As recent high-profile data breach victims have discovered, the increased sophistication of today’s cyberattacks makes them more difficult to thwart and tougher to contain once they occur. Sophisticated attacks demand sophisticated defenses, and today, data loss prevention (DLP) is among the new generation of protective measures that is proving it’s up to the task, especially when it’s deployed as part of a multi-layered security strategy.
For organizations entering 2023 feeling confident they won’t become the latest victim of a costly data breach, IBM provides this sobering dose of reality: “For 83% of companies, it’s not if a data breach will happen, but when. Usually more than once,” the company warned in announcing findings from its 2022 Cost of a Data Breach report.
What’s more, data breaches that occur in the U.S. (via ransomware attacks, etc.) exact a higher cost on their victims — $9.44 million per incident — than anywhere else in the world, according to IBM.
Cybercriminals lurk around every corner, testing network surfaces and IT systems for vulnerabilities that could enable them to access an organization’s most valuable assets, including its intellectual property, sensitive business information such as financial metrics and customer data. They could also access sensitive personally identifiable information (PII) or personal health information (PHI) from employees and/or customers.
For many organizations, DLP is the most efficient way to protect the movement of information to and from enterprise assets. Gartner defines it as “a set of technologies and inspection techniques used to classify information content contained within an object — such as a file, email, packet, application or data store — while at rest (in storage), in use (during an operation) or in transit (across a network).” DLP protects sensitive data and file types by scanning all traffic to and from enterprise assets and taking action as dictated by rules-based policies, such as to block any downloads of credit card information in Office365, for example, or to enable only designated members of a research & development team to download certain source code files.
DLP typically is delivered as one component of more comprehensive security strategies known as secure access service edge (SASE) and security service edge (SSE), working alongside such measures as firewall as a service (FwaaS), secure web gateway (SWG), cloud access security broker (CASB) and zero trust network access (ZTNA) to protect a network and the assets connected to it. It’s also a tool organizations are using to support compliance with the payment card industry (PCI) data security standard and the Health Insurance Portability and Accountability Act (HIPAA).
Whether an organization is completely cloud-enabled or uses a hybrid of cloud and on-premises systems, in today’s threat environment it’s a good idea to keep close tabs on the latest cybersecurity tools that are available, like DLP and, on a more complete scale, SASE or SSE, and determine whether they’re a good fit depending on risk profile and resources.
When evaluating DLP alongside other cybersecurity solutions, security leaders should consider how much responsibility for monitoring, managing and applying cybersecurity capabilities should reside within internal IT and data-management teams:
- Does it make the most sense from a resource and expertise standpoint to oversee all that internally, or hand some or all of it over to a managed security provider?
- How does DLP compare with other security capabilities? In the case of DLP, the solution should be capable of handling any and all the types of data an organization is likely to touch or store, for example. Organizations that still rely on on-premises applications hosted from a physical data center may want to prioritize a DLP solution that covers all traffic to all enterprise assets, including on-premises applications.
- Check to see if the DLP solution applies zero trust principles in situations where no specific rules have yet been applied for a particular application and the data it holds. This is an important backstop to protect potentially sensitive content before its risk has been fully evaluated.
With data breaches having increased 70% in the third quarter of 2022 compared to the prior quarter, according to the latest figures from Surfshark, now is the time for organizations to consider next-gen solutions for securing information.