1 Introduction / Executive Summary
Data Leakage or Loss Prevention (DLP) technologies remain as relevant as when they were first introduced. In fact, they may be more important now than they have ever been because not only has data theft become more prevalent as organizations have become increasingly reliant on IT to conduct business and exchange information, but the DLP technologies designed to prevent data from falling into the wrong hands have also evolved.
Increased reliance on IT and the expansion of the attack surface due to the adoption of cloud-based and mobile computing, means that never before has it been as important for organizations to ensure that sensitive data is not lost, misused, mistakenly deleted, or accessed in an unauthorized way.
In modern business, data is widely considered to be one of the greatest assets. Data is money, and for this reason it is relentlessly targeted by cyber criminals and other malicious actors for purposes of financial gain and cyber espionage. No organization can say it is immune from being targeted in this way because, at the very least, they will hold valuable personally identifiable information (PII) of employees, partners, and customers.
It is therefore important for all organizations to have the means to discover, monitor, and protect data by detecting potential data breaches and blocking exposed sensitive data whether it is in use at an endpoint, in motion across a network, or at rest in some form of data storage.
The main aim of DLP is to improve information security and protect sensitive business data by:
- Preventing end users from moving key information outside the network, intentionally or unintentionally.
- Enforcing the Policy of Least Privilege (PoLP).
- Monitoring data that is accessed and shared by end users.
- Educating end users about best practices for data protection.
DLP is also aimed at ensuring organizations comply with data protection regulations and are not exposed to fines or reputational damage. Data breaches involving PII feature frequently in news headlines, costing organizations a great deal in terms of remediation, fines, and lost business.
Another important aim of DLP is to ensure organizations’ intellectual property is protected. This includes copyrights, patents, trademarks, and trade secrets, such as formulas, processes, designs, and information that a business relies on to maintain a competitive advantage. Where organizations license their IP to other organizations, there needs to be a means of ensuring the protection of that IP through access control policies.
DLP solutions, therefore, typically classify regulated, confidential, and business critical data and identify violations of policies that are usually driven by compliance with a growing number of regulations such as GDPR, CCPA, Sarbanes-Oxley, HIPAA, and PCI-DSS. Once data protection policy violations are identified, DLP solutions enable remediation through alerts, encryption, and other protective actions to prevent end users from accidentally or maliciously sharing data that could put the organization at risk.
DLP solutions monitor and control endpoint activities, filter data on corporate networks, and monitor data in the cloud to protect data at rest, in motion, and in use. DLP also provides reporting to meet compliance and auditing requirements and identify areas of weakness and anomalies to support incident response activities and continual improvement of data protection policies and practices.
Adoption of modern DLP solutions is being driven by:
- The rise in importance of the CISO role and their ability to outline a plan for preventing data breaches.
- A growing number of data protection regulations.
- The expansion of IT environments to include mobile, edge, and cloud computing.
- The increased adoption of home working/hybrid working post Pandemic.
- The increase in data breach threats due to nation state sponsored cyber-attacks.
- An uptick in cyber espionage, targeting personal information, credentials, and IP.
- The rapid growth in the amount of data organizations are producing.
- The lack of security talent around the world, leaving many organizations under-resourced when it comes to data protection.
The top findings of this Leadership Compass on DLP are:
- DLP remains relevant due to increased reliance on IT and data protection regulations.
- It is important for all organizations to be able to prevent the leakage of sensitive data.
- DLP is key for data security, regulatory compliance, and IP protection.
- The DLP market is mature, but still growing and evolving.
- Mature players are innovating to keep up with newer entrants.
- There is increasing demand for DLP, including from small businesses.
- Key differentiators in the DLP market segment are coverage, ease of use, insider threat protection, and incident support.
- Innovation by vendors in this market segment is focused on cloud DLP, user experience, and the use of ML and other AI technologies.
- DLP solutions are becoming increasingly available as cloud-based services and managed services to address market needs in terms of flexibility, cost, and skills.
- The Overall Leaders in Data Leakage Prevention are (in alphabetical order): Broadcom (Symantec), Fortra’s Digital Guardian, Forcepoint, and Proofpoint.