Data loss prevention: The future is platformization

Data loss prevention (DLP) is undergoing a significant evolution, as the industry increasingly leans into platformization and behavioral science as a proactive defense. 

The latest GigaOm Radar Report for DLP highlights how the DLP space is evolving, and how AI is shaking things up.

Read on for the key takeaways of the latest GigaOm Radar Report for DLP, and to see why DTEX InTERCEPT is an outperformer, and a leader in the Innovation/Platform Play quadrant.

AI: Balancing security with productivity

The cost of data loss is significant ($16.2M per insider-related breach and counting), and its impact is far-reaching. While businesses must safeguard sensitive information, they cannot simply lock it away. As the report acknowledges, data needs to be accessible, portable, and available for internal operations and external collaborations.

This tension between the need for data accessibility and the risk of data loss has created a dynamic landscape for data protection strategies, especially as businesses adopt advanced AI technologies like ChatGPT, Gemini, and Microsoft Copilot. These tools introduce new data loss vectors that require innovative security measures, including modern DLP solutions. The evolution of DLP tools, as seen in the 2024 GigaOm Radar for DLP, reflects the need to keep pace with growing threats and shifting regulatory requirements.

The rise of platformization

One of the most notable shifts in DLP is the rise of platformization, which marks the movement away from isolated, feature-specific solutions toward more integrated and contextually aware platforms. Historically, DLP systems focused primarily on scanning data for predefined patterns or keywords, but today’s solutions provide much more holistic coverage. The evolution towards platform-based DLP enables organizations to protect data across endpoints, networks, cloud environments, and AI-driven applications seamlessly.

This shift has been driven by the need for comprehensive security tools that align with broader cybersecurity ecosystems. By integrating DLP into larger platforms, organizations can leverage contextual data from various sources (such as user behavior, network activity, and file movements) to gain a more accurate understanding of risk. As a result, platformized DLP solutions can better assess data loss threats based not just on the content of the data but on how and by whom it is being accessed or shared.

GigaOm’s Radar Report highlights a trend toward platform-based DLP solutions. These solutions are increasingly incorporating user and entity behavior analytics (UEBA) and integrating seamlessly with security frameworks such as Secure Access Service Edge (SASE), allowing organizations to implement a more proactive, risk-adaptive approach to DLP.

Adaptive risk scoring: Behavioral science in action

A key element of modern DLP solutions is their ability to apply adaptive risk scoring, which is rooted in behavioral science. Rather than relying solely on the classification of data, these tools analyze user behavior to determine potential risks. This approach focuses on understanding the interactions between users and data, providing a contextualized view of potential threats.

Adaptive risk scoring assesses the risk level of each interaction based on historical patterns and deviations from normal activity. For example, if an employee who typically works on specific internal projects begins accessing sensitive customer data or transferring files to unauthorized locations, the system flags this as a high-risk behavior. The intelligence behind this scoring relies on both machine learning models and behavioral analytics, which enable a more nuanced understanding of insider risk.

The benefit of adaptive risk scoring is that it reduces the burden of manual rule-setting and data classification. Instead of pre-defining every possible scenario in which data might be at risk, DLP systems can adapt dynamically to changing circumstances, detecting abnormal activity in real time. This capability also helps reduce false positives, as decisions are made based on risk context rather than rigid rules. As such, adaptive risk scoring empowers security teams to focus on truly anomalous behavior that may indicate a potential breach or data loss event.

The role of AI in DLP

Artificial intelligence (AI) plays a critical role in the evolution of DLP, particularly when it comes to detecting, deterring, and disrupting insider risks. AI-powered tools enhance the accuracy of threat detection by analyzing massive amounts of data in real-time and identifying subtle patterns that might go unnoticed by traditional methods.

AI contributes to DLP in two primary ways: identifying risks related to the use of AI technologies themselves and augmenting the risk analysis process. With the increasing adoption of generative AI tools, there is a heightened risk of unintentional data exposure. AI-driven DLP solutions monitor interactions between users and these tools, ensuring that sensitive data is not improperly shared or manipulated.

Moreover, AI enables predictive analysis, which is a game-changer for security teams. By continuously learning from user behavior, AI models can predict potential data loss scenarios before they occur. This capability allows organizations to take preemptive action, stopping risky behaviors or blocking the movement of sensitive data before it is too late. As organizations continue to adopt AI across business functions, the ability to monitor and mitigate AI-related risks will become even more crucial.

DTEX InTERCEPT: Leading behavioral DLP with contextual awareness

Located in the Innovation/Platform Play quadrant, DTEX InTERCEPT exemplifies the evolution of DLP through the lens of Insider Risk Management. Our approach centers on understanding the full behavioral context of any activity that could impact data security. This includes gathering telemetry from data, machines, applications, and people to build a comprehensive picture of insider risk.

Using our patented Pseudonymization technology, InTERCEPT protects personally identifiable information (PII) by default while still providing detailed insights into user behavior. This allows organizations to detect and mitigate insider risks early without compromising privacy.

InTERCEPT also excels in adaptive risk scoring, applying intelligent controls based on the context of data usage rather than rigid classifications.

Indeed, AI has become a driving force of the InTERCEPT platform, democratizing data analysis and accelerating insider risk management with guided investigations. Our Ai³ Risk Assistant helps analysts dive deeper into the platform’s vast data sets, making it easier to understand risky behaviors and take appropriate action. Additionally, our platform offers granular controls to manage insider threats, such as issuing warnings, blocking data transfers, or quarantining users or devices when risky activity is detected.

As the report notes, one of the key strengths of DTEX InTERCEPT is its ability to integrate with other enterprise security tools, such as Endpoint Detection and Response (EDR) systems and cloud access security brokers (CASB). This makes it a valuable asset for large organizations and public sector entities that require a robust, scalable behavioral DLP solution with extensive reporting capabilities.

Balancing security with accessibility

As data loss threats continue to evolve, so too must the tools and technologies used to prevent them. Platformization, risk-adaptive approaches, and AI-driven insights underscored by behavioral context are now essential components of any effective DLP or broader insider risk management strategy. Solutions like DTEX InTERCEPT exemplify this shift, offering organizations the ability to protect sensitive data while enabling flexible and secure data usage.

Ultimately, businesses must strike a balance between data security and accessibility, leveraging modern DLP tools to minimize risk while empowering users to harness the full potential of their data. 

For the full insights, download the 2024 GigaOm Radar Report for DLP.

To see what InTERCEPT can do for your organization, request a demo.