Incident Response to Cyber Attacks

Saved $2.6M
after a cyber attack

Background

Client X is a media and telecommunications company headquartered in the USA. They have over 1000 employees and the executive team at Client X are based in several different offices and jurisdictions across the United States.

Client X has been a customer of Robin AI since 2022. They have engaged Robin AI’s services team to carry out AI-powered review routine documents like NDAs. Their in-house legal team have also leveraged Robin AI’s Legal Assistant as an add-in in Microsoft Word to support day-to-day contract tasks like summarization, proof edits like checking defined terms, and getting ad hoc drafting

Context

Client X was subject to a cyber attack in early July 2024. As a customer of Robin AI, their first instinct was to contact our CEO and Founder, Richard Robinson for insight and guidance in how to handle some aspects of this incident response. The priority was to review, identify and action any obligations in customer contracts to notify in the event of a cyber attack or data breach.

The purpose of acting here quickly was to mitigate any impact on client relationships, and to ensure that any impact to company reputation was mitigated with a swift and comprehensive response.

The CIO of the business led the response to the incident. The proactive, AI-driven approach taken by the business led to the team getting a timely, organised approach to responding to this matter.

Deep Dive on the Contracts

  • Just under 10,000 customer contracts that needed to be reviewed
  • 30 different contract types needed analysis including Supplier Agreements and Master Services Agreements
  • The specific clauses in question were not consistent across every document type - in some instances particular obligations were categorised under data protection clauses, in other contracts the obligations were found in different sections of the contract.
  • The documents were both in PDF and Word formats
  • The contracts were of differing value and strategic importance to Client X.

Deep Dive on the Team involved at Client X

  • 5 Senior Legal Stakeholders were involved in this discrete project that needed to be managed with sensitivity and confidentiality. The General Counsel, Associate General Counsels and the Head of Legal Operations were the only stakeholders involved from the Legal Department.
  • The CIO was managed the oversight and coordination of several aspects of this project. The obligations to notify specific customers were one of the most important considerations as part of this incident response. The CIO ensured that the correct stakeholders were party to the information on a need-to-know basis and engaged Robin AI as a trusted business partner to manage this process quickly and discretely.
  • The CFO was heavily involved in this project, primarily focused on protecting the business reputations and the key customer relationships to ensure as much business continuity as possible and mitigate all risks as a result of the cyber attack.
Managing the Incident Response: Navigating the 10,000 Customer Contracts
  • The objective of the CIO and Legal Team was to produce a summary report of all their legal obligations that related to cyber attacks and data breaches with a particular focus on contracts which included a contractual notification requirement. This would involve analysing the 10,000 customer contracts to search for a range of clause types from Data Security, Notification of Data Breach and other relevant clauses. They would also need to extract the party details, relevant contact information and prepare that in a master table for the wider team to leverage to quickly notify customers.
  • The CIO and Legal Team at Client X identified the most important customer relationships and prioritised the first batch of contracts to review. These relationships were high value, and strategically important relationships to protect in the business. This initial batch of 1,000 top priority customers was the first phase of the work, the contracts were shared with Robin AI and a Report was immediately generated to highlight specific obligations. This enabled the Legal team at Client X to immediately start work on delivering communications to the highest priority customers.
  • The remaining 9,000 contracts were shared with Robin AI with a second Report run to begin the same task with the second tier priority customers.
Delivering a Fast, Timely Response to the Crisis
  • The process began by meeting with the team at Client X to understand the scope of the work that was required, the number of contracts that needed to be analysed, and to get more detail on the exact types of provisions that needed to be able to surface the correct information about obligations. This also involved considerations such as eliminating expired contracts from the Reports. This meeting took place on the same day that Robin AI were notified and work began to support the team at Client X immediately.
  • The Robin AI team leveraged cutting-edge Legal AI models to identify, extract, summarise and organize all of the obligations that related to data breaches, data security, cyber attacks and other relevant information.
  • The initial processing of all the contracts took under 4 hours to complete across thousands of documents, of which the majority were PDFs. This set up the initial groundwork on which the Robin AI team could then leverage the Legal AI tools to begin the process of mapping all of the obligations.
  • With the focus on providing a swift response to Client X, the Robin AI team assembled a core team that were able to completely take this work gathering and collating the relevant provisions from the Legal team at Client X, providing them with a concise, focused Report that enabled the team at Client X to start contacting customers and managing the customers relationships and communications.
  • To ensure a fulsome and complete Report was delivered to Client X, the Robin AI team deployed multiple different Legal AI approaches to ensure that all the documents had been evaluated and reviewed, and ensuring that all the relevant obligations had been captured. The Reports also contained key information such as the contract name, the contract type, contract expiry dates, the relevant text and clauses from the contract and clickable links so that the team at Client X could immediately jump into specific documents if further information was required.
  • The Reports were delivered to the Legal Team at Client X who were then able to deliver all the relevant customer communication and to meet all of their contract obligations.
  • The whole process from the initial notification of the Robin AI team to the complete delivery of both Reports that encompassed nearly 10,000 contracts took 3 days. Throughout this time, the Robin AI team met with Client X to ensure that expectations were being met.

"Without Robin AI, we would have been in an impossible situation. We were blown away with the support, the responsiveness and the professionalism of the Robin AI team. In 3 days, we had all the information that we needed about our contract obligations to notify customers in a clean and simple Report. With all of the supporting information required for our Legal Team, we were able to quickly notify our customers and manage customer communication effectively. This protected our critical customer relationships, enabled the team to deliver a fast incident response, and fundamentally, protected our business reputation. I would encourage all CIOs to look into Robin AI to ensure effective visibility and oversight across contract obligations.” CIO - Client X

Impact for Client X
  • With all the information required to manage their obligations provided in clear, easy-to-read Reports from the Robin AI team, the Legal Team were able to begin work immediately notifying clients and managing communications objectives.
  • Without the partnership with Robin AI, the team at Client X would have taken weeks, if not months to review the documents with the current team. The other alternative would have been to employ external counsel and a team of experts to manually sift through all of these documents.
  • The estimated time per document to identify, extract, summarise the information and to manually populate the tables would have been 45 minutes to 60 minutes per document depending on the length and complexity of different contract types. The conservative time estimate for this task would have been 7,500 hours. Instructing a law firm to carry out this task would have cost the team a minimum of $2,625,000 and the process would have still taken weeks - meaning that obligations would not have been met and client relationships but at risk.
  • Ultimately, protecting the reputation of Client X was paramount in this difficult circumstance. Partnering with Robin AI enabled a cost-effective, fast deployment of a solution that leveraged Legal AI to provide the quickest results, empowered the legal team to deliver the correct notices and enabled early interventions to protect important customer relationships.
Lessoned Learned
  • This challenging experience has highlighted the need to a clear picture of contract obligations across all contract types in the business. With Robin AI’s help, the team were able to meet their obligations, and get better visibility across their contracts. The reality is that most enterprises struggle to get a clear picture of their obligations and struggle to keep on top of various challenges such as knowing which contracts are expired, or where there are multiple contracts agreed with the same counterparty. This experience has deepened the partnership between Client X and Robin AI as they seek to put in place more robust measures to ensure visibility and oversight across all contracts going forward.
  • This process has been a stark insight into the power of Legal AI to provide a faster, more comprehensive approach to the work of identifying, extracting, summarising and collating obligations in a simple and clear way for teams. With the Legal Team and Executive Stakeholders at Client X were operating in a highly stressful period with a huge amount of time-sensitive work - the team had not had much sleep and were at risk of making mistakes had they undertaken the task to do this without leveraging Robin AI. By deploying multiple models and tactics, the Robin AI team were able to accurately ensure that all of the relevant information across all the documents had been captured.
  • For CIOs and executive leaders seeking tools to protect, mitigate and manage risks effectively across their business, partnering with Robin AI provides a route to better oversight and visibility. With cyber attacks and data breaches on the rise (a 73% increase observed from 2021 to 2023 according to Forbes), affecting the world’s largest organisations and enterprises despite significant preventative measures, there’s more importance than ever on finding the right business partners to ensure fast and comprehensive responses to incidents.
Leveraging Robin AI Reports Across Enterprises
  • Whilst the incident response use case is a common trend that the Robin AI team are observing, the Legal AI tools that Robin AI has built have many applications across Enterprises. From due diligence exercises, audits, regulatory compliance exercises and beyond, Robin AI’s Reports Builder enables businesses to build, customise and run Reports to get fast delivery on important business projects. These multi-document Reports projects can be easily managed in Robin AI’s platform, with the ability to run Reports on both Word and PDF documents, and to choose the style of output in either Excel or Word tables. Fundamentally, Robin AI is the most effective way that your business can get a grip on contract obligations without needing to invest significant internal resource or relying on external counsel for support.
  • There are many additional use cases for single document Reports for Legal teams and leadership teams where fast collaboration and alignment is required across businesses. These situations include contract review and analysis - Summary Reports and Material Risk Reports can be accessed from Robin AI’s vast library of customizable templates, or can be built from scratch according to business requirements. These Reports can surface and summarise key terms and provisions in contracts where executives require a fast, digestible overview of the most important information without needing to sift through hundreds of pages of text.
  • Robin AI prioritises building long-standing, trusted relationships and we are committed to moving mountains to support our customers in times of high stress and urgent requirements, such as in circumstances of data breaches and cyber attacks. We understand the pressure on teams, and the need for a fast and comprehensive turnaround. Robin AI has a team of legal specialists, customer success experts and AI experts who can be leveraged to support this work through our professional services.
Note about the Client X

For obvious reasons, our client did not want to be named in this analysis of incident response to a cyber attack. For more information about how Robin AI can support CIOs, CFOs and Legal Team objectives around obligation management and incident response, please contact the Robin AI team.

Focus on the strategic work you do best

Let Robin AI handle the rest