Those 24hrs after a data breach

Quick Case Study: This is a true story of a crisis that unfolded after a high profile university suffered a data breach. Find out how they were able to manage this crisis in 24 hours and take a proactive approach to mitigating the impact of any future breaches.

All Case Studies

The unfolding of a data breach crisis:

A large university identified that they had been the target of a breach, in which a large amount of information had been exposed. They needed to urgently understand what the scale of their exposure was. The institution contacted Castlepoint on a Friday evening, needing immediate support. Castlepoint was implemented on their network and managing their data by Saturday afternoon.

When timely response and accuracy matter the most:

Castlepoint rapidly registered over 30,000 systems containing more than 7 million items, and then indexed and classified approximately 200 systems in scope of the breach. Our team also rapidly coded a Secrecy Provisions ontology from Acts and Regulations specific to the client, and a Records Authority to identify which of the spilled data was still required to be retained. These rules were applied automatically over all of the data, and identified the full scope of the breach, as well as the impacts in terms of potential civil and criminal penalities, privacy implications, and harm to procedural integrity.

The information was used to inform the executive, and plan the response and recovery. The organisation was able to determine the scope of the breach, as well as the impact in terms of privacy, regulatory breaches, and liability.

Partnering for a proactive approach to prevention:

Castlepoint was then expanded to actively manage 59,000 systems for audit, discovery, and records compliance. Since this incidence, Castlepoint’s platform has enabled the university to take a proactive approach to help prevent and detect breaches, as well as to respond to them in a timely manner. They are now able to meet their data obligations and mitigate the impact of a breach.