The Dilemma: It’s not if but when for a data breach. When the worst happens, it pays to have the best AI technology
When a company suffered a security incident tied to their CFO’s email they immediately engaged the law firm, Seyfarth Shaw, and noted cybersecurity and digital forensics partner Richard Lutkus. Lutkus is a pioneer in law and technology with significant success in helping clients avoid or clean up costly cybersecurity incidents. He knew he needed a software solution to accurately and efficiently identify all of the compromised PI from the incident.
AI put to the test
Lutkus, who encounters companies struggling with PI identification in the data breach context daily, decided to test the leading solutions for PI identification in the industry for his client. The dataset consisted of 195,000 documents, mostly emails, and attachments.
Lutkus ran the document set through Text IQ’s AI solution and other leading solutions to detect PI for human assessment.
From this challenge, 12,287 documents, post-deduplication, were identified as containing PI. “Text IQ’s AI was so much better at finding the true PI than the other approaches. Ultimately, we completed our review using Text IQ’s results after our sampling and evaluation,” stated Lutkus.
After gaining superiority over the alternative options, Text IQ’s AI solution was tested against other providers of PI identification that utilize AI technology: Microsoft Azure, AWS, and Google. While these cloud providers do not specialize in finding sensitive information like Text IQ, we felt it important to know how well or poorly they perform since their APIs are widely available, and they are extremely popular.
Richard Lutkus of Seyfarth assisted with this test by obtaining the client's approval to utilize the subset of 12,287 documents that had been recently reviewed during a privacy assessment following a security incident. Each of the documents in this subset had undergone AI and human review and was known to include PI.