401 Reading 8 - marsecguy/reading-notes-cyberops GitHub Wiki

Data Loss Protection

1. How would you convince your organization about the importance of implementing a DLP solution?

   • I would point out the tremendous losses businesses are taking every year through data breaches and leaks. These losses aren't just confined to the value of the data itself. The loss of business through the resulting damage to reputation can be even more devastating. Furthermore, the cost of non-compliance can get very steep and those regulatory fines can be tacked on after a breach to make the loss significantly more expensive. By comparison, the cost of DLP is cheap insurance.

2. How would you explain the three main use cases for DLP to friends or family?

   • Firstly, DLP protects PII and other sensitive data from being leaked and creating conflicts with regulatory requirements, which can result in heavy fines.
   • Secondly, it protects intellectual property and other valuable business data from being exposed. Competitors may pay a large bounty to anyone who can bring them stolen trade secrets to help them reduce competitive advantage.
   • Lastly, it provides data visibility. Being able to see how users interact with data can lead to cost-saving improvements, such as more efficient processes.

Source: Fortra