Content analysis underlines DLP's strategic scope

Content analysis underlines DLP's strategic scope

Tags:   CA  content analysis  DLP  Enterprise Data Governance  Identity and access management

By Khoo Boo Leong | Jun 25, 2009

Data loss prevention or DLP as we know it today is poised to embrace a broader, more strategic scope as organizations tap content analysis capabilities to address not only security concerns but also knowledge management (KM) and information governance needs.

“DLP is the next step in identity and access management (IAM) and we’re starting to hear terms like content-aware IAM which combines IAM and DLP,” said Gijo Mathew, vice-president of Data and Resource Protection Security Strategy at CA. “Unfortunately, the global view of DLP is basic and limited because the term DLP only describes one use case but not the technology’s potential for broader prevention of data misuse and abuse.”

Up till now, DLP has been predominantly a security-driven initiative entrenched in the security professionals’ world. When defining sensitive corporate data, these professionals readily include obvious information like employee social security and ID or customer credit card numbers.

But to business managers, less tangible information like intellectual property or sales and marketing intelligence is as, if not, more important. “Such information is much harder to find and analyze,” said Mathew. “As a result, the security professionals have mainly stuck to basic DLP [on employee or customer data].”

Beyond basics

"Yet, many organizations are moving beyond this basic level or what I’d call Phase 1 DLP to look at other types of information and a broader set of risks,” he added. “When you read about the cost of a breach to an organization, most of those studies are really only done around loss of customer or credit card information.”

Since breach notification laws in the US require any breach of personal information to be made public, research groups can easily quantify the cost of a breach as well as how much the company spends on remediation of a breach.

For example, according to the 2008 Ponemon Institute’s annual study on data breach costs, the average cost of a data breach increased from US$182 in 2006 to $197 in 2007 to $202 in 2008. The average total cost per reporting company per breach has grown from $6.3 million in 2007 to more than $6.6 million in 2008. Costs come in the form of lost business, legal ramifications, and rectification measures.

 
 
123

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Outlook: Emerging security technology trends
As part of an ongoing discussion from IBM, this white paper helps us to gain a perspective on the security challenges organizations will face in the next few years. What fundamental technology trends are expected to impact organizations this and the following years? And how can organizations position themselves to profit from the myriad opportunities while managing the risk that inevitably accompanies them?
Top 10 challenges for managing emails
MessageLabs surveyed 157 IT professionals to understand the difficulties and opportunities faced by email managers. What kept them awake at night? What cost the most money or took the most time? And from these responses highlight some easy-to-manage solutions to their most pressing problems. This paper presents the results of the survey and actionable recommendations.
 
 
 
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
Budget-conscious NGO cuts costs and improves IT productivity with Symantec
St James' Settlement reduces staff time spent on data protection administration by 80% and on software inventories by almost 100%.
 
 
 

Recent popular content

Most Read
Tripwire steps into SIEM territory
What to do with Microsoft SMB2 vulnerability
Internet Explorer vulnerabities cause data leakage
Microsoft expands SDL program
Top 10 challenges for managing emails

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS