I see sessions popping up in conferences and articles lately prophesying the demise of DLP and that DLP has run its course and is something companies should avoid. I have to ask a simple question: Why is it when attackers get more creative and cunning that we start doubting our abilities to protect information, people and companies with the capabilities and solutions we already have heavily invested in?
Sometimes I feel like these are security professionals that just like to see their names in lights to quench their egos. Are they serious?!?! It's frustrating to see and hear seasoned professionals making irresponsible remarks even if it's just a ploy to get folks to attend their sessions at conferences or read their silly articles. I know that getting back to basics and making sure you're establishing and implementing the very best controls framework that ensures you have accomplished even a defined level of maturity is not the sexiest or the most interesting, but IT IS NECESSARY!
Many companies have yet to even do the basics from patching, configuration, monitoring, correlation, analysis, IAM, etc. across all the different control objectives. We've been talking about that for years. We have today much of what we need to ensure an effective controls implementation, but many companies have yet to complete even this basic level. Show me a company that has achieved this and then still has problems with attackers or outbreaks or breaches and then maybe we can entertain a failure of this or that control. I would rather see these professionals advocate achievement of a solid a robust security controls program first than start deriding this or that technology.
Important and necessary controls (in addition to effective policies, standards and processes) such as DLP have not even begun to run their course. This capability is just beginning to do a great job well beyond the discovery and protection of the basics such as PII, PCI, HIPAA, etc. It has entered a much needed space of discovery and protection if Intellectual Property, something that is in such demand since the spate of attacks on IP-rich corporations around the world. There needs to be a greater focus from corporations in this area like never before if we want to continue to maintain and expand our preeminence on the world stage.
Before folks start prophesying the demise of this or that control they need to consider: have companies done the best with what they have? Yes or No? If it's No, then start having conference sessions and articles that espouse best practices, how to's, do's and don’ts that advise and educate. There are many security professionals out there that have an abundance of expertise and advise to offer those companies and security professionals that struggle with the basics.
To you all out there, I say, be responsible and work to get everyone to a level of maturity that makes a difference before you start deriding or besmirching or claiming all out failure this or that control or solution!!!
halo guys, below is a link that explain a great deal of DLP concept. http://www.fim.uni-linz.ac.at/Diplomarbeiten/Masterarbeit%20Tore%20Torsteinb%F8%20%282%29.pdf it is very comprehensive document since it is a Thesis for Master Graduate. Enjoy.
Yes Mr. Shaker, that is true I believe DLP is one of the feature that can be utilize when you are on certain sector like in banking and financial services.
Why is that DLP is unpopular ?
Exchange Server 2013 has just implemented DLP features.
Hi Phil, Nice one but have u done any surye/feedback from ppl to get such idea of Death of DLP? What are people thinking?