Partners: WikiLeaks Breach Could Create Opportunities In DLP, Services1:03 PM EST Mon. Dec. 06, 2010
The WikiLeaks breach shook the world with the publication of captured U.S. diplomatic cables, but out of the ashes could emerge new opportunities for channel partners offering data loss prevention and event management technologies. And partners say the incident accelerates IT security projects and rejuvenates interest about operational services aimed at preventing an organization's most sensitive information from walking out the door.
Channel partners say that at the very least, the cataclysmic WikiLeaks breach raises awareness with customers and serves as a conversation starter by underscoring the growing need for data loss prevention (DLP) technologies.
"With the press around it, any raised awareness is a good thing to help solve the problem," said Dave Gilden, executive vice president of public sector for Fishnet Security, a Kansas City, Mo.-based security VAR. "When things like this happen, it only substantiates the need to have those kinds of solutions and processes in place to stop that from happening."
While in existence for a while, DLP never experienced widespread adoption, instead gaining initial traction in high-end markets, served by a few vendors such as RSA and Vontu. In recent years, DLP started gaining some traction in federal and state government, retail and financial vertical market segments with organizations, which were increasingly required to adhere to stringent compliance regulations such as PCI, Sarbanes Oxley, a slew of state regulations.
However, Gilden said that many DLP projects came to a screeching halt with the collapse of Lehman Bros. two years ago and the global economic meltdown that ensued. Considered a luxury, DLP, which is often time-consuming, costly and tedious to implement, was often one of the first IT projects to be cut when IT budgets were slashed.
"As the economy crumbled, a lot of IT projects fell off the table. Certainly that was one that was cut in many instances," Gilden said.
But partners also maintain that customers have shown renewed interest in DLP over the last 12 months as the economy has incrementally improved.
If anything, partners say that the WikiLeaks breach has raised awareness about the prevalence of data loss, which could likely spur renewed interest in dusting off tabled DLP projects.
David Sockol, president of Emagined Security, based in Santa Clara, Calif., said that the WikiLeaks incident would likely compel businesses to pull their DLP projects off the shelf and initiate conversations about deployment strategies. For those businesses that have already initiated the DLP process, the WikiLeaks breach will likely accelerate the implementation and deployment, he added.
Next: WikiLeaks Incident Could Accelerate DLP Deployment, Partners Say
"We're definitely seeing all around more concern for DLP technology," he said. "The real comparison will be not only increased attention, but increased vigor to deploy the technologies that they're already evaluating."
And DLP might not be only technology experiencing an uptick in the wake of the WikiLeaks fallout, partners say. Andrew Plato, president of Beaverton, Ore.-based Anitian Enterprise Security said that customers are exhibiting rejuvenated interest in products that aggregate a lot of information, such as SIEM, as well as GRC solutions.
"Products that are designed to help an organization do case management, manage incidents and control risk and develop workflows," Plato said. "Those are the technologies that are starting to gain some traction."
In addition, channel partners say that the unprecedented breach underscores the growing need to operationalize data loss procedures, such as with monitoring, assessment and other security services provided by the channel.
"The whole WikiLeaks issue is a phenomenal example for anybody involved in information security. It underlines a core weakness that every organization has," Plato said. "Nobody actually knew that this happened until it was too late. That underscores what is the key problem in security."
That key security problem exists not in lack of infrastructure but lack of operational procedures that would have prevented the data from being leaked publicly, Plato said. Very often a sensitive data breach occurs as the result of lack IT administrators that can prioritize the data and subsequently monitor how it travels and where it goes.
Plato added that the federal government had a robust DLP solution in place, but lacked necessary personnel to monitor the data.
"The reason most leaks take place is because nobody knows that it's happened. If you catch a leak really early on and go find the key person, you can derail the attempts to use that data against you," Plato said. "WikiLEaks is a prime example when you have decent technologies but don’t operationalize them."
Gilden said that in addition, data classification services will also likely rise closer to the top of many organizations' priority lists, as they attempt to locate and then prioritize mission critical data in order to adequately secure it.
"It's not just the software -- it's the processes around how you protect that sensitive information, knowing where it is and classifying it correctly," Gilden said. "The tool is just a tool -- it's customizing it to the needs of your environment. That's what makes it powerful."