Data loss protection: a first principle idea.

Rick discusses data loss protection as a first principle strategy using NIST and Forrester as a guide. The new thing to consider is running a deception network.

Resources:

• “Book Review: Cult of the Dead Cow,” By Rick Howard, Palo Alto Networks, 30 January 2020.
• “Cyber Deception,” Dave Climek, Anthony Macera and Walt Tirenin, Journal of Cyber Security and Information Systems, Volume: 4 Number: 1 - Focus on Air Force Research Laboratory’s Information Directorate, 8 March 2016.
• “Cyber Deception Systems - Market Segment Report,” by Wellington Research, 2019.
• “Data loss prevention,” Box.
• "Data Loss Prevention (DLP)," by Imperva.
• “Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171,” by RON ROSS, VICTORIA PILLITTERI, GARY GUISSANIE, RYAN WAGNER, RICHARD GRAUBART, DEB BODEAU, National Institute of Standards and Technology (NIST), July 2020. 
• “Materiality in a nutshell,” by datamaran, Last Visited 30 April 2020.
• “Overview of data loss prevention,” by Microsoft, 12 July 2019.
• “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations: NIST Special Publication 800-171, Revision 2,” by RON ROSS, VICTORIA PILLITTERI, KELLEY DEMPSEY, MARK RIDDLE, GARY GUISSANIE, National Institute of Standards and Technology (NIST), February 2020.
• “The Cybersecurity Canon: The Cuckoo’s Egg,” By Rick Howard, Palo Alto Networks, 24 December 2013.
• “The Forrester Wave™: Data Security Portfolio Vendors, Q2 2019: The 13 Providers That Matter Most And How They Stack Up,” by Heidi Shey, Forrester, 10 June 2019.
• “What is a Honeypot?” by Caleb Townsend, Cybersecurity Magazine.
• "Yesterday’s Solutions Won’t Solve Tomorrow’s Data Security Issues: Understanding Shortcomings With Current DLP/CASB Security Solutions And How To Fill The Gaps,” FORRESTER and CODE42, JUNE 2020.