Data Loss Prevention, or DLP, is a set of systems, processes and technologies that are designed to stop sensitive information from leaving the organisation either maliciously or unintentionally. In general, data can leak from an organisation either by ways as simple as via emails or website forms, or something malicious as being hacked.
As a rule of thumb, DLP strategies and projects must include solutions that monitor, detect and block the unauthorised movement of information. DLP software classifies regulated, confidential, and business critical data and identifies violations of policies defined by organisations.
These are typically driven by regulatory compliance such as PCI-DSS, APRA’s CPS 234, the Office of the Australian Information Commissioner's Notifiable Data Breaches (NDB) scheme, or GDPR. Once those violations are identified, DLP enforces remediation with alerts, encryption, and other protective actions to prevent end users from accidentally or maliciously sharing data that could put the organisation at risk.
According to Gartner estimates, “by 2021, 90% of organizations will implement at least one form of integrated DLP, an increase from 50% today.” The DLP market is not new, but it has evolved to include managed services, cloud functionality, and advanced threat protection, amongst other things. All of this, coupled with the upward trend in giant data breaches, has seen a massive uptick in DLP adoption as a means to protect sensitive data.
Here’s why DLP has grown in use amongst Australian & New Zealand enterprises over the past five years:
The Growth of the Cybersecurity Team and CISO Role: More companies have hired, or are partnering with firms with Chief Information Security Officers (CISOs) and wider cybersecurity teams, including security managers, in place. Business leaders want to know the game plan for preventing data leaks and are seeking wider visibility where their data resides and what the risks are.
Evolving Compliance Mandates: Global data protection regulations constantly change and organisations need to be adaptable and prepared. Recently, Australia has passed legislation to enforce penalties and compliance mandates for businesses that experience a data breach, known as the Notifiable Data Breaches (NDB) scheme. DLP can help satisfy the legislation and any compliance regulations due to its ability to detect data loss and prevent it.
Data Breaches are Increasing in Frequency: Adversaries from nation states, cybercriminals and malicious insiders are targeting sensitive data for a variety motives, including corporate espionage, personal financial gain, and political advantage. DLP can assist in protecting against all kinds of adversaries, malicious or not. Within just the past couple of years, there have been thousands of data breaches in the region and many more security incidents.
There Are More Sources of Data: Increased use of the cloud, complicated application and infrastructure environments, and BYOD devices that admins no longer have full control over has made protecting data more complex. Visibility into the events and context of events that surround your data before it leaves your organisation is becoming more vital in standard business operations.
There is a Higher Volume of Higher Value Data: Sensitive data is often classified as a valuable asset to a business; often this includes various forms of intellectual property and business methodologies. While this information has increased in volume, it’s also fetching a higher price on the dark web, thus creating a financial incentive for data theft.
Internal Security Teams need more Support: Globally, and in Australia too, the cybersecurity market has felt the ongoing pressure of talent shortages. DLP solutions, especially those offered as a managed service, have seen a rise in popularity among Australian cybersecurity providers. These solutions can aid customers through combining cybersecurity talent and tools, including best of breed DLP.