ID Experts Develop Methodology for Data Breach Response

  • By Dian Schaffhauser
  • 09/19/12

A company that specializes in helping organizations deal with the fallout from a data breach has developed a methodology for dealing with a security incident. ID Experts' YourResponse provides processes and tools for analyzing and responding to a data breach incident that will result in, as the firm said in a statement, "the most positive outcomes."

The methodology guides the affected organization through four phases in order to determine whether notification is required:

  • Discovery, encompassing digital forensics; root cause discovery, and chain of evidence preservation;
  • Analysis, to perform incident assessment; risk score, and regulatory obligations;
  • Formulation of response, to assess demographics and the special needs of affected individuals in developing a response program to address needs and risks; and
  • Response, a program that maps out notification to individuals, regulatory authorities, and the media, develops advisories for incoming phone and web inquiries, identifies identity protection services, and manages identity recovery for victims.

"Too often companies try to handle data breaches themselves, which is just like a patient performing their own appendectomy," said Bob Gregg, CEO of ID Experts. "We created the YourResponse method in order to make data breach response more science than art. By using it, we have the highest customer satisfaction of any data breach solutions vendor."

"ID Experts was the cornerstone for our response. Their expertise and leadership helped us navigate the crisis and respond in a timely, organized, and thoughtful manner to our students, faculty, staff, and community," said Carl Powell, CIO of Eastern Michigan University. The university has suffered through two data breaches in recent years. In 2010 the institution reported that a server containing passwords and PINs for students and staff had been hacked. In 2011 two student employees were accused of misusing personal information from the records of other students housed in the offices where they worked.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • glowing digital brain interacts with an open book, with stacks of books beside it

    Federal Court Rules AI Training with Copyrighted Books Fair Use

    A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.

  • server racks, a human head with a microchip, data pipes, cloud storage, and analytical symbols

    OpenAI, Oracle Expand AI Infrastructure Partnership

    OpenAI and Oracle have announced they will develop an additional 4.5 gigawatts of data center capacity, expanding their artificial intelligence infrastructure partnership as part of the Stargate Project, a joint venture among OpenAI, Oracle, and Japan's SoftBank Group that aims to deploy 10 gigawatts of computing capacity over four years.

  • laptop displaying a phishing email icon inside a browser window on the screen

    Phishing Campaign Targets ED Grant Portal

    Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal.