Date: 16 September 2023
Securing data is still top of mind, even though “data loss prevention” as a category is phasing out. Just look at the writing on the wall; as far back as 2018, Gartner extinguished the DLP Magic Quadrant, leaving the field open to other, newer solutions that could do the trick (only do it better).
While the reason for the DLP demise is a simple (and sad) story, the good news is that there are far more bespoke solutions for securing your data in 2023.
Let’s get into them.
1. Secure Service Edge (SSE)
This technology secures access to the web, cloud services, and private apps. SSE creates a single platform solution that combines both network and security architecture to prevent data loss in the cloud.
It lets you secure your data even as cloud reliance scales, making it a data protection tool of the modern era. Traditional methods of data protection (like DLP) found this a common Achilles heel, so SSE fills in a very important gap critical to how 94% of businesses run today.
2. Data Risk Management (DRM)
Also known as Information Governance (IG) or Data Security Governance (DSG), DRM is a comprehensive strategy built to protect your data across multiple digital estates. Again, a product of its time as we are straddling hybrid and cloud, in-office and remote, virtual storage and physical servers, and more.
Combining people, processes and technologies, DRM is an overarching view that takes in specific data protection points (like next-generation DLP) as part of its approach. It encompasses executive buy-in, employee awareness training, data classification and segmented protection, and more. Its critical feature is that it, too, extends beyond network-driven policies and takes in the modern digital enterprise (including non-technical assets) as a whole.
3. Insider Risk Management (IRM)
Insider Risk Management acknowledges the significant danger of insider threats. As of 2023, 34% of companies around the world are affected by insider threats, and 30% of bankruptcies are due to employee theft.
A data protection strategy calibrated for the times needs to take this into account, be it with specific policies or with technology capabilities that transcend internal/external boundaries. IRM does this by monitoring user interactions with sensitive data and flagging bad behaviour.
4. Integrated Next-Generation DLP capabilities
Wasn’t DLP out? Yes. But next-generation DLP capabilities are very, very in. They can be found as part of the wider strategies mentioned throughout the rest of this list, and they deserve a specific call-out.
The differences between old and new features are as follows:
- Old DLP was limited to detecting bad by signatures and known bad protocols (SMTP, HTTP). New DLP vendors leverage AI and heuristics to catch behavioural-based threats and go beyond delivery method
- Old DLP was constrained by traffic amount (think pre-big data era) and clearly defined parameters (or, perimeters). New DLP can ingest large amounts of data and operate across new and evolving ecosystems (the cloud, international software supply chains, VPN-reliant remote workstations built on effective VPN comparison).
- Old DLP relied on content analysis alone and generated a lot of false positives, wasting analysts’ time. Next-generation DLP capabilities (as found in Data Detection and Response (DDR)) combine content analysis with pinpoint tracking of data points, achieving the same outcome that content analysis used to before data got big. This cuts the noise and allows data loss protection to scale.
5. Data Detection and Response (DDR)
This is the newest kid on the block, and deserving of at least an honest amount of consideration. You already know about “detection and response”, or the –DR denominator at the end of so many solutions today (EDR, NDR, XDR, so on).
Now, Data Detection and Response has shifted next-generation data loss prevention strategies into that category, and carried it a step further. The notable difference? Data lineage. That means every piece of data is tracked, monitored, and traced back to its roots. If an employee copies a piece of source code and slips it into Slack? Caught. If an all-hands meeting gets leaked on the web (pre-launch trade secrets and all)? Caught. These are nebulous, non-linear forms of data leakage that were previously hard to detect because the industry was protecting the bucket, not the data. Now that the buckets have become so convoluted (a la the cloud, remote environments, so many online platforms, messaging apps, tons of email, virtual storage spaces, etc.) a data tracking system was needed. And that’s why DDR crowns this list.
The Writing on the Wall
If I could put my money on one as the harbinger of things to come, I’d say DDR has the most potential to go big in the next few years. It’s adopted a strategy that seems to portend what we’re going to see more of in the digital data detection space going forward – zero-trust based on the asset, identity, or device (not the bucket, network, or perimeter).
You see this trend in next-generation IAM models, in AI-driven network protection tools, and now, here.
As the digital world becomes more interconnected and cybercriminals become more creative, security is in the process of evolving. We as practitioners need a tighter hold on what we do with our data and how we monitor its movements. Data is the world’s oil, and no expense is spared to get a hold of it. That’s why it’s important for companies to level-up their data defence mechanisms with 2023-relevant tactics and spare no expense to make sure it’s safe.
About the Author: An ardent believer in personal data privacy and the technology behind it, Katrina Thompson is a freelance writer leaning into encryption, data privacy legislation and the intersection of information technology and human rights. She has written for Bora, Venafi, Tripwire and many other sites.
