Why Your Vendor Should Specialize in DLP in 2023
Data has been king for a long time now, and it probably will be for a very long time. However, the kingdom has spread and protecting data isn’t as straightforward as it used to be. As information fans out across the internet, the cloud, applications, social media platforms, emails, messaging services, and a gaggle of different endpoints, Data Loss Prevention (DLP) is making a resurgence as a category of importance. Once pushed to the back burner, DLP is coming to the fore as a solution not only capable of securing data across a hyper-fragmented ecosystem, but made for it.
Here is some context as to why your security vendor should not only offer but specialize in DLP in 2023.
The Rise, Fall, and Rise of DLP
As Sean Steele, cofounder of Infolock, stated in Forbes, “Data loss prevention (DLP) has enjoyed a long and hype-filled life since the early 2000s.” Back when the internet was young and the perimeter strong, “every year was ‘The Year of DLP’ according to one analyst firm or another,” he opines, and it was a security solution for its time. DLP was made to monitor for straightforward, structured, sensitive data leaving the network via unsafe protocols like HTTP. It was not made to fingerprint data, provide deep context, or trigger automatic responses to mitigate threats. Soon, the gradually evolving technical landscape proved too much for the tool and it declined as a category until Gartner retired the DLP Magic Quadrant (MQ) in 2018.
Everyone from DLP vendors to the CISO of Seattle Public Schools began sounding the death knoll, “DLP is Dead”, commenting on how “DLP is considered a defunct technology by many because of false positives, the death of the business perimeter, and the inability to inspect encrypted content.” And traditional DLP was certainly on its way out for good reason; said one CISO back in 2017, “I haven’t seen a data loss prevention tool my team can’t bypass in two seconds.” However, the devil’s in the details, and the operative word in this scenario was the word “traditional”, although the distinction wasn’t drawn at the time because something new had yet to take its place.
Recently, the security landscape has seen a new generation of pure-play DLP vendors crop up, eager to fill the gaps and right the wrongs of their well-meaning but technologically short-sighted predecessors. Enter next-generation DLP vendors who specialize in data-lineage and chasing security across extremely diversified ecosystems. In other words, next-wave DLP is making a comeback by carving out solutions to problems other security facets haven’t solved.
Problems Other Solutions Don’t Solve
So, what are these unsolvable riddles? Complexity, mostly. And how solutions can continue to secure data as it traipses across the internet, gets sent and stored and seen by almost anybody, and loses its trail among so many unseen transactions before getting lost entirely. “King Data” was easy to secure in a palace, especially one with a moat. Now that he is travelling the globe like a circus performer, DLP solutions need to do a lot more to keep up.
Which means it’s time for companies to make “Data Loss Prevention” its own full-time job again. As Steele recaps, “DLP—as a technology—has grown and evolved mightily since its early days. It’s bigger and more deeply integrated than ever before. It’s buried in your cloud productivity ecosystem, a feature of your next-generation firewall, a component of your email security SaaS, key to your zero-trust and SASE plans and central to your XDR provider’s service offering.” A beautiful eulogy – it’s like DLP never really left us; it lives on in the hearts of our solutions and is a part of everything we do. Gone, but not forgotten.
While that may have been the case, today’s DLP may have something to say about that, especially in a time of transition when data is at its most vulnerable. Now, more than ever, vendors need to step up to the challenge of properly securing data across any ecosystem, and that means dedicating themselves to DLP as its own use case. Shifting technological tectonic plates have created a security vacuum that, so far, cloud service providers, cloud security providers, network security providers, next-generation firewalls, XDR, and SaaS vendors have been unable to agree on how to fill. In 2023, data gets lost in the shuffle, and there’s no easy way to solve that.
But there may be a simple one.
What Modern DLP Brings to the Table
There are two theories of thought. One protects the places that the data is in. The other protects the data itself. And that is the main value add of having a vendor that specializes in Data Loss Prevention specifically. The first methodology is what is in use now, as roughly outlined above, with a pastiche of different solutions Venn-diagraming together to create a defense-in-depth approach. And that is good. But a truly defense-in-depth process would add a layer of security to even that, protecting the data at its core.
In other words, non-DLP strategies arm the guards. Next-generation DLP arms the king.
As security firm Cyberhaven stated, “The question of whether DLP should be an add-on or a core functionality is becoming increasingly relevant in today’s security landscape. For [some platforms], which primarily focus on extended detection and response (XDR), DLP will mostly take the form of add-on functionality.” However, they argue that “the growing importance of DLP in information security—especially in hybrid environments—suggests a shift towards making DLP a core functionality.”
Finding a vendor that specializes in DLP enables you to put a tagging device on your data, as it were. It allows you to then track the lifecycle of your data, classify it, discover its lineage (whose hands it has passed through, when, and in what ways), and unveil its journey in context across multiple touchpoints in the cloud, on-premises, and across endpoints.
It’s like following your friend through a corn maze: you could learn the intricacies of the maze (which expand almost monthly) or fit them with a GPS tracking device instead. The simplicity of this data tracking solution is why modern DLP providers can’t be counted out, and why your next vendor should at least specialize in the “trend” that doesn’t seem to be going anywhere.