Entity Extraction Helps Identify Compromised Data after a Data Breach

Whenever a Cyber Attack Results in a Data Breach, Organizations Need to Understand the Scope of the Breach

These days organizations of all types are confronted by cyber attacks. If a data breach occurs as a result, organizations may know which data or mail servers, or any network resource, have been compromised. However, what they may not know or easily find out is the specifics of any PII, PHI, FERPA, PCI, CCPA, PIPEDA, and GDPR data that have been revealed so that the appropriate parties can be notified and mitigation steps can be taken. In particular, although such data is predominantly contained in structured data, some sensitive data is also often contained in unstructured text data, which makes it more difficult to locate and identify.

Organizations Have Regulatory Obligations to Accurately Identify Compromised Data

In addition to the basic need to be honest and transparent with customers, current regulatory frameworks such as GDPR also impose requirements for proper data protection that organizations must adhere to. In the case of a data breach, GDPR mandates that organizations promptly notify their customers if their information was exposed and what precisely the information was. Also, appropriate mitigation steps must then be taken (e.g., credit monitoring, password changes, account freezing) to prevent further damage.

One challenge in meeting this requirement is that information about a single individual may have been scattered across multiple network assets:

• Email
• CRM data
• Employee data
• Partner and supplier data
• etc.

In the past, a breached organization had to conduct a laborious and time-consuming manual review of all breached data, which makes it difficult to meet GDPR’s promptness requirement. Today’s there’s a technology that can help speed things up: Entity Extraction

How Entity Extraction Works

Conventional keyword search as used in many eDiscovery tools is only capable of searching for known entities. By contrast, Advanced Entity Extraction finds occurrences of previously unknown named entities in unstructured data and it does so in a fast and scalable manner. Entity Extraction tries to automatically identifies all instances of entities, whether known or unknown. This ensures that an organization can be confident that it has found all the sensitive data in a data breach.

Entity Extraction also identifies the types of entities it finds:

• Persons
• Organizations,
• Places
• etc.

Entity Extraction also identifies other important PII :

• Dates of Birth
• Social Security Numbers
• Addresses
• etc.

Entity Extraction can process large volumes of data in a matter of hours vs. days or weeks or months needed with a manual effort

Entity Extraction Is a Critical Tool for Recovering from Data Breaches

Entity Extraction is a tool that can help assess the damage resulting from a data breach. It will help produce a clean, filtered, and complete list of all entities affected and their associated sensitive data. It will not remove the pain of a data breach for a company and related parties, but it will enable the taking of fast and effective steps to mitigate the problem and restore customer trust.

­­­­­­­­­­­­