It’s Time to Rethink Breach Management | eWEEK | eWeek

It’s Time to Rethink Breach Management

IT infrastructure
Écrit par
eWEEK EDITORS
eWEEK EDITORS
Jun 17, 2022
4 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Security breaches and breakdowns have become an unfortunate fact of life. With the average cost of a security breach reaching $4.24 million, it’s critical to find ways to automate detection and ratchet up protection. What’s more, any breach detection and remediation framework must support a growing array of regulatory obligations, such as GDPR, CCPA, HIPAA, PHI and PCI.

Yet, the path to progress can prove bumpy. Discovering and managing data across growing multi-cloud frameworks, SaaS applications and self-managed data and apps is difficult. Today, it’s necessary to have an intelligent breach response framework that can quickly identify sensitive data and automate a response process. This includes robust reporting and data mapping capabilities, and the ability to visualize data to deliver deeper insights.

Also see: The Successful CISO: How to Build Stakeholder Trust

Beyond the Breach

It isn’t surprising that many organizations struggle to deal with data breaches effectively. The sheer scope of a breach can be enormous.

This includes knowing who is affected by an incident (sometimes referred to as the breach radius) along with the impact of the breach, which regulatory authorities and rules intersect with the event, and whether the response—including notifications—complies with regulations and minimizes the risk of future problems and penalties.

The ensuing chaos can prove devastating. For example, it isn’t unusual for an organization to have data scattered across dozens of cloud services and SaaS applications. This might include AWS RedShift, Athena and DynamoDB; Azure Blobs and Azure SQL Database; and Google Cloud Storage and BigQuery. Elements might also extend into Oracle platforms, SaaS tools such as Salesforce, Slack and Workday, and various self-managed tools, apps and data warehouses.

Without an accurate inventory of assets and a clear view of how data flows, it’s impossible to identify the entire attack surface and know what data was affected by a breach. This, in turn, undermines the remediation process. Typically, organizations require advanced metadata such as:

  • Instance properties.
  • Data owners.
  • Information about who has access to various assets.
  • Data retention policies.
  • Any kind of cross border transfers that are taking place.
  • The associated contract clauses or data protection mechanisms.

But the challenges don’t stop there. An organization must also understand what type of data is processed or stored within various assets and repositories. This includes whether data is encrypted or unencrypted, whether it’s sensitive biometric or personal data, and what regulatory category it falls into, including PHI, PCI, HIPAA or GDPR. An enterprise must have a way to discover and classify all this data, inform the response team, and track progress as the resolution process unfolds.

To be sure, there’s a need to manage data discovery across structured and unstructured systems, build visualizations and graphs across all affected systems, and view a map with each shred of personal information. What’s more, it’s necessary to extract and analyze data subject types and data element types along with clear-text personally identifiable information (PII) of each impacted user by jurisdiction.

Also see: Best Website Scanners 

Key Steps to Manage or Prevent Data Breaches

One of the most common problems for organizations after a breach is pulling together all the elements required for an effective response. This includes discovering specific personal data elements that were compromised or stolen, including in unstructured systems, identifying actual risks, and matching everything to particular jurisdictions and analyzing the actual risk.

Meanwhile data silos must be assembled into a complete picture—quickly and effectively. Here artificial intelligence and machine learning can spot patterns that humans can’t see. This includes delivering reliable information for navigating the breach and notifying those affected by it based on regional context.

Here are some key steps to effectively manage or prevent data breaches:

  • Generate a report that clearly displays all compromised accounts, individuals and data. For individuals, this includes personal contact information that’s needed to deliver accurate and timely notifications.
  • Identify regulatory obligations.
  • Use templates to generate accurate breach notifications in a timely manner. These must reach across jurisdictions and regulatory authorities.
  • Make sure to use secure messaging capabilities to share information and incident status between incident owners and those reporting events.
  • Simulate and test breach and incident risk assessments, and response processes before a breach takes place.

By combining and automating all the elements required to handle a breach—and breach notifications—it’s possible to gain control over potentially devastating events. While there’s no way to completely sidestep the danger of a breach, it is possible to manage it in the best possible way.

About the Author: 

Vivek Kokkengada, VP of Products, Securiti

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.