Katrina Thompson
Data has been king for a long time now, and it probably will be for a very long time. However, the kingdom has spread and protecting data isnāt as straightforward as it used to be. As information fans out across the internet, the cloud, applications, social media platforms, emails, messaging services, and a gaggle of different endpoints, Data Loss Prevention (DLP) is making a resurgence as a category of importance. Once pushed to the back burner, DLP is coming to the fore as a solution not only capable of securing data across a hyper-fragmented ecosystem, but made for it.
Here is some context as to why your security vendor should not only offer but specialize in DLP in 2023.
The Rise, Fall, and Rise of DLP
As Sean Steele, cofounder of Infolock, stated in Forbes, āData loss prevention (DLP) has enjoyed a long and hype-filled life since the early 2000s.ā Back when the internet was young and the perimeter strong, āevery year was āThe Year of DLPā according to one analyst firm or another,ā he opines, and it was a security solution for its time. DLP was made to monitor for straightforward, structured, sensitive data leaving the network via unsafe protocols like HTTP. It was not made to fingerprint data, provide deep context, or trigger automatic responses to mitigate threats. Soon, the gradually evolving technical landscape proved too much for the tool and it declined as a category until Gartner retired the DLP Magic Quadrant (MQ) in 2018.
Everyone from DLP vendors to the CISO of Seattle Public Schools began sounding the death knoll, āDLP is Deadā, commenting on how āDLP is considered a defunct technology by many because of false positives, the death of the business perimeter, and the inability to inspect encrypted content.ā And traditional DLP was certainly on its way out for good reason; said one CISO back in 2017, āI havenāt seen a data loss prevention tool my team canāt bypass in two seconds.ā However, the devilās in the details, and the operative word in this scenario was the word ātraditionalā, although the distinction wasnāt drawn at the time because something new had yet to take its place.
Recently, the security landscape has seen a new generation of pure-play DLP vendors crop up, eager to fill the gaps and right the wrongs of their well-meaning but technologically short-sighted predecessors. Enter next-generation DLP vendors who specialize in data-lineage and chasing security across extremely diversified ecosystems. In other words, next-wave DLP is making a comeback by carving out solutions to problems other security facets havenāt solved.
Problems Other Solutions Donāt Solve
So, what are these unsolvable riddles? Complexity, mostly. And how solutions can continue to secure data as it traipses across the internet, gets sent and stored and seen by almost anybody, and loses its trail among so many unseen transactions before getting lost entirely. āKing Dataā was easy to secure in a palace, especially one with a moat. Now that he is travelling the globe like a circus performer, DLP solutions need to do a lot more to keep up.
Which means itās time for companies to make āData Loss Preventionā its own full-time job again. As Steele recaps, āDLPāas a technologyāhas grown and evolved mightily since its early days. It’s bigger and more deeply integrated than ever before. Itās buried in your cloud productivity ecosystem, a feature of your next-generation firewall, a component of your email security SaaS, key to your zero-trust and SASE plans and central to your XDR providerās service offering.ā A beautiful eulogy ā it’s like DLP never really left us; it lives on in the hearts of our solutions and is a part of everything we do. Gone, but not forgotten.
While that may have been the case, todayās DLP may have something to say about that, especially in a time of transition when data is at its most vulnerable. Now, more than ever, vendors need to step up to the challenge of properly securing data across any ecosystem, and that means dedicating themselves to DLP as its own use case. Shifting technological tectonic plates have created a security vacuum that, so far, cloud service providers, cloud security providers, network security providers, next-generation firewalls, XDR, and SaaS vendors have been unable to agree on how to fill. In 2023, data gets lost in the shuffle, and thereās no easy way to solve that.
But there may be a simple one.
What Modern DLP Brings to the Table
There are two theories of thought. One protects the places that the data is in. The other protects the data itself. And that is the main value add of having a vendor that specializes in Data Loss Prevention specifically. The first methodology is what is in use now, as roughly outlined above, with a pastiche of different solutions Venn-diagraming together to create a defense-in-depth approach. And that is good. But a truly defense-in-depth process would add a layer of security to even that, protecting the data at its core.
In other words, non-DLP strategies arm the guards. Next-generation DLP arms the king.
As security firm Cyberhaven stated, āThe question of whether DLP should be an add-on or a core functionality is becoming increasingly relevant in todayās security landscape. For [some platforms], which primarily focus on extended detection and response (XDR), DLP will mostly take the form of add-on functionality.ā However, they argue that āthe growing importance of DLP in information securityāespecially in hybrid environmentsāsuggests a shift towards making DLP a core functionality.ā
Finding a vendor that specializes in DLP enables you to put a tagging device on your data, as it were. It allows you to then track the lifecycle of your data, classify it, discover its lineage (whose hands it has passed through, when, and in what ways), and unveil its journey in context across multiple touchpoints in the cloud, on-premises, and across endpoints.
Itās like following your friend through a corn maze: you could learn the intricacies of the maze (which expand almost monthly) or fit them with a GPS tracking device instead. The simplicity of this data tracking solution is why modern DLP providers canāt be counted out, and why your next vendor should at least specialize in the ātrendā that doesnāt seem to be going anywhere.
