Enterprises embarking on DLP journey primarily does for three key reasons:
To comply to regulatory standards and laws
To reduce the risk from users novice to cyber threats
Internal risk insights mandating investment into DLP, encompassing previous point
DLP defined as data loss prevention, and data leak prevention in information security talks, but both data loss and data leak are two very different terms, by weightage the responsibility of data loss toward an enterprise is much wider and deeper, than data leak which can then be covered with limited set controls
Gaps creeps in DLP
1. For a cut, bandage is a quick fix: On this analogy many customers start with looking for DLP tools in the market. This is instinctual the bandage-on-cut approach. The problem with approach is it does not encompasses the pillar of DLP. Without looking at the pillars the DLP looks only like a tool or in silo solution
2. Limited coverage: Many end users see DLP primarily to protect endpoints, and a few on gateways. While a leak may happen from many controlled and uncontrolled channels such as removable media or through encrypted attachment from email.
3. Compliance formality: Customers are seen onboarding DLP to appear complying to regulatory requirements.
4. Missing Program: DLP is not a bandage-on-cut. It is a cyclical activity which requires constant monitoring, review, and changes. When the program is missing, the DLP sleeps like a tool and only adds to sense of visibility and control, but not real one!
5. Broken processes: Teams responsible for DLP applications only focuses on visibility aspect. Responsibility around the roles are missing. Changes on DLP appears uncontrolled and does not go through change management process. Customers lack proper standard operating procedure, denting whole DLP program
6. Missing KRIs and KPIs: Not having appropriate KPI does not justify the DLP tool’s cost and not have defined KRIs keeps the security management in blind spot to the risks and threats. The KRIs, and KPIs must be added to the DLP program