What is DLP 3.0?

DLP 3.0 redefines data protection in terms of the risks and threats that companies must be able to define, measure, prioritize and mitigate.  Companies who do not or cannot take this foundational and holistic view of these risks to their critical business data will end up with a breach and suffer the expensive consequences of competitive loss, customer loss, reputational loss and regulatory fines.

Want to learn more about DLP 3.0?  Listen to a recording of our Webinar entitled:  DLP 3.0 Redefining Data Protection in the Age of Combined Threats

 DLP 3.0 Data Loss Prevention















The History of Data Threats and Technology

DLP 1.0

First generation DLP focused on compliance and protecting clients PII and PHI data.  First generation DLP was and still is primarily focused on the financial services, insurance and health care industries being driven by PCI standards as well as HIPAA, GLBA and many state privacy laws.  In truth, first generation DLP is more concerned with meeting audit regulations than it is in protecting data.  Even worse, the fast changing landscape of technology and threats has made many of these regulations outdated and detrimental to actually protecting data. Yet these systems still represent a majority of DLP technologies deployed in the market and companies are trying hard, and often failing to make them useful beyond DLP 1.0.

DLP 2.0

The second generation of DLP focuses on the insider threat and moves beyond PII and PHI data to include intellectual property, trade secrets, critical business plans and classified information.  Defined publically by the infamous Bradley Manning WikiLeaks case, insider threat had been an ongoing problem for many years but has exploded as a risk with the advent of multi gigabyte storage devices and cloud file sharing.  Second generation DLP products extend from the network to host-based sensors and agents for desktops, laptops and servers.  In DLP 2.0, all sensors (network and endpoint) must capture data events across the enterprise and aggregate this data to show risks in the forms of types and amounts of data moving across and off the enterprise, as well as trends of data usage by employees.  The goal being the ability to recognize risk events and take action to prevent them without the initial understanding of what a "risk event" maybe.

DLP 3.0

DLP 3.0 adds the latest and fastest growing threat to critical business information, cyber attack.  Defined as an initial outside attack most often through phishing, spear phishing or zero day exploits, these attacks succeed in penetrating a company's perimeter defenses and stealing the credentials of insiders and then finding and exfiltrating targeted data.  Cyber attack is the fastest growing threat to all companies big and small and a major focus of awareness programs by the US Congress, FBI and Department of Defense.  The cyber attack threat is massive because of who the attackers are and how well trained and funded they are.  Although cyber attack threat does overlap with insider threat, to successfully recognize and mitigate this new threat requires additional capabilities and programs.  Most recently, the combined insider and outsider threat has emerged where a compromised insider introduces the malware, bypassing the latest generation of cyber attack threat perimeter defenses.


Digital Guardian by Verdasys Meets the DLP 3.0 Challenge

Verdasys offers advanced data protection for endpoints with Digital Guardian, the foundation for data protection in the DLP 3.0 world.   Verdasys offers an information centric framework that combines the Digital Guardian platform with advanced Data Risk and Governance Policy Packs (DG) that specifically address compliance, insider threat and cyber threat in a unified and integrated solution.  Digital Guardian is the only solution available in the market that delivers on the full set of DLP 3.0 requirements:  risk visibility and measurement, risk prioritization, integrated policy management and control, integrated data event aggregation, reporting and forensic data event capture and case management in a single, fully integrated platform.