The 2026 NetDiligence Cyber Risk Summit in San Diego was a valuable opportunity to hear how organizations are approaching the risk associated with cyber incidents today. Coming into the event from an eDiscovery and legal services perspective, I was especially interested in the conversations that connected various industry considerations with the legal work that follows a breach.
One panel in particular stood out to me. It focused on Cyber CAT readiness and looked at whether AI can help the industry respond faster when a widespread event affects many organizations simultaneously. This scenario is becoming increasingly difficult due to the volume of data that needs to be reviewed and the strict timelines imposed by different privacy and security regulations.
Where AI Fits in the Process
With the need to scale efficiently when incident volumes spike, AI has a real opportunity to change what breach notification review looks like. The catch is that it needs to be built into tested workflows with human QC at the center so that the speed gained from technology doesn’t come at the expense of defensibility.
Thoughtful GenAI workflows open the door for positive process improvement. The partnership between people and AI can give teams faster insight, and it can make repetitive work more consistent across a large data set.
PII redaction and breach notification review are great use cases because both rely on accurately identifying personal information. Take finding Social Security numbers for example. A human reviewer might miss one, especially in a dense document or after their coffee has worn off during a late-night review. Technology designed to identify that unique pattern, though, will consistently identify it the same way every time (no caffeine required). It’s built to find that data, and that reliability matters.
Tight notification timeframes are another reason AI is reshaping notification workflows. Legal teams may have only 15-30 days to review and identify impacted individuals, and that’s hard to do manually at scale. AI can handle repetitive identification work faster, leaving human teams to focus on QC and actual decision-making.
Human-in-the-loop QC is essential to this process, because it allows teams to confirm that the AI output is performing as expected and adjust the workflow when it isn’t. That validation is what keeps the process grounded. The technology can move quickly, but the review team is vital to ensuring the output is reliable.
Testing Before the Matter Arrives
The Cyber CAT discussion also made a great point about the use of AI in response workflows. AI-enabled tools need to be planned and tested before a widespread event or urgent matter arises.
This is where proof-of-concept work matters. Our Tech Lab has been evaluating AI-enabled technology since 2023, and our team has evaluated over 70 tools to date. Some tools sound promising during a demo but struggle when real-world documents are introduced. Others were built for a different problem, yet they performed surprisingly well for breach notification review once the workflow was adjusted for that particular use case.
While the technology is important, the real difference comes down to the people guiding the tools. Working with a team that understands what a review should accomplish, what needs to be validated, and where the process needs to be refined is paramount.
Additionally, building relationships with trusted partners enables you to refine the technology using proven workflows. If the time comes, you can have more confidence that the tools and the people using them can perform reliably during crunch time rather than treating AI as something that can simply be dropped into a project.
The Bigger Takeaway
The conversations in San Diego made it clear that data breach review is changing, and the bar is rising for everyone involved. Demonstrating that a workflow works in a controlled environment won’t be enough.
Moving forward, clients and carriers will want to see how the technology has performed with real data and how the team behind it has handled moments when the AI got something wrong. That’s the work worth doing now, because the next wave of breach reviews won’t wait for the industry to catch up.
Shane Zelm
Author
Share article:
Since 2008, Shane has supported clients in solving their eDiscovery challenges. During that time, he’s established defensible protocols for in-house legal departments, managed litigation response efforts, and coordinated with outside counsel to lead efficient eDiscovery processes.
Shane specializes in strategic litigation management by bringing together the right people and the right technology to drive early resolutions and inform risk mitigation.