Structured method to data breach analysis and response
Data breaches are growing in frequency and magnitude, and have a tremendous financial, legal, operational and reputational impact to the breached organization, whether it’s a financial institution, a hospital, a retailer, a university, a company, a government entity, or a social network.
With 174 million compromised records in 2011, according to Verizon, assessing, managing, and publicly responding to a data breach involving medical records, financial information and Social Security Numbers, can be overwhelming and often beyond the scope of an organization’s expertise.
In order to provide organizations with an end-to-end blueprint for addressing a privacy incident, ID Experts developed YourResponse — a patented breach resolution method — to help companies achieve the most positive outcomes for everyone affected in a data breach.
At the core of the ID Experts data breach response process, is a patented, four-stage methodology that includes discovery, analysis, formulation and response. Because all data breach incidents have unique differences, ID Experts uses this rigorous, tiered method that focuses on two often overlooked areas that are crucial to fostering positive outcomes: analysis of the data security incident to determine if it constitutes a data breach, and formulation of a tailored breach response package that is optimized for the risks faced by the affected individuals as well as their special needs.
The YourResponse breach response method includes four distinct stages:
- Discover: digital forensics; root cause discovery, chain of evidence preservation
- Analyze: incident assessment; risk score and regulatory obligations
- Formulate: evaluate demographics/special needs of affected individuals; Develop response package to address needs and risks
- Respond: breach response “mission control”; notification to individuals, regulatory authorities, media; incoming phone and web advisory; identity protection services; identity recovery for victims.