Optus, a large Australian telecoms company, recently became a victim of a significant data breach. The exposed data left one in three Australians at risk of identity theft. Subsequently, many individuals caught up in the breach cannot use their passports for online verification; the DVS (Document Verification Service) blocked passports stolen in the breach. A data breach can have a far-reaching impact because data is a commodity with value. Data is a fluid corporate asset; data is open to risk from malicious external and internal attacks and accidental exposure. As a result, the loss of data can have a far-reaching impact. This fluidity and compounding factors, such as an expanded work environment and cybercriminals’ changing tactics, have complicated data protection.
To help mitigate and manage data loss risks, enterprises use Data Loss Prevention (DLP) measures. However, to keep up with the changing landscape, DLP must also follow the trends. Here is a look at some of these trends and why DLP is moving forward to protect data.
Why data loss and cybercrime lead to DLP innovation
The world of business turns upon data. Organizations create, gather, share, store, and make critical data-based decisions. Importantly, data is a valuable resource that companies are committed to and that cybercriminals want. According to a report by Cymulate, 61% of organizations experienced a data breach in 2021. Of those, 59% suffered moderate to very high damage to IT systems.
Stolen or exposed data becomes part of a circle of cybercrime, with data feeding other cyber-attacks, for example:
- Ransomware attacks, such as the Colonial Pipeline attack of 2021, begin with stolen login credentials. A Forrester report found that 80% of data breachesuse stolen privileged credentials.
- Business Email Compromise (BEC) cost US businesses over $2 billion in 2020, according to the FBI’s cybercrime investigations unit, IC3; BEC scams need data to execute the attack.
- Stolen personal data leads to identity theft that impacts individuals and companies. For example, losses in the USA due to identity theftin 2021 affected 42 million Americans and cost consumers $52 billion.
This circle of cybercrime, driven by data theft, is successful partly because cybercriminals attempt to keep one step ahead of cybersecurity measures. This war of attrition requires cybersecurity tools and preventative measures to handle this complex attack matrix. Data loss prevention solutions and measures must be adaptative enough to deal with this changing landscape. Adaption creates trends and innovations in DLP tools and tactics. Here are some of the most critical trends in DLP to watch out for currently.
Three core trends shaping DLP
A forward-thinking approach to data loss prevention means that you must be aware of the changes in the data, technology, and cybercrime landscape. Three core trends in data loss prevention encompass a holistic view of the problem drawn from data, technology, processes, and people: the core trends begin with visibility that provides the intelligence to create a zero trust environment enhanced by integrated security tools. These three core capabilities offer the essence of a new era in DLP:
Visibility across people, devices, and networks
Remote work has become flexible work, with 58% of Americans working from home at least one day per week in 2022. Flexible or hybrid work environments affect data security because they expand the attack surface and add complexity to data protection. The heterogenous IT infrastructure of the modern cloud-first enterprise increases the risk of data exposure from homework insiders (both accidental and malicious). This environment also makes the visibility of people and devices challenging. Poor visibility can open digital doors for external hackers who find chinks in the expanded network. A 2022 Diligent survey found that 82% of organizations suffering a data breach could link it back to a tech or behavior issue associated with a home work environment. Accidental and deliberate data exposure by employees is an issue across industry that is arguably the most difficult to prevent.
Having 360-degree, full-range visibility across people, devices, and networks is vital for Data Loss Prevention. You can’t control what you cannot see. Therefore, visibility allows an organization to implement more robust data access control. DLP solutions must have visibility capability as either a platform’s core capability or an integrated component. As appropriate, this visibility must extend to home working environments, remote and traveling workers, satellite offices, and even the supply chain. DLP solutions must use intelligent technologies to automate inventory discovery, then classify sensitive data and metadata. This must be a continuous process as data updates and changes.
Zero trust and access control
Visibility is a core requirement needed to make the next trend happen, as it is a necessary pillar to identify suspicious behavior. A report by McKinsey has identified behavioral analysis and contextual heuristics as a core trend in new-era DLP solutions. For example, UEBA (User and Entity Behavior Analytics) uses machine learning algorithms to identify anomalies by comparing network events against a baseline of expected behavior. McKinsey recommends integrating behavioral analysis and contextual heuristics solutions into Identity and Access Management (IAM) solutions to check access events continuously. This capability merger helps create a zero trust environment where data access is never trusted and always verified. This helps to prevent data loss from unauthorized access and prevent the slow exfiltration of data by malware, which often goes unnoticed until it is too late.
Integrated security for 360-degree DLP
UEBA and contextual heuristics with DLP tools are part of the ongoing movement of integrated security. However, preventing data loss is not the job of a point solution. Instead, DLP should be viewed as multiple layers of protection, considering people, processes, and technology. To achieve this, companies should look to integrated security solutions that utilize tools in a symbiotic manner. These tools include:
UEBA: to detect data access from unauthorized access and prevent data loss.
CASB (cloud access security broker): to secure data on hosted applications.
CSPM (cloud security posture management): to prevent data losses due to misconfigured cloud components
API-driven DLP tools: for example, used in Microsoft Office 365 to help prevent accidental data loss. Typically, these tools look for keywords and phrases and use rules to prevent sensitive data from leaving the confines of the enterprise.
Security awareness and phishing simulation platforms: accidental data exposure and clicking on phishing links are behind many data losses. Educating employees on their role in data protection is part of a holistic and integrated approach to DLP.
It is essential in a fast-moving cybercrime and technology landscape to know how these changes affect your organization. Also, knowing what trends impact the measures you take to protect data can help ensure that data remains secure. The latest trends in DLP show a move towards a 360-degree approach, to not only having visibility of what you are protecting but also the ensuring that protection is based on deeply integrated next generation security solutions.