CSO Perspectives (Pro) 8.17.20
Ep 18 | 8.17.20

Data loss protection and cybersecurity first principles.

Show Notes

Data loss protection is a cybersecurity first principle strategy.

It’s 10pm, do you know where your data is? Better yet, do you know what your material data is? That’s step one in Rick’s guide to data loss protection and prevention. With key resources from NIST and Forrester, Rick outlines the key components of defining material data and protecting that data from loss. He also dives into the advanced concept of network deception for those with a mature DLP program. As always, the Hash Table weighs in with industry best practices and lessons learned.

Cybersecurity professional development and continued education.

You will learn about: data islands, off-island control, destruction, deception techniques, key DLP resources, strategies for data classification, loss protection, and loss prevention

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more data loss protection and cybersecurity first principles resources, check the topic essay.

Selected Reading:

  1. Book Review: Cult of the Dead Cow,” By Rick Howard, Palo Alto Networks, 30 January 2020.
  2. Cyber Deception,” Dave Climek, Anthony Macera and Walt Tirenin, Journal of Cyber Security and Information Systems, Volume: 4 Number: 1 - Focus on Air Force Research Laboratory’s Information Directorate, 8 March 2016.
  3. Cyber Deception Systems - Market Segment Report,” by Wellington Research, 2019.
  4. Data loss prevention,” Box.
  5. "Data Loss Prevention (DLP)," by Imperva.
  6. Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171,” by RON ROSS, VICTORIA PILLITTERI, GARY GUISSANIE, RYAN WAGNER, RICHARD GRAUBART, DEB BODEAU, National Institute of Standards and Technology (NIST), July 2020. 
  7. Materiality in a nutshell,” by datamaran, Last Visited 30 April 2020.
  8. Overview of data loss prevention,” by Microsoft, 12 July 2019.
  9. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations: NIST Special Publication 800-171, Revision 2,” by RON ROSS, VICTORIA PILLITTERI, KELLEY DEMPSEY, MARK RIDDLE, GARY GUISSANIE, National Institute of Standards and Technology (NIST), February 2020.
  10. The Cybersecurity Canon: The Cuckoo’s Egg,” By Rick Howard, Palo Alto Networks, 24 December 2013.
  11. The Forrester Wave™: Data Security Portfolio Vendors, Q2 2019: The 13 Providers That Matter Most And How They Stack Up,” by Heidi Shey, Forrester, 10 June 2019.
  12. What is a Honeypot?” by Caleb Townsend, Cybersecurity Magazine.
  13. "Yesterday’s Solutions Won’t Solve Tomorrow’s Data Security Issues: Understanding Shortcomings With Current DLP/CASB Security Solutions And How To Fill The Gaps,” FORRESTER and CODE42, JUNE 2020.