Extract from Emily Johnston’s article “3 Essential Tips to Prepare Corporations for Post-Breach Data Mining”
Cyber incidents are on the rise. If your corporation were to experience a data breach, would you be prepared to notify impacted individuals? Here are three actions your company can take today to streamline post-breach data mining.
What Is Post-Breach Data Mining?
Post-breach data mining is the process of analyzing data after a cyber incident to identify whose information has been compromised. Corporations are required to notify affected individuals or entities within 30 to 60 days, which can be challenging if there is a substantial amount of unstructured data (like emails, documents, or other non-database formats) to sort through. Advanced data mining techniques are required to sift through and identify this sensitive information.
Post-breach data mining is important to corporations for several reasons:
- Accurate notification:Â Post-breach data mining ensures individuals and entities whose data has been breached are sent accurate and timely notifications.
- Compliance with regulations:Â Many data privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), mandate that companies inform individuals when their data has been compromised. Post-breach data mining helps ensure compliance with these regulations by identifying who needs to be notified.
