Experts on the Data Loss Prevention (DLP) Market in 2016 & Beyond

This article was originally posted at:

With the number of high-profile security breaches on the rise, such as the massive healthcare data breaches at Anthem and Premera, the hack and ensuing data breach at the U.S. government’s Office of Personnel Management, Sony’s multiple hacking incidents in recent years, the highly publicized Target breach, and many others, industry analysts have noted a massive resurgence in demand for data loss prevention (DLP) solutions. But how will today’s trends impact the DLP market in 2016 and beyond, and what changes looming on the horizon will cause DLP solutions to evolve to accommodate the increasingly complex data protection needs of modern organizations?

To find out how today’s security experts see the DLP market evolving in the coming years, we asked a panel of leading cybersecurity experts to answer this question:

“Where do you see the data loss prevention (DLP) market going in 2016 and beyond?”

Chadd Carr is the Director of Cyber Threat Detection and Response Services for PricewaterhouseCoopers (PwC). As a former Special Agent with the Air Force Office of Special Investigations, Carr has over 18 years’ experience in cyber security, network intrusion investigation, and information operations expressly related to data breaches and data loss. As a Director with PwC, he oversees both the Incident Response and Cyber Threat Intelligence services, servicing both national and international clients, public and private, throughout each of the 16 critical infrastructures. Data loss detection and prevention is one of many threats he identifies, counters, and remediates daily. Furthermore, as he is a management consultant as opposed to a tech consultant, he maintains awareness and expertise across a wide range of data loss prevention technologies in order to present the best cyber security solution to clients.

“The new paradigm around cybersecurity, specifically data loss prevention and identification, will certainly be…”

Centered around data fusion with a particular focus on minimizing the time to identify, validate, and remediate incidents of exposure. This will most likely come in the form of integrated intelligent platforms designed to mimic the training, capabilities, and methodologies of security professionals and threat actors alike – capable of fusing end-to-end intelligence (external-to-perimeter-to-end point), all tipping-and-queuing each other, and feeding logic into active control defenses; essentially removing the human from the action loop.

Why focus on identification as opposed to prevention? Since the first truncated transmission traveled between the University of California and the Stanford Research Institute in 1969, our society has become increasingly integrated. Specific to data loss, this integration has enabled access to networked resources, the tools/knowledge needed to nefariously exfiltrate data they contain, and a way for threat actors to monetize it. The previous barriers of entry into this market (software, technical training, methods, etc.) have gone away, attracting a wide group of actors including hackers, hacktivists, and advanced persistent threats (APTs). Although motivation may be used to differentiate these groups, the primary delineators of these are technical expertise and access to resources. Ultimately, there are too many exfiltration points to monitor effectively. By searching for hives of data across the surface, deep, and dark webs, organizations are better positioned to contain exposure.

In the meantime, organizations need to remain vigilant and committed to a defense-in-depth framework. No one single solution is capable of defending against all variety of data exfiltration. Security-savvy or threat-aware organizations understand that sound cyber security is much like physical fitness in that it is a lifestyle, and any plan that forces users to deviate too far off of their normal behaviors will not endure. The trick is to achieve balance between security and usability and trade-off between threat probability and threat ramifications.

This article was originally posted at:

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top