Lost in the haystack: Unraveling the challenges presented by unstructured data when evaluating the impacts of cyber incidents

Much like searching for needles in an ever-increasing haystack, identifying the impact of a data breach can come down to foraging through large volumes of unstructured data.

After touching on why organisations need to analyse unstructured data post-breach, we’ll delve into why it takes so damn long to analyse. We’ll talk about some case studies from different organisations and the sources of unstructured data that can be particularly challenging

We’ll cover the process of analysing unstructured data to identify impacted PI, and talk about some of the approaches that are used to examine PI, including some of the types of tools that are often deployed, and what data processing is involved.

Lastly, we’ll conclude by drawing out the implications of these challenges (analysis is slow, resource-intensive, difficult, and is likely to be incomplete - how should that change our approach?) and suggest some steps we could take towards addressing these issues.