the corresponding legal risks posed by an incident, organizations are facing an array of external threats and increasingly complex regulatory requirements. Unfortunately, simply discovering an incident and taking basic steps to investigate and notify affected parties is no longer a sufficient response.

Proactive organizations need to consider a number of complicated issues. For example, what constitutes a privacy breach or legal privilege in these situations? What thresholds are regulators setting to hold organizations to account, and how often do those thresholds change?

While breaches have become more difficult to stop and their severity has evolved significantly, incident response is still an ad hoc process at many organizations, even as regulatory fines have increased in the last few years with the establishment of new privacy laws that include stiff penalties for breached data. Those regulatory fines have begun to attract the attention of board members. The good news is that regulators generally don’t opt for severe punishments when companies are diligent in their response, thoroughly document their processes, and demonstrate a serious and sustained commitment to doing the right thing.

Security and defensibility are now inseparably intertwined. Robust cybersecurity is certainly critical, but what happens after an incident can be just as critical—if not more so. Data breaches can no longer be considered one-off issues that may or may not happen. Even relatively limited breaches are often indicative of much bigger problems. Determining the root cause, documenting each step of the response, and incorporating lessons learned into an organizational incident response plan are all vital steps in response to a breach, and absolutely essential to defensibility. Focusing on these activities can also help organizations avoid post-breach fatigue, which opens up the potential for even greater risks, including legal and reputational damage.

In late May, Exterro launched Smart Breach Review, which represents a game-changer for organizations looking to ensure their incident response is in top shape. It’s designed for high-speed, high-volume breach review, with scalable ingestion speeds (1.5 hours per TB, up to 33 times faster than competing products) and review capabilities (up to 1,000 simultaneous reviewers). Smart Breach Review is built to handle the largest and most demanding data breaches. Its self-learning AI is pre-trained to recognize all types of personal data, and new data types can be added as needed. Each time a review is conducted, the AI continues to learn and get smarter over time.

In addition to introducing these ground-breaking features to the marketplace, Smart Breach Review automatically produces the data needed for regulatory reviews and other notifications. This is crucial, because regulatory deadlines can be as short as 72 hours after a breach is uncovered.

Companies that combine this extremely fast and massively scalable review capability with the Exterro Incident and Breach Management and Exterro Forensic Toolkit (FTK)—which offers visibility into live data directly at the endpoint for faster and more targeted investigations—will have everything they need to quickly understand how breaches occur and to automate the necessary response processes. The uses don’t end there: Smart Breach Review can also identify the different types of information housed in an organization’s databases to help them profile and proactively address risks unique to them before an incident occurs.

Since our inception, Exterro has been focused on process automation and data science, helping integrate a wide range of data management components in a single interface. Smart Breach Review is just one more way we’re expanding our Legal Governance, Risk and Compliance (GRC) platform to cover the legal and regulatory needs of every organization.