New solution helps enterprises discover sensitive information at risk during a breach for a fraction of the time, effort and cost of traditional services
The Crypsis Group, a leading incident response, risk management and digital forensics firm, today announced the availability of their Illuminator service, an advanced data analytics and intelligence capability that combines best-in-class machine learning AI, manual review and extraction services with Crypsis’ deep data privacy expertise to deliver an accurate and cost-effective Data Breach Notification Service.
The service identifies Personally Identifiable Information (PII), Protected Health Information (PHI) and other sensitive information potentially exposed as a result of a data breach while greatly reducing the number of documents that must be manually reviewed (by 43.5% on average compared to traditional eDiscovery processes), saving organizations significant time, money and resources.
Following a breach, organizations must identify and quantify specific sensitive information that has been potentially exposed to meet state data breach statutes, regulatory requirements and contractual obligations to notify impacted customers or business partners. Historically, reviewing this at-risk data has been very time-intensive, imprecise and expensive.
“Ninety-five percent of the false-positive hits that are typically identified in eDiscovery-based approaches are eliminated upfront and never make it to human review, saving thousands of dollars in review costs, not to mention time,” said Brittany Roush, director and data analytics practice leader, Crypsis Group. “This service will remove much of the burden of the discovery process, while our quality control steps at every stage provide confidence in the accuracy and defensibility of results.”
The service is enhanced through partnerships with CanopyCo LLC and Integreon. CanopyCo’s data breach response software, Canopy, accelerates the defensible detection, extraction and resolution of non-public and protected data following business email compromises and other cybersecurity incidents. Canopy is rooted in machine-learning technology that is specifically calibrated to the intricacies of data mining for PII and PHI. When combined with Crypsis’ expertise-driven human analysis, the service can greatly reduce the quantity of documents falsely promoted for human review.
“To successfully meet the myriad requirements for emerging and evolving privacy laws across different jurisdictions, a data breach response requires a careful combination of people, process and technology,” said Ralph Nickl, CEO for CanopyCo. “As a result of our close collaboration with Crypsis, the Illuminator service is empowered by our robust technical backbone, helping enable their data breach response teams to quickly progress through the detailed data analytics process.”
Once a review population is identified, Integreon’s worldwide team of cyber incident response professionals can quickly mobilize to conduct the necessary review and extraction of sensitive information to produce a Consolidated Entity List so that impacted organizations can confidently comply with all state and federal notification requirements. Integreon applies a best practice-proven approach to triage data sets and conduct multiple validation checks to ensure quality across every step of the process.
“It is very exciting to be part of the evolution of services dedicated to helping clients who fall victim to a cyber incident. Working alongside the incredible team at Crypsis, we’ve been able to create efficiencies in the overall process.” said Jamie Berry, Integreon EVP – Legal Services. “Using a sophisticated, tech-enabled solution like Illuminator, the Crypsis team helps our review teams achieve the efficiencies, and most importantly, the accuracy clients demand and require.”