SlideShare a Scribd company logo

The future of dlp is automation

Martín Ríos
Martín Ríos

The document discusses the evolution of automation in data leak prevention (DLP) systems. It describes four generations of DLP from manual (1st generation) to fully automated (4th generation). 4th generation DLP relies on automatic identification, classification, policy generation, access control, and governance without human intervention. The key to 4th generation DLP is employing technologies like automatic data classification, policy synthesis, advanced access control, and automated governance and regulatory compliance enforcement. GhangorCloud is presented as a company that delivers a 4th generation automated DLP product with features like real-time analysis, classification, policy application, protection and compliance enforcement with automated reporting.

Technology
1 of 12
Download to read offline
The Future of DLP is Automation GhangorCloud Increasing Accuracy and Control through Automation
Multiple Stages of Automation • Automation delivers speed and accuracy that is not possible with manual systems. • Automation also delivers cost benefits by reducing or eliminating the time required for manual processes. The evolution of automation for any type of system goes through multiple stages. ➢ The first stage is usually completely manual ➢ The second stage automates one or more of the functions ➢ The third stage automates more functions ➢ The fourth stage relies on strategic input and then fulfills most of the functions automatically.
Four Generations of Automation for Automobiles The human must make all the decisions. Multiple elements to coordinate. The human must make all the decisions. Single element to coordinate. The human must make some of the decisions. The system executes some functions automatically. The human makes high level decisions. The system executes automatically and informs the human.4th Generation Automobiles: 3rd Generation Automobiles: 2nd Generation Automobiles: 1st Generation Automobiles:
Four Generations of Evolution for DLP Fourth Generation DLP – Information Centric Automated identification of all sensitive data & documents. Enterprise provides initial high level specification about who has access to what. The system automatically identifies the data/information and enforces policies. Third Generation DLP – Unstructured Data Centric Manual Tagging, Keyword Matching, Fingerprinting based identification of all sensitive First Generation DLP – DRM Centric Manual identification and marking of all sensitive documents. Second Generation DLP – Structured Data Centric RegEx Matching based identification of all sensitive Data
4th Generation DLP Products need to… Information Security Sensitive Businesses and Security Agencies Will… ➢ Use multiple data sources to determine risk ➢ Automatically correlate information from multiple sources ➢ Automate actions based on correlations ➢ Automatically deliver real time enforcement from multiple platforms ➢Automatically classify information ➢Automatically classify Actors and Actions ➢Automatically correlate multiple types of information ➢Automatically use multiple data sources to enforce correct actions based on risk assessment
Core Automation Technologies for 4th Generation DLP Auto-Classification of Data & Content 4th GenerationDLP systemmust be able to recognize and Auto-Classify confidential and/or missioncritical data in any format without humanintervention. NOTE: Auto-Classification Engine must be able to perform AutomaticDataIdentification. To this effect, sophisticated data identification techniques are imperative. Simple Keyword and Lexical Matches are NOT enough as they have been proven to be error prone resulting in high False Positive rates. Auto Classification Technology must exhibit following characteristics; No ManualProcessing of data/content such as Pre-Tagging or Pre-Marking of data/content. No Pre-Processing of data/content such as Document Fingerprinting or Hashing of Data/Content. No ManualHeuristic Training The Auto-Classification process should NOT require manual heuristic training. X No Manual Intervention ➢ TraditionalDataClassification systemsthat require“ManualInput”are greatly ineffectiveas theyare not onlyerror-proneand unscalable butactuallyhighly susceptible to MaliciousData Leakscenarios.
Core Automation Technologies for 4th Generation DLP Auto-Generation of Policies 4th GenerationDLP systemmust be able to Automatically Generate comprehensive set of Policies for enforcementof data leakpreventionbased on Role-basedContent Access Control. NOTE: DLP Policy definition is the single most critical process for successful deployment of a DLP regime. DLP Policies are inherently more complex and require deeper understanding of sophisticated use case scenarios in order to ascertain acceptable level of “Completeness” and “Use Case Coverage”. ➢ TraditionalDLP systemsare typicallylimitedto manual policycreation process which is not onlytediousbutalsoerror proneand costly. Auto Policy Generation Technology must exhibit following characteristics; No ManualInterventionin the Policy Generation process. All relevant Policy Primitives should be automatically generated thus eliminating human error and inconsistency. No Post-Processing such as Manual Policy Embossing of Data/Content. No ManualHeuristic Training of the Policy Parameters to perform Incident Correlation.
Core Automation Technologies for 4th Generation DLP Auto-Access Control 4th GenerationDLP systemmust be able to Automatically Generate comprehensive set of Access Control Primitives. NOTE: Traditional DLP systems are either dependent on extensive manual enumeration of Access Control Primitives or rely heavily on the Policy definition process – both of the two approaches is extremely cumbersome and constrained in its ability to provide the requisite coverage of “Use Case Scenarios” in sophisticated real-life DLP deployments. Auto Advanced Access Control Technology must exhibit following characteristics; Identityand Role driven Access Control wherein access rights and corresponding violations are automatically deduced from the identity and functional role of an actor (i.e. employee, application or device). Contextual-Conceptual Correlation algorithms to perform sophisticated reasoning (i.e. who should have access to what type of information?) for detection and pre-emption of complex data leak scenarios.
Core Automation Technologies for 4th Generation DLP Auto-GRC Enforcement 4th GenerationDLP systemmustbe able to Automatically Enforce Governance & Regulatory Compliance . NOTE: Traditional GRC Systems are typically focused on document routing and workflow. They are either dependent on third party data security tools or rely heavily on the Standard Operating Procedures – both of the two approaches is extremely cumbersome and constrained in its ability to provide the requisite coverage of “Use Case Scenarios” in sophisticated real- life DLP deployments. Auto GRC Enforcement Technology must exhibit following characteristics; Segmentationof Duty(SoD) basedInformation Control wherein dissemination, exposure and routing of data/information is automatically controlled according to pre-defined Business Standard Operating Procedures. Regulatory Compliance Enforcement wherein all domain specific compliance guidelines are automatically enacted.
GhangorCloud Technologies for Automated Security GhangorCloudDelivers 4th Generation Automated DLP for Your Organization ➢ Auto-classification of Information ➢ Auto-classification of Actor Risk Posture ➢ Multi-variable Correlation – Actors-Information- Operations ➢ Auto-synthesis of Policy ➢ Centralized Command Control Collaboration & Intelligence GhangorCloud Key Solution Features
GhangorCloud’s 4th Generation DLP Product GhangorCloud How Does It Work? Automated & in Real-time 1. Analyze the Data 2. Classify the Data 3. Determine Who has Access 4. Apply Policy 5. Protect in Real-Time & Enforce Compliance 6. Report Violations with Forensic Trail
Let us show you how 4th Generation Data Leak Prevention can secure your sensitive data. GhangorCloud Contact: GhangorCloud 2001 Gateway Place Suite 710, West Tower San Jose, CA 95110 +1 408-713-3303 info@ghangorCloud.com

Recommended

Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsUltraUploader
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
Tanvir Hashmi
 
626 Information leakage and Data Loss Prevention Tools
626 Information leakage and Data Loss Prevention Tools626 Information leakage and Data Loss Prevention Tools
626 Information leakage and Data Loss Prevention ToolsSplitty
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Ravtach Solutions
 
GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014Ravindran Vasu
 
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Stratio
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
IRJET Journal
 
Secure and manage your data while collaborating with Microsoft Teams.pptx
Secure and manage your data while collaborating with Microsoft Teams.pptxSecure and manage your data while collaborating with Microsoft Teams.pptx
Secure and manage your data while collaborating with Microsoft Teams.pptx
Jasper Oosterveld
 

Recommended

Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsUltraUploader
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
Tanvir Hashmi
 
626 Information leakage and Data Loss Prevention Tools
626 Information leakage and Data Loss Prevention Tools626 Information leakage and Data Loss Prevention Tools
626 Information leakage and Data Loss Prevention ToolsSplitty
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.Ravtach Solutions
 
GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014Ravindran Vasu
 
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...
Stratio
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
IRJET Journal
 
Secure and manage your data while collaborating with Microsoft Teams.pptx
Secure and manage your data while collaborating with Microsoft Teams.pptxSecure and manage your data while collaborating with Microsoft Teams.pptx
Secure and manage your data while collaborating with Microsoft Teams.pptx
Jasper Oosterveld
 
Soluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hpSoluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hp
at MicroFocus Italy ❖✔
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
Appsian
 
Securitarian
SecuritarianSecuritarian
Securitarian
Rupesh Verma
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
Sravan Ankaraju
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
Kim Cook
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSE
Jorge Orchilles
 
Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...
Analytics India Magazine
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakagenullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
n|u - The Open Security Community
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
Sergei Yavchenko
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
ForgeRock
 
Revisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat LandscapeRevisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat Landscape
Lance Peterman
 
Annual OktCyberfest 2019
Annual OktCyberfest 2019Annual OktCyberfest 2019
Annual OktCyberfest 2019
Fahad Al-Hasan
 
finl.docx
finl.docxfinl.docx
finl.docx
Vishesh Aggarwal
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
Secure Islands - Data Security Policy
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Mahdi_Fahmideh
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Steven Meister
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
penetration Tester
 
Scrum_Ceremonies.pptx
Scrum_Ceremonies.pptxScrum_Ceremonies.pptx
Scrum_Ceremonies.pptx
Martín Ríos
 
Seminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptxSeminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptx
Martín Ríos
 

More Related Content

Similar to The future of dlp is automation

Soluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hpSoluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hp
at MicroFocus Italy ❖✔
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
Appsian
 
Securitarian
SecuritarianSecuritarian
Securitarian
Rupesh Verma
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
Sravan Ankaraju
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
Kim Cook
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSE
Jorge Orchilles
 
Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...
Analytics India Magazine
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4Rodrigo Piovesana
 
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakagenullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
n|u - The Open Security Community
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
Sergei Yavchenko
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
ForgeRock
 
Revisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat LandscapeRevisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat Landscape
Lance Peterman
 
Annual OktCyberfest 2019
Annual OktCyberfest 2019Annual OktCyberfest 2019
Annual OktCyberfest 2019
Fahad Al-Hasan
 
finl.docx
finl.docxfinl.docx
finl.docx
Vishesh Aggarwal
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
Secure Islands - Data Security Policy
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Mahdi_Fahmideh
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Steven Meister
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
penetration Tester
 

Similar to The future of dlp is automation (20)

Soluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hpSoluzioni per la sicurezza aziendale di hp
Soluzioni per la sicurezza aziendale di hp
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
 
Securitarian
SecuritarianSecuritarian
Securitarian
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data GovernanceeBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
 
Adversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSEAdversary Emulation and Red Team Exercises - EDUCAUSE
Adversary Emulation and Red Team Exercises - EDUCAUSE
 
Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...Emerging engineering issues for building large scale AI systems By Srinivas P...
Emerging engineering issues for building large scale AI systems By Srinivas P...
 
SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4SegurançA Da InformaçãO Faat V1 4
SegurançA Da InformaçãO Faat V1 4
 
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakagenullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
nullcon 2011 - Enterprise Paradigm for Controlling Data Leakage
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
 
Revisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat LandscapeRevisiting Privileged Access in Today's Threat Landscape
Revisiting Privileged Access in Today's Threat Landscape
 
Annual OktCyberfest 2019
Annual OktCyberfest 2019Annual OktCyberfest 2019
Annual OktCyberfest 2019
 
finl.docx
finl.docxfinl.docx
finl.docx
 
18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands18 Tips for Data Classification - Data Sheet by Secure Islands
18 Tips for Data Classification - Data Sheet by Secure Islands
 
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfDigital Forensics for Artificial Intelligence (AI ) Systems.pdf
Digital Forensics for Artificial Intelligence (AI ) Systems.pdf
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 

More from Martín Ríos

Scrum_Ceremonies.pptx
Scrum_Ceremonies.pptxScrum_Ceremonies.pptx
Scrum_Ceremonies.pptx
Martín Ríos
 
Seminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptxSeminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptx
Martín Ríos
 
Alain fournier,el gran meaulnes
Alain fournier,el gran meaulnesAlain fournier,el gran meaulnes
Alain fournier,el gran meaulnes
Martín Ríos
 
Info gartner spanish gastos ti 2022
Info gartner spanish gastos ti 2022Info gartner spanish gastos ti 2022
Info gartner spanish gastos ti 2022
Martín Ríos
 
La riqueza y_pobreza_de_las_naciones-una visión geopolítica
La riqueza y_pobreza_de_las_naciones-una visión geopolíticaLa riqueza y_pobreza_de_las_naciones-una visión geopolítica
La riqueza y_pobreza_de_las_naciones-una visión geopolítica
Martín Ríos
 
Hyperconverged compare
Hyperconverged compareHyperconverged compare
Hyperconverged compare
Martín Ríos
 
Laptop está muerto
Laptop está muertoLaptop está muerto
Laptop está muerto
Martín Ríos
 
Ocho pasos para construir un sistema blade HP
Ocho pasos para construir un sistema blade HPOcho pasos para construir un sistema blade HP
Ocho pasos para construir un sistema blade HP
Martín Ríos
 
First national-technology-solutions
First national-technology-solutionsFirst national-technology-solutions
First national-technology-solutions
Martín Ríos
 
Optimize your virtualization_efforts_with_a_blade_infrastructure
Optimize your virtualization_efforts_with_a_blade_infrastructureOptimize your virtualization_efforts_with_a_blade_infrastructure
Optimize your virtualization_efforts_with_a_blade_infrastructure
Martín Ríos
 

More from Martín Ríos (11)

Scrum_Ceremonies.pptx
Scrum_Ceremonies.pptxScrum_Ceremonies.pptx
Scrum_Ceremonies.pptx
 
Seminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptxSeminarium PPT Julio KF.pptx
Seminarium PPT Julio KF.pptx
 
Alain fournier,el gran meaulnes
Alain fournier,el gran meaulnesAlain fournier,el gran meaulnes
Alain fournier,el gran meaulnes
 
Info gartner spanish gastos ti 2022
Info gartner spanish gastos ti 2022Info gartner spanish gastos ti 2022
Info gartner spanish gastos ti 2022
 
La riqueza y_pobreza_de_las_naciones-una visión geopolítica
La riqueza y_pobreza_de_las_naciones-una visión geopolíticaLa riqueza y_pobreza_de_las_naciones-una visión geopolítica
La riqueza y_pobreza_de_las_naciones-una visión geopolítica
 
Hyperconverged compare
Hyperconverged compareHyperconverged compare
Hyperconverged compare
 
Laptop está muerto
Laptop está muertoLaptop está muerto
Laptop está muerto
 
Ocho pasos para construir un sistema blade HP
Ocho pasos para construir un sistema blade HPOcho pasos para construir un sistema blade HP
Ocho pasos para construir un sistema blade HP
 
SAP
SAPSAP
SAP
 
First national-technology-solutions
First national-technology-solutionsFirst national-technology-solutions
First national-technology-solutions
 
Optimize your virtualization_efforts_with_a_blade_infrastructure
Optimize your virtualization_efforts_with_a_blade_infrastructureOptimize your virtualization_efforts_with_a_blade_infrastructure
Optimize your virtualization_efforts_with_a_blade_infrastructure
 

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 

The future of dlp is automation

  • 1. The Future of DLP is Automation GhangorCloud Increasing Accuracy and Control through Automation
  • 2. Multiple Stages of Automation • Automation delivers speed and accuracy that is not possible with manual systems. • Automation also delivers cost benefits by reducing or eliminating the time required for manual processes. The evolution of automation for any type of system goes through multiple stages. ➢ The first stage is usually completely manual ➢ The second stage automates one or more of the functions ➢ The third stage automates more functions ➢ The fourth stage relies on strategic input and then fulfills most of the functions automatically.
  • 3. Four Generations of Automation for Automobiles The human must make all the decisions. Multiple elements to coordinate. The human must make all the decisions. Single element to coordinate. The human must make some of the decisions. The system executes some functions automatically. The human makes high level decisions. The system executes automatically and informs the human.4th Generation Automobiles: 3rd Generation Automobiles: 2nd Generation Automobiles: 1st Generation Automobiles:
  • 4. Four Generations of Evolution for DLP Fourth Generation DLP – Information Centric Automated identification of all sensitive data & documents. Enterprise provides initial high level specification about who has access to what. The system automatically identifies the data/information and enforces policies. Third Generation DLP – Unstructured Data Centric Manual Tagging, Keyword Matching, Fingerprinting based identification of all sensitive First Generation DLP – DRM Centric Manual identification and marking of all sensitive documents. Second Generation DLP – Structured Data Centric RegEx Matching based identification of all sensitive Data
  • 5. 4th Generation DLP Products need to… Information Security Sensitive Businesses and Security Agencies Will… ➢ Use multiple data sources to determine risk ➢ Automatically correlate information from multiple sources ➢ Automate actions based on correlations ➢ Automatically deliver real time enforcement from multiple platforms ➢Automatically classify information ➢Automatically classify Actors and Actions ➢Automatically correlate multiple types of information ➢Automatically use multiple data sources to enforce correct actions based on risk assessment
  • 6. Core Automation Technologies for 4th Generation DLP Auto-Classification of Data & Content 4th GenerationDLP systemmust be able to recognize and Auto-Classify confidential and/or missioncritical data in any format without humanintervention. NOTE: Auto-Classification Engine must be able to perform AutomaticDataIdentification. To this effect, sophisticated data identification techniques are imperative. Simple Keyword and Lexical Matches are NOT enough as they have been proven to be error prone resulting in high False Positive rates. Auto Classification Technology must exhibit following characteristics; No ManualProcessing of data/content such as Pre-Tagging or Pre-Marking of data/content. No Pre-Processing of data/content such as Document Fingerprinting or Hashing of Data/Content. No ManualHeuristic Training The Auto-Classification process should NOT require manual heuristic training. X No Manual Intervention ➢ TraditionalDataClassification systemsthat require“ManualInput”are greatly ineffectiveas theyare not onlyerror-proneand unscalable butactuallyhighly susceptible to MaliciousData Leakscenarios.
  • 7. Core Automation Technologies for 4th Generation DLP Auto-Generation of Policies 4th GenerationDLP systemmust be able to Automatically Generate comprehensive set of Policies for enforcementof data leakpreventionbased on Role-basedContent Access Control. NOTE: DLP Policy definition is the single most critical process for successful deployment of a DLP regime. DLP Policies are inherently more complex and require deeper understanding of sophisticated use case scenarios in order to ascertain acceptable level of “Completeness” and “Use Case Coverage”. ➢ TraditionalDLP systemsare typicallylimitedto manual policycreation process which is not onlytediousbutalsoerror proneand costly. Auto Policy Generation Technology must exhibit following characteristics; No ManualInterventionin the Policy Generation process. All relevant Policy Primitives should be automatically generated thus eliminating human error and inconsistency. No Post-Processing such as Manual Policy Embossing of Data/Content. No ManualHeuristic Training of the Policy Parameters to perform Incident Correlation.
  • 8. Core Automation Technologies for 4th Generation DLP Auto-Access Control 4th GenerationDLP systemmust be able to Automatically Generate comprehensive set of Access Control Primitives. NOTE: Traditional DLP systems are either dependent on extensive manual enumeration of Access Control Primitives or rely heavily on the Policy definition process – both of the two approaches is extremely cumbersome and constrained in its ability to provide the requisite coverage of “Use Case Scenarios” in sophisticated real-life DLP deployments. Auto Advanced Access Control Technology must exhibit following characteristics; Identityand Role driven Access Control wherein access rights and corresponding violations are automatically deduced from the identity and functional role of an actor (i.e. employee, application or device). Contextual-Conceptual Correlation algorithms to perform sophisticated reasoning (i.e. who should have access to what type of information?) for detection and pre-emption of complex data leak scenarios.
  • 9. Core Automation Technologies for 4th Generation DLP Auto-GRC Enforcement 4th GenerationDLP systemmustbe able to Automatically Enforce Governance & Regulatory Compliance . NOTE: Traditional GRC Systems are typically focused on document routing and workflow. They are either dependent on third party data security tools or rely heavily on the Standard Operating Procedures – both of the two approaches is extremely cumbersome and constrained in its ability to provide the requisite coverage of “Use Case Scenarios” in sophisticated real- life DLP deployments. Auto GRC Enforcement Technology must exhibit following characteristics; Segmentationof Duty(SoD) basedInformation Control wherein dissemination, exposure and routing of data/information is automatically controlled according to pre-defined Business Standard Operating Procedures. Regulatory Compliance Enforcement wherein all domain specific compliance guidelines are automatically enacted.
  • 10. GhangorCloud Technologies for Automated Security GhangorCloudDelivers 4th Generation Automated DLP for Your Organization ➢ Auto-classification of Information ➢ Auto-classification of Actor Risk Posture ➢ Multi-variable Correlation – Actors-Information- Operations ➢ Auto-synthesis of Policy ➢ Centralized Command Control Collaboration & Intelligence GhangorCloud Key Solution Features
  • 11. GhangorCloud’s 4th Generation DLP Product GhangorCloud How Does It Work? Automated & in Real-time 1. Analyze the Data 2. Classify the Data 3. Determine Who has Access 4. Apply Policy 5. Protect in Real-Time & Enforce Compliance 6. Report Violations with Forensic Trail
  • 12. Let us show you how 4th Generation Data Leak Prevention can secure your sensitive data. GhangorCloud Contact: GhangorCloud 2001 Gateway Place Suite 710, West Tower San Jose, CA 95110 +1 408-713-3303 info@ghangorCloud.com