Partners: WikiLeaks Breach Could Create Opportunities In DLP, Services


 

"We're definitely seeing all around more concern for DLP technology," he said. "The real comparison will be not only increased attention, but increased vigor to deploy the technologies that they're already evaluating."

And DLP might not be only technology experiencing an uptick in the wake of the WikiLeaks fallout, partners say. Andrew Plato, president of Beaverton, Ore.-based Anitian Enterprise Security said that customers are exhibiting rejuvenated interest in products that aggregate a lot of information, such as SIEM, as well as GRC solutions.

"Products that are designed to help an organization do case management, manage incidents and control risk and develop workflows," Plato said. "Those are the technologies that are starting to gain some traction."

In addition, channel partners say that the unprecedented breach underscores the growing need to operationalize data loss procedures, such as with monitoring, assessment and other security services provided by the channel.

"The whole WikiLeaks issue is a phenomenal example for anybody involved in information security. It underlines a core weakness that every organization has," Plato said. "Nobody actually knew that this happened until it was too late. That underscores what is the key problem in security."

That key security problem exists not in lack of infrastructure but lack of operational procedures that would have prevented the data from being leaked publicly, Plato said. Very often a sensitive data breach occurs as the result of lack IT administrators that can prioritize the data and subsequently monitor how it travels and where it goes.

Plato added that the federal government had a robust DLP solution in place, but lacked necessary personnel to monitor the data.

"The reason most leaks take place is because nobody knows that it's happened. If you catch a leak really early on and go find the key person, you can derail the attempts to use that data against you," Plato said. "WikiLEaks is a prime example when you have decent technologies but don’t operationalize them."

Gilden said that in addition, data classification services will also likely rise closer to the top of many organizations' priority lists, as they attempt to locate and then prioritize mission critical data in order to adequately secure it.

"It's not just the software -- it's the processes around how you protect that sensitive information, knowing where it is and classifying it correctly," Gilden said. "The tool is just a tool -- it's customizing it to the needs of your environment. That's what makes it powerful."