Where Have All the DLP Vendors Gone?

Ten to twenty years ago, Data Loss Prevention (DLP) was in its prime. Now, it’s been five years since Gartner eradicated the DLP Magic Quadrant and the landscape has definitely changed

Ten to twenty years ago, Data Loss Prevention (DLP) was in its prime. Now, it’s been five years since Gartner eradicated the DLP Magic Quadrant and the landscape has definitely changed.

But has it been for the worse? You can’t tell me data still doesn’t need to be protected – especially now – so where have all the DLP vendors gone?

They’ve Gone Underground

Well, to explain this scenario, it’s going to take a little backstory. DLP providers hit their heyday in the early 2000s when there was still a data perimeter, and the cloud wasn’t (yet) ubiquitous. Data Loss Prevention products were designed to monitor for sensitive, pretty-much structured data leaving the network via bad protocols (SMTP, HTTP). Easy.

Then came the cloud (in full force), AI, bot-based traffic, petabytes of data, convoluted digital supply chains and more complicated, distributed and fragmented environments to protect. No longer easy.

Simple DLP couldn’t keep up, so it had to change. In many cases, DLP providers and their offerings got swallowed up by bigger, more expansive strategies that could keep pace with the modern era. These included:

  1. Data Risk Management (DRM): Also known as data security governance (DSG) or information governance (IG), Data Risk Management is a comprehensive approach that re-evaluates how people, technology and processes work together to protect data. DLP features as part of the technology component, leaning also into processes.
  2. Secure Service Edge (SSE): SSE secures access to cloud services, private applications, and the web. Introduced by Gartner in 2019, it’s the single-platform solution to cloud scalability, combining both networking and security technologies. DLP is touted as an SSE feature, enabling data classification within an object (usually a file) anywhere across the network; in storage, in use, in motion. DLP capabilities limit the flow of sensitive data based on these policies and extend protections in real-time.
  3. Data Detection and Response (DDR): DDR all but swallowed Data Loss Prevention whole. The main problems with traditional DLP were failure to accurately identify bad (too many false positives), non-engaged DLP prevention features (to avoid more false positives), and the need for on-premises software (instead of the cloud). Data Detection and Response solved those issues by locking down data lineage; the ability to track a piece of data anywhere it goes and through whoever’s hands it passes. This paradigm shift allows for granular DLP where only general was a possibility before. With DDR, protections don’t rest with the network or data storage area but on the data itself.

They’ve Evolved

With so many ways to add DLP policies to the features list, it’s understandable that the category would begin to lose its shape. However, DLP solutions still remain. Those still in the pure-play DLP space have just had to adjust their strategy. To stay relevant for a post-perimeter era, capabilities had to change significantly. Those changes have made it more integrated, better able to play well with others, more advanced, more savvy, and more aware of its own limitations.

Some evolutions (and improvements) in next-generation DLP technologies now include:

  • Pinpoint remediation, or the ability to fix precise instances of data leakage without compromising performance across the whole app
  • Data lineage, or the ability to trace every piece of data to its origin and through any copies, pastes and relocations
  • Fewer false positives due to an enhanced ability to analyze and correlate contextual clues
  • Cloud-based DLP, or the thing the category was lacking; the ability to keep up in a cloud-based environment.
  • Leveraged AI is one of the key indicators that allows current DLP solutions to force-multiply the way they have. No longer low-powered when it comes to sifting through masses of network traffic, current DLP solutions can use AI to detect behavioral patterns and reduce false positives.
  • Machine learning to identify sensitive information and Personally Identifiable Information (PII)

They Never Left

All in all, those who cut their teeth doing straightforward-DLP are still putting their knowledge to good use. It may no longer be the ‘category of the year’, but protecting data never goes out of style. In fact, it’s the reason for the industry as a whole; to protect enterprises so they can prevent the data they carry from ending up in the wrong hands. However, the nature of the beast has changed and DLP has had to change along with it.

There may not be a Magic Quadrant, but solutions that prevent data loss in 2023 still have a few key calling cards. You’ll know today’s DLP vendors (or their derivatives) because they can:

  1. Monitor, track and secure the data itself (data lineage), not the storage location
  2. Identify and protect sensitive information in the cloud and across distributed environments
  3. Use AI and ML to reduce false positives within large swaths of traffic

So, to answer the question: where have all the DLP vendors gone? They never left. They – like DLP today – just look a little different.

An ardent believer in personal data privacy and the technology behind it, Katrina Thompson is a freelance writer leaning into encryption, data privacy legislation and the intersection of information technology and human rights. She has written for Bora, Venafi, Tripwire and many other sites.

This content was first published by KISS PR Brand Story. Read here >> Where Have All the DLP Vendors Gone?

Source: Story.KISSPR.com
Release ID: 708905