Having journeyed from ediscovery into data breach response, Adi Elliott knows emerging technologies. And as Canopy’s chief revenue officer, he’s also an authority on applying AI to cybersecurity and data privacy.
Here’s a summary of the key topics Adi and Debbie covered:
Why Ediscovery Tech Doesn’t Work for Breach Response
“At a really, really high level, data breach response kind of looks a bit like ediscovery. But as soon as you get into the weeds, it’s super different.”
As Adi explains, there are several key ways that these two industries differ, from the initial data mining focus — custodians, keywords, and dates versus PII and people — to the ultimate deliverable — a set of documents versus a consolidated list of people and their PII.
“Unfortunately we live in a world where companies can largely take all the right steps and all the right precautions and still have compromised situations. It’s just the way the world works these days.”
Threat organizations are becoming increasingly more sophisticated, with some even having corporate websites and core values to recruit cyber criminals. And because the vast majority of data breaches are from phishing emails, and people need to use email to do business, breaches will likely never be definitively solved.
What is possible, thanks to new technology, is achieving a response that is fast enough to comply with regulations like GDPR’s 72-hour notification timeframe, and alert people that their PII has been compromised ASAP to minimize harm. Organizations can proactively assess their privacy impact, too — more on that below.
AI-Powered Data Breach Tech Advancements
“We ended up hearing from the [breached] company itself, and based on what the initial estimates were using the legal review workflow, it was going to cost them like $3 million more than they ended up spending with Canopy.”
The now “old school” approach to data breach response is running search terms or regular expressions (regex). Adi explains that these methods are both under- and over-inclusive: a lot of PII doesn’t match these types of searches, while non-PII does. So document review teams waste time and resources looking at documents that don’t contain PII, while also missing valuable documents that do contain sensitive information.
Enter Canopy. Our software does the heavy lifting in finding the PII and the people in breached data sets, then queues those findings up for validation by humans. It speeds up the entire process — from data mining to review to deduplication — saving money and achieving a more accurate end result.