Blog Post

Q&A: IQ.AI in Data Breach Response

  • LinkedIn icon
  • X/Twitter icon
  • Print icon

The incidence, frequency and severity of data breaches are increasing steadily year over year and the average total cost of breach detection and escalation exceeded $1.58 million per breach last year. In the wake of a breach, organizations are often under pressure to quickly analyze large datasets to investigate what happened and understand the extent of sensitive and personal information that was exposed. FTI Technology provides expert-led consulting, services and solutions to support clients during high stakes data breach response. This includes IQ.AI by FTI Technology, artificial intelligence solutions that include a proprietary combination of workflows and expertise for applying industry-leading AI technologies in legal and regulatory matters. 

IQ.AI for Data Breach enables the quick identification and extraction of personally identifiable information, personal health information and other sensitive data for breach response and data protection compliance during legal and regulatory document productions. In this Q&A, Senior Director Roby Benn discusses how IQ.AI complements FTI Technology’s expert-driven analytic workflows for data breach response. 

Roby, as a starting point, will you explain some of the key challenges clients face when responding to a data breach?

Among the most burdensome aspects of breach response are identifying the data that was affected, confirming whether the breach exposed commercially sensitive information, and determining whether notices must be issued to data subjects, customers or partners. Depending on the scale of the breach, large volumes of data may be in scope, spread across numerous systems, cloud sources and locations. For clients subject to regulatory requirements like an industry-based privacy law (e.g., Health Insurance Portability and Accountability Act) or a state-based privacy (e.g., California Consumer Privacy Act), understanding the extent of data impacted is critical to meeting regulatory requirements and, where applicable, informing the authorities about the incident. 

Given that sensitive information and legal and regulatory exposures can be at stake, these incidents are stressful for clients and often carry a great deal of urgency. 

Experts within FTI Technology have supported dozens of clients with data breach response matters. What are the core elements of our approach? 

At the outset, we partner with clients to provide scoping and analysis to determine data requiring deeper scrutiny for the presence of personally identifiable information and sensitive business information. Our experts conduct advanced analysis to determine priority categories of interest, so we can help our clients get to the most sensitive and urgent items as quickly as possible. Using analytics and machine learning workflows, we’re able to quickly reduce the large data sets and home in on the documents we’ve identified as likely containing personally identifiable information and sensitive business information, which allows document review teams to be more efficient. 

Another key element of our approach is to help our clients leverage these crisis events as learnings that can feed into continuous improvement for their internal controls and processes. Experts from our Information Governance, Privacy & Security practice will evaluate records retention and disposal policies to reduce the amount of information stored within the organization, reducing the overall surface for potential exposure in a future breach. Additionally, clients can obtain a better understanding and mapping of the systems that contain personal and sensitive information, so it can be better protected moving forward. 

So, how does IQ.AI integrate with these workflows? 

IQ.AI for Data Breach enhances data mining capabilities and when combined with our expert-led approach can transform the way we identify, extract and analyze sensitive data. For example, using IQ.AI, our teams can accelerate the process of detecting, prioritizing, processing and reviewing sensitive and special category personal data including documents with obscure forms of personally identifiable information, multilingual data and challenging documents such as images, handwritten materials and poor quality scans. The technology is particularly strong in accurately identifying and extracting specific categories of data that are otherwise challenging for analytic tools to find (e.g., birthdates and social security numbers), which makes the process of understanding the extent of data impacted in a breach much faster.

Automated data enrichment provided by AI can support quality control and accuracy, ensuring precision and consistency for compliance, reporting and downstream analysis. By summarizing findings and constructing chronologies, IQ.AI also helps our teams efficiently generate reports that align with industry- and jurisdiction-specific regulatory reporting requirements. Ultimately, it’s enabling faster and more cost-effective data breach response, without sacrificing accuracy.

How is this different from what other providers bring to the table?

There are numerous attributes that set our approach and IQ.AI apart. Everything we do is led by our experts who have deep expertise in data breach, privacy regulations, e-discovery and analytics. Within IQ.AI specifically, our team of AI engineers and data scientists have carefully crafted our solutions to address the unique challenges of incident response data mining, ensuring they are tailored to the specific needs of these unique matters.

IQ.AI is also designed to integrate seamlessly with our existing incident response services, ensuring a cohesive and efficient response to incidents at any scale and virtually anywhere in the world.

Do you have any examples of IQ.AI being used in a data breach matter?

Yes, we’re already using this consistently in practice. In a significant cyber incident impacting tens of thousands of companies, we leveraged IQ.AI to identify personally identifiable information, sample data and rapidly triage compromised email accounts in the U.S., Europe and Asia Pacific. The workflows reduced the review set to only 1% of the original dataset, enabling focused extraction and reporting on the highest-risk special category data. 

In a separate matter following a ransomware attack affecting 2 million individuals, we provided advanced AI-driven risk analysis and strategic data minimization for structured and unstructured data across a population of more than six terabytes. With IQ.AI, our team narrowed the review to 0.3% of the original set, enabling a rapid response. This helped the client preserve essential infrastructure operations and meet urgent regulator demands within a highly compressed timeframe. 

Do you have anything else to add?

By integrating IQ.AI into our incident response and data mining services, we’re demonstrating our commitment to delivering unparalleled results, efficiency and cost savings to our clients. Whether a client is facing a data breach, cyberattack or other sensitive incident, our expert team and cutting-edge technology can be tailored to enable a quick and effective response. 

Related topics:
Artificial Intelligence

The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.

Related Solutions