SlideShare a Scribd company logo

Recycling eDiscovery Best Practices for Data Breach Incident Response

Download as PPTX, PDF
Ipro Tech
Ipro Tech

PUMA – Please Use More Acronyms WYSC – Why You Should Care CBEC – Challenges with Business Email Compromises BNRR – Breach Notification Rules & Regulations EFTW – eDiscovery For The Win Objective: Open the door to leveraging e-discovery tools for new use cases …teach a new dog old tricks…

Law
1 of 17
Recycling eDiscovery Best Practices for Data Breach Incident Response
Private and Confidential – Copyright 2019 Agenda 1. PUMA – Please Use More Acronyms 2. WYSC – Why You Should Care 3. CBEC – Challenges with Business Email Compromises 4. BNRR – Breach Notification Rules & Regulations 5. EFTW – eDiscovery For The Win Objective: Open the door to leveraging e-discovery tools for new use cases …teach a new dog old tricks…
Private and Confidential – Copyright 2019 PUMA – Please Use More Acronyms 1. DBIR – Data Breach Incident Response 2. DFIR – Digital Forensics Incident Response 3. APT – Advanced Persistent Threat 4. DLP – Data Loss Prevention 5. BEC – Business Email Compromise 6. HIPAA – Health Insurance Portability & Accountability Act 7. PII – Personally Identifiable Information 8. PHI – Protected Health Information 9. PCI – Payment Card Information 10.MDE – Mass Data Entry
Private and Confidential – Copyright 2019 WYSC – Why You Should Care Email related attacks totaled over $12B in losses in 2018. On average each stolen record costs the company $148. The efficiency in identifying an incident and the speed of the response has a huge impact on its overall cost.
Private and Confidential – Copyright 2019 BEC – Business Email Compromises Spear Phishing: Fraudulent emails targeted at specific individuals to get them to open a malicious attachment or link. Goal is to gain access to confidential information.
Private and Confidential – Copyright 2019 BEC – Business Email Compromises Company Insurance Carrier Digital Forensics Notification & Call Center Breach Counsel PII Identification & Extraction 1 2 3 4 What happens next: 1. Engage Counsel 2. Contact Insurer 3. Breach Counsel Quarterback 4. 3rd Party Forensic Investigation 5. Targeted Data Mining 6. Identify Exfiltrated PII 7. Notify Impacted Individuals
Private and Confidential – Copyright 2019 Major Challenges - PII in context cannot be identified with standard Boolean searches - Identification requires eyes on review - Extraction of elements needed for notification is a manual process - Tight deadlines require brute force attack; increasing need for quality control - Each data set is different - Merging data entry fields requires detailed analysis and normalization - Performing this kind of work creates new data sources with lists of PII
Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs http://www.ncsl.org/research/telecommunications-and- information-technology/security-breach-notification- laws.aspx
Private and Confidential – Copyright 2019 FTW – eDiscovery For The Win F*** the World
Private and Confidential – Copyright 2019 eDiscovery For the Win PII Identification & Extraction Phase 1: • PROCESS, ANALYZE, CULL: • Initial ESI processing, indexing, hosting, culling and associated analysis to reduce document count and prepare data for eyes-on attorney review • PII/PCI/PHI Search Terms – Keyword & Pattern Matching • AI Analytics Phase 2: • EYES-ON REVIEW & DATA ENTRY: • Categorization and data capture by managed team of attorneys, quality control review, and coordinated quality assurance review with cybersecurity outside counsel Phase 3: • NORMALIZATION & DELIVERABLE CREATION: • Conversion and normalization of notification report to specification • Additional analysis and customization performed at this stage In a nutshell: • Search emails • Present to reviewers • Confirm PII Exists • Categorize Type of PII • Key in Name/Address • Create Report
Private and Confidential – Copyright 2019 FTW – eDiscovery For The Win ID Related Tags  Social Security Number  Driver's License Number  State Identification Number  Passport Number  Alien Registration Number  Military ID Number  Tribal Identification/Enrollment Number  Unique or Other Gov’t Issued ID  Date of Birth Other Vital Information Tags  Birth Certificate  Marriage Certificate  Parent's legal surname prior to marriage Account Access Tags  Email address and password (or required security code or access code)  Username and password (or required security code or access code)  Security Code, Access Code, or Password Financial Related Tags  Financial Account Number: For example, a bank account number on a check or electronic wire transfer.  Security code or password  Credit/debit card number  Credit/debit card number security code or password: Such as a PIN number or password for an account Tax Related Tags  Individual Taxpayer Identification #  Employer Taxpayer Identification #  Identity Protection Personal Identification # issued by the IRS  IRS e-file PIN Health Related Tags  Medical history, condition, treatment, or diagnosis  Health insurance policy number or subscriber number  Health insurance application or claims information  Health information: Defined as “any information that identifies an individual and relates to physical or mental health or condition, the provision of health care, or payment for health care Employer Related Tags  Employee Account Information: This must include an ID number assigned by an employer plus a security code, access code, or password. Do not use if the employee ID is alone and does not include a security or access code or password.  Work-related Evaluations: For example, a performance reviews Pro Tips: - De-dupe at the document level (it’s ok to break families) - Suppress 100% textual near dupes - Suppress non-inclusive threads - Cluster documents by concepts - Turn on Active Learning
Private and Confidential – Copyright 2019 Deliverable – Before & After Document ID Full Name First Name Last Name Driver's License # Parents Legal Surname Prior to Marriage Social Security Number (full) Passport Number Health Information CTRL-0000001 J SMITH J SMITH YES CTRL-0000002 JANE SMITH JANE SMITH YES CTRL-0000003 JANE S SMITH JANE SMITH YES CTRL-0000004 JANE SMITH-BROWN JANE SMITH-BROWN YES CTRL-0000005 JANE SMITH JANE SMITH YES Document ID's Full Name First Name Last Name Driver's License # Parents Legal Surname Prior to Marriage Social Security Number (full) Passport Number Health Information CTRL-0000001; CTRL-0000002; CTRL-0000003; CTRL-0000004; CTRL-0000005 JANE S SMITH-BROWN JANE SMITH-BROWN YES YES YES YES YES
Private and Confidential – Copyright 2019 Other Use Cases & More Information Use Cases: • Responding to Data Subject Access Requests • DLP Risk Assessments • Digital Transformation Solutions Links: Insights into Today’s Breaches and Cyber Attacks: https://www.fireeye.com/current-threats/annual-threat- report/mtrends.html CCPA What You Need to Know: https://www.law.com/njlawjournal/2018/12/01/the-california-consumer-privacy-act-what-you- need-to-know/ True Cost of a Data Breach:https://www.ibm.com/security/data-breach

Recommended

Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryptionNeoCertified
 
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Raleigh ISSA
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwalamitkhand
 
Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessHerring Consulting & Financial Group
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theftAmber Gupta
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]Stephanie L. Elder
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 

Recommended

Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryptionNeoCertified
 
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...
Growing trend of finding2013-11 Growing Trend of Finding Regulatory and Tort ...Raleigh ISSA
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwalamitkhand
 
Identity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessIdentity Theft Red Flags Rule for Business
Identity Theft Red Flags Rule for BusinessHerring Consulting & Financial Group
 
Data Privacy in India and data theft
Data Privacy in India and data theftData Privacy in India and data theft
Data Privacy in India and data theftAmber Gupta
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]Stephanie L. Elder
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White PaperDmcenter
 
Legal Resume
Legal ResumeLegal Resume
Legal ResumeCarmen Kapuchuck
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Privacy, Policy, and Encryption
Privacy, Policy, and EncryptionPrivacy, Policy, and Encryption
Privacy, Policy, and Encryptionaccessnowinc
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Adriana Sanford
 
Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security cschumley
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor PrivacyRaymond Cunningham
 
CDP_Engagement_Team_Training_BRADESCO.pdf
CDP_Engagement_Team_Training_BRADESCO.pdfCDP_Engagement_Team_Training_BRADESCO.pdf
CDP_Engagement_Team_Training_BRADESCO.pdfCarlos Roberto Paula Soares
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security ProgramRaymond Cunningham
 
Security Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive InformationSecurity Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive InformationCatherine MacAllister
 
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Steve Werby
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Lawley Insurance
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDATAVERSITY
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryHNI Risk Services
 
Security Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens InfoSecurity Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens InfoMegan Bell
 
Powerpoint mack jackson
Powerpoint mack jacksonPowerpoint mack jackson
Powerpoint mack jacksonaiimnevada
 
BEA Presentation
BEA PresentationBEA Presentation
BEA PresentationGlenn E. Davis
 
Naccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity TheftNaccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity Theftmherr_riskconsult
 

More Related Content

What's hot

CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White PaperDmcenter
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
Privacy, Policy, and Encryption
Privacy, Policy, and EncryptionPrivacy, Policy, and Encryption
Privacy, Policy, and Encryptionaccessnowinc
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Adriana Sanford
 

What's hot (6)

CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White Paper
 
Legal Resume
Legal ResumeLegal Resume
Legal Resume
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
Privacy, Policy, and Encryption
Privacy, Policy, and EncryptionPrivacy, Policy, and Encryption
Privacy, Policy, and Encryption
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014
 

Similar to Recycling eDiscovery Best Practices for Data Breach Incident Response

Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security cschumley
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security ProgramRaymond Cunningham
 
Security Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive InformationSecurity Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive InformationCatherine MacAllister
 
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Steve Werby
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Lawley Insurance
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDATAVERSITY
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryHNI Risk Services
 
Security Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens InfoSecurity Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens InfoMegan Bell
 
Powerpoint mack jackson
Powerpoint mack jacksonPowerpoint mack jackson
Powerpoint mack jacksonaiimnevada
 
Naccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity TheftNaccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity Theftmherr_riskconsult
 
Identity Theft Prevention
Identity Theft PreventionIdentity Theft Prevention
Identity Theft PreventionAlan Greggo
 
*Webinar* CCPA: Get Your Business Ready
*Webinar* CCPA: Get Your Business Ready*Webinar* CCPA: Get Your Business Ready
*Webinar* CCPA: Get Your Business ReadyMoEngage Inc.
 

Similar to Recycling eDiscovery Best Practices for Data Breach Incident Response (20)

Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security Don't Get Stung - Student Data Security
Don't Get Stung - Student Data Security
 
Protecting Donor Privacy
Protecting Donor PrivacyProtecting Donor Privacy
Protecting Donor Privacy
 
CDP_Engagement_Team_Training_BRADESCO.pdf
CDP_Engagement_Team_Training_BRADESCO.pdfCDP_Engagement_Team_Training_BRADESCO.pdf
CDP_Engagement_Team_Training_BRADESCO.pdf
 
Implementing an Information Security Program
Implementing an Information Security ProgramImplementing an Information Security Program
Implementing an Information Security Program
 
Security Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive InformationSecurity Awareness 9-10-09 v5 Sensitive Information
Security Awareness 9-10-09 v5 Sensitive Information
 
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler Seminar
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
 
Security Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens InfoSecurity Awareness 9 10 09 V4 Sens Info
Security Awareness 9 10 09 V4 Sens Info
 
Powerpoint mack jackson
Powerpoint mack jacksonPowerpoint mack jackson
Powerpoint mack jackson
 
BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Naccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity TheftNaccu Card Fraud And Identity Theft
Naccu Card Fraud And Identity Theft
 
Data Breach Response: Realtime Cyber Incident Simulation
Data Breach Response: Realtime Cyber Incident SimulationData Breach Response: Realtime Cyber Incident Simulation
Data Breach Response: Realtime Cyber Incident Simulation
 
Identity Theft Prevention
Identity Theft PreventionIdentity Theft Prevention
Identity Theft Prevention
 
201 CMR 17.00
201 CMR 17.00201 CMR 17.00
201 CMR 17.00
 
*Webinar* CCPA: Get Your Business Ready
*Webinar* CCPA: Get Your Business Ready*Webinar* CCPA: Get Your Business Ready
*Webinar* CCPA: Get Your Business Ready
 

More from Ipro Tech

Build a Blockchain
Build a BlockchainBuild a Blockchain
Build a BlockchainIpro Tech
 
Financials and eDiscovery - A Primer for Non-Accountants
Financials and eDiscovery - A Primer for Non-AccountantsFinancials and eDiscovery - A Primer for Non-Accountants
Financials and eDiscovery - A Primer for Non-AccountantsIpro Tech
 
In House v. Independent Hot Seat Panel
In House v. Independent Hot Seat PanelIn House v. Independent Hot Seat Panel
In House v. Independent Hot Seat PanelIpro Tech
 
Project Management in Electronic Discovery
Project Management in Electronic DiscoveryProject Management in Electronic Discovery
Project Management in Electronic DiscoveryIpro Tech
 
Build an Engaging Social Media Profile
Build an Engaging Social Media ProfileBuild an Engaging Social Media Profile
Build an Engaging Social Media ProfileIpro Tech
 
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Ipro Tech
 
What’s New in Ipro for enterprise?
What’s New in Ipro for enterprise?What’s New in Ipro for enterprise?
What’s New in Ipro for enterprise?Ipro Tech
 
Let’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformLet’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformIpro Tech
 
Double Down: Migrating Data from Desktop to Enterprise (and back)
Double Down: Migrating Data from Desktop to Enterprise (and back)Double Down: Migrating Data from Desktop to Enterprise (and back)
Double Down: Migrating Data from Desktop to Enterprise (and back)Ipro Tech
 
What’s in Your Workflow?
What’s in Your Workflow?What’s in Your Workflow?
What’s in Your Workflow?Ipro Tech
 
Can you Take the Heat of the Hot Seat?
Can you Take the Heat of the Hot Seat?Can you Take the Heat of the Hot Seat?
Can you Take the Heat of the Hot Seat?Ipro Tech
 
Diving Deeper into Networking & Local Options in TrialDirector 360
Diving Deeper into Networking & Local Options in TrialDirector 360Diving Deeper into Networking & Local Options in TrialDirector 360
Diving Deeper into Networking & Local Options in TrialDirector 360Ipro Tech
 
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360Presenter’s Advantage: Preparing Exhibits in TrialDirector 360
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360Ipro Tech
 
TrialDirector 360: Beyond the Courtroom
TrialDirector 360: Beyond the CourtroomTrialDirector 360: Beyond the Courtroom
TrialDirector 360: Beyond the CourtroomIpro Tech
 
Proactive v. Reactive Trial Presentations
Proactive v. Reactive Trial PresentationsProactive v. Reactive Trial Presentations
Proactive v. Reactive Trial PresentationsIpro Tech
 
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...Ipro Tech
 
Flexible Processing for Dynamic Workflows
Flexible Processing for Dynamic WorkflowsFlexible Processing for Dynamic Workflows
Flexible Processing for Dynamic WorkflowsIpro Tech
 
Search Faceoff: Advanced v. Visual
Search Faceoff: Advanced v. VisualSearch Faceoff: Advanced v. Visual
Search Faceoff: Advanced v. VisualIpro Tech
 
TAR: Beginning to End
TAR: Beginning to EndTAR: Beginning to End
TAR: Beginning to EndIpro Tech
 
Repro with Ipro: Simplifying your Imaging Workflows
Repro with Ipro: Simplifying your Imaging WorkflowsRepro with Ipro: Simplifying your Imaging Workflows
Repro with Ipro: Simplifying your Imaging WorkflowsIpro Tech
 

More from Ipro Tech (20)

Build a Blockchain
Build a BlockchainBuild a Blockchain
Build a Blockchain
 
Financials and eDiscovery - A Primer for Non-Accountants
Financials and eDiscovery - A Primer for Non-AccountantsFinancials and eDiscovery - A Primer for Non-Accountants
Financials and eDiscovery - A Primer for Non-Accountants
 
In House v. Independent Hot Seat Panel
In House v. Independent Hot Seat PanelIn House v. Independent Hot Seat Panel
In House v. Independent Hot Seat Panel
 
Project Management in Electronic Discovery
Project Management in Electronic DiscoveryProject Management in Electronic Discovery
Project Management in Electronic Discovery
 
Build an Engaging Social Media Profile
Build an Engaging Social Media ProfileBuild an Engaging Social Media Profile
Build an Engaging Social Media Profile
 
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
 
What’s New in Ipro for enterprise?
What’s New in Ipro for enterprise?What’s New in Ipro for enterprise?
What’s New in Ipro for enterprise?
 
Let’s Talk About the Ipro Platform
Let’s Talk About the Ipro PlatformLet’s Talk About the Ipro Platform
Let’s Talk About the Ipro Platform
 
Double Down: Migrating Data from Desktop to Enterprise (and back)
Double Down: Migrating Data from Desktop to Enterprise (and back)Double Down: Migrating Data from Desktop to Enterprise (and back)
Double Down: Migrating Data from Desktop to Enterprise (and back)
 
What’s in Your Workflow?
What’s in Your Workflow?What’s in Your Workflow?
What’s in Your Workflow?
 
Can you Take the Heat of the Hot Seat?
Can you Take the Heat of the Hot Seat?Can you Take the Heat of the Hot Seat?
Can you Take the Heat of the Hot Seat?
 
Diving Deeper into Networking & Local Options in TrialDirector 360
Diving Deeper into Networking & Local Options in TrialDirector 360Diving Deeper into Networking & Local Options in TrialDirector 360
Diving Deeper into Networking & Local Options in TrialDirector 360
 
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360Presenter’s Advantage: Preparing Exhibits in TrialDirector 360
Presenter’s Advantage: Preparing Exhibits in TrialDirector 360
 
TrialDirector 360: Beyond the Courtroom
TrialDirector 360: Beyond the CourtroomTrialDirector 360: Beyond the Courtroom
TrialDirector 360: Beyond the Courtroom
 
Proactive v. Reactive Trial Presentations
Proactive v. Reactive Trial PresentationsProactive v. Reactive Trial Presentations
Proactive v. Reactive Trial Presentations
 
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...
Deposition Management: Utilizing TrialDirector 360 to Prepare your Designatio...
 
Flexible Processing for Dynamic Workflows
Flexible Processing for Dynamic WorkflowsFlexible Processing for Dynamic Workflows
Flexible Processing for Dynamic Workflows
 
Search Faceoff: Advanced v. Visual
Search Faceoff: Advanced v. VisualSearch Faceoff: Advanced v. Visual
Search Faceoff: Advanced v. Visual
 
TAR: Beginning to End
TAR: Beginning to EndTAR: Beginning to End
TAR: Beginning to End
 
Repro with Ipro: Simplifying your Imaging Workflows
Repro with Ipro: Simplifying your Imaging WorkflowsRepro with Ipro: Simplifying your Imaging Workflows
Repro with Ipro: Simplifying your Imaging Workflows
 

Recently uploaded

一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxRRR Chambers
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategyJong Hyuk Choi
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理bd2c5966a56d
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...SUHANI PANDEY
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书E LSS
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx2020000445musaib
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxPSSPRO12
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYJulian Scutts
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forRoger Valdez
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteDeepikaK245113
 
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxPresentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxRRR Chambers
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptzainabbkhaleeq123
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxSHIVAMGUPTA671167
 
Doctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddpptDoctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddppt2020000445musaib
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理bd2c5966a56d
 
THE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourTHE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourBhavikaGholap1
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentationKhushdeep Kaur
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsAurora Consulting
 

Recently uploaded (20)

一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo for
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxPresentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .ppt
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
 
Doctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddpptDoctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddppt
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
 
THE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourTHE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labour
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 

Recycling eDiscovery Best Practices for Data Breach Incident Response

  • 1. Recycling eDiscovery Best Practices for Data Breach Incident Response
  • 2. Private and Confidential – Copyright 2019 Agenda 1. PUMA – Please Use More Acronyms 2. WYSC – Why You Should Care 3. CBEC – Challenges with Business Email Compromises 4. BNRR – Breach Notification Rules & Regulations 5. EFTW – eDiscovery For The Win Objective: Open the door to leveraging e-discovery tools for new use cases …teach a new dog old tricks…
  • 3. Private and Confidential – Copyright 2019 PUMA – Please Use More Acronyms 1. DBIR – Data Breach Incident Response 2. DFIR – Digital Forensics Incident Response 3. APT – Advanced Persistent Threat 4. DLP – Data Loss Prevention 5. BEC – Business Email Compromise 6. HIPAA – Health Insurance Portability & Accountability Act 7. PII – Personally Identifiable Information 8. PHI – Protected Health Information 9. PCI – Payment Card Information 10.MDE – Mass Data Entry
  • 4. Private and Confidential – Copyright 2019 WYSC – Why You Should Care Email related attacks totaled over $12B in losses in 2018. On average each stolen record costs the company $148. The efficiency in identifying an incident and the speed of the response has a huge impact on its overall cost.
  • 5. Private and Confidential – Copyright 2019 BEC – Business Email Compromises Spear Phishing: Fraudulent emails targeted at specific individuals to get them to open a malicious attachment or link. Goal is to gain access to confidential information.
  • 6. Private and Confidential – Copyright 2019 BEC – Business Email Compromises Company Insurance Carrier Digital Forensics Notification & Call Center Breach Counsel PII Identification & Extraction 1 2 3 4 What happens next: 1. Engage Counsel 2. Contact Insurer 3. Breach Counsel Quarterback 4. 3rd Party Forensic Investigation 5. Targeted Data Mining 6. Identify Exfiltrated PII 7. Notify Impacted Individuals
  • 7. Private and Confidential – Copyright 2019 Major Challenges - PII in context cannot be identified with standard Boolean searches - Identification requires eyes on review - Extraction of elements needed for notification is a manual process - Tight deadlines require brute force attack; increasing need for quality control - Each data set is different - Merging data entry fields requires detailed analysis and normalization - Performing this kind of work creates new data sources with lists of PII
  • 8. Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
  • 9. Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
  • 10. Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
  • 11. Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs
  • 12. Private and Confidential – Copyright 2019 BNRR – Breach Notification Rules & Regs http://www.ncsl.org/research/telecommunications-and- information-technology/security-breach-notification- laws.aspx
  • 13. Private and Confidential – Copyright 2019 FTW – eDiscovery For The Win F*** the World
  • 14. Private and Confidential – Copyright 2019 eDiscovery For the Win PII Identification & Extraction Phase 1: • PROCESS, ANALYZE, CULL: • Initial ESI processing, indexing, hosting, culling and associated analysis to reduce document count and prepare data for eyes-on attorney review • PII/PCI/PHI Search Terms – Keyword & Pattern Matching • AI Analytics Phase 2: • EYES-ON REVIEW & DATA ENTRY: • Categorization and data capture by managed team of attorneys, quality control review, and coordinated quality assurance review with cybersecurity outside counsel Phase 3: • NORMALIZATION & DELIVERABLE CREATION: • Conversion and normalization of notification report to specification • Additional analysis and customization performed at this stage In a nutshell: • Search emails • Present to reviewers • Confirm PII Exists • Categorize Type of PII • Key in Name/Address • Create Report
  • 15. Private and Confidential – Copyright 2019 FTW – eDiscovery For The Win ID Related Tags  Social Security Number  Driver's License Number  State Identification Number  Passport Number  Alien Registration Number  Military ID Number  Tribal Identification/Enrollment Number  Unique or Other Gov’t Issued ID  Date of Birth Other Vital Information Tags  Birth Certificate  Marriage Certificate  Parent's legal surname prior to marriage Account Access Tags  Email address and password (or required security code or access code)  Username and password (or required security code or access code)  Security Code, Access Code, or Password Financial Related Tags  Financial Account Number: For example, a bank account number on a check or electronic wire transfer.  Security code or password  Credit/debit card number  Credit/debit card number security code or password: Such as a PIN number or password for an account Tax Related Tags  Individual Taxpayer Identification #  Employer Taxpayer Identification #  Identity Protection Personal Identification # issued by the IRS  IRS e-file PIN Health Related Tags  Medical history, condition, treatment, or diagnosis  Health insurance policy number or subscriber number  Health insurance application or claims information  Health information: Defined as “any information that identifies an individual and relates to physical or mental health or condition, the provision of health care, or payment for health care Employer Related Tags  Employee Account Information: This must include an ID number assigned by an employer plus a security code, access code, or password. Do not use if the employee ID is alone and does not include a security or access code or password.  Work-related Evaluations: For example, a performance reviews Pro Tips: - De-dupe at the document level (it’s ok to break families) - Suppress 100% textual near dupes - Suppress non-inclusive threads - Cluster documents by concepts - Turn on Active Learning
  • 16. Private and Confidential – Copyright 2019 Deliverable – Before & After Document ID Full Name First Name Last Name Driver's License # Parents Legal Surname Prior to Marriage Social Security Number (full) Passport Number Health Information CTRL-0000001 J SMITH J SMITH YES CTRL-0000002 JANE SMITH JANE SMITH YES CTRL-0000003 JANE S SMITH JANE SMITH YES CTRL-0000004 JANE SMITH-BROWN JANE SMITH-BROWN YES CTRL-0000005 JANE SMITH JANE SMITH YES Document ID's Full Name First Name Last Name Driver's License # Parents Legal Surname Prior to Marriage Social Security Number (full) Passport Number Health Information CTRL-0000001; CTRL-0000002; CTRL-0000003; CTRL-0000004; CTRL-0000005 JANE S SMITH-BROWN JANE SMITH-BROWN YES YES YES YES YES
  • 17. Private and Confidential – Copyright 2019 Other Use Cases & More Information Use Cases: • Responding to Data Subject Access Requests • DLP Risk Assessments • Digital Transformation Solutions Links: Insights into Today’s Breaches and Cyber Attacks: https://www.fireeye.com/current-threats/annual-threat- report/mtrends.html CCPA What You Need to Know: https://www.law.com/njlawjournal/2018/12/01/the-california-consumer-privacy-act-what-you- need-to-know/ True Cost of a Data Breach:https://www.ibm.com/security/data-breach

Editor's Notes

  1. Key take away: when wading into a new practice area, learning the jargon is half the battle