Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.
Gartner has released their Market Guide for Data Loss Prevention, and we are honored to be included as a Representative Vendor. According to the latest Market Guide for Data Loss Prevention “The enterprise DLP market is mature, but integrated DLP and cloud-provider-native DLP solutions offer emerging capabilities that are much needed by security and risk management leaders starting DLP programs.”
“This research offers guidance on market trends and their impact on data security strategies.”.
You can get the entire report here.
According to Gartner, “The market for DLP technology includes offerings that provide visibility into data usage and movement across an organization, as well as dynamic enforcement of security policies based on content and context at the time of actions on data. DLP technology seeks to address data-related threats, including the risks of inadvertent or accidental data loss and the exposure of sensitive data, using monitoring, alerting, warning, blocking and other remediation features.”
Accidental data loss is a problem that was often simply considered the cost of doing business and impossible to solve — until now. With Gartner’s acknowledgment of accidental data loss, we believe that the industry is seeing a fundamental shift in this thinking, and clearly shows that more enterprises understand that it represents a massive DLP risk.
In addition to this broad overview of DLP technology capabilities, Gartner recommends security and risk management leaders with a responsibility for data security and compliance should:
As Gartner states, since the previous 2020 edition of the Market Guide for Data Loss Prevention, there have been several notable changes in the vendor landscape. In fact, Gartner fielded “32% more client inquiries on the topic of DLP than in 2019”. Here at Tessian, we believe that this is due to more enterprises beginning to reevaluate their DLP programs with the move to Microsoft 365 and more cloud-based applications.
They also found “many DLP vendors providing managed DLP services, which remain appealing to many organizations, specifically small and midsize enterprises and those with limited resources to allocate to the implementation of a DLP program.”
Likewise, “Many DLP vendors also provide data classification services, which are essential for successful DLP implementation. The labeling and tagging of data simplifies the DLP process, as organizations can easily distinguish sensitive data from nonsensitive data”.
This fits well with our observations of the industry and aligns with what our customers express as well.
Forward-thinking enterprises increasingly view legacy DLP tools as a strategic risk and are looking for alternatives. In fact, 85% of security leaders say DLP is admin-intensive.
Recent M&A activity has led to uncertainty in the market (Symantec acquired by Broadcom, Forcepoint acquired by PE firm) and enterprise DLP has seen little innovation in the last few years. For example, we see Microsoft’s strategy as providing “baseline” DLP across all interfaces in their ecosystem (Email, Chat, File-sharing, Web, Endpoint) and this is commoditizing the rule-based approach offered by legacy tools.
As a result, enterprises are phasing out irrelevant legacy DLP tools and are considering what to replicate, remove, or re-think. This includes Microsoft 365, as many organizations are now assessing Microsoft DLP overlap with their existing legacy DLP stack.
Many enterprises will use some vendors’ built-in DLP to address basic use cases but look to Tessian to solve critical and advanced human-centric risks to solve the bulk of their DLP challenges, including data loss caused by human error which Legacy DLP is unable to prevent. Over time, enterprises will adopt a hybrid approach and leverage integrations to get the most out of their investments in each product.
Tessian’s Data Loss Prevention in our Human Layer Security Platform offers outbound protection on email (the threat vector most security leaders are concerned about protecting) and satisfies criteria outlined in the report — anomaly detection, data protection, post delivery protection, and offers these protection for both web and mobile devices.
Powered by machine learning, our Human Layer Security platform understands normal email behavior by analyzing content, context, and communication patterns from historical email data to establish trusted relationship graphs. Tessian can then detect anomalies in real-time using those employee relationship graphs alongside deep content analysis, natural language processing, and behavioral analysis.
Importantly, in addition to threat prevention, Tessian offers several features that help ease the burden on SOC and compliance teams, and give key stakeholders peace of mind.
Automated protection: Tessian automatically detects and prevents data loss. No rules, re-configuration, maintenance of allow/denylists, or manual investigation required.
Data-rich dashboards: With Tessian, security teams have clear visibility of data loss incidents, who triggered them, and what data was involved. This demonstrates clear ROI and makes auditing and reporting easy.
In-the-moment training: When a potential data loss incident is detected, real-time warnings are triggered that explain exactly why the email was flagged. These warnings are written in plain, easy-to-understand language which reinforce training and policies and help employees improve their security reflexes over time