Data doesn't lose itself; a person loses the data. What do we mean when we talk about people-centric security?
In our latest The People Variable episode, Brian Reed, Cybersecurity Evangelist at Proofpoint and former Gartner analyst, talks to us about data loss prevention (DLP).
People-centric security aims to strike a balance between risk reduction and employee agility. Traditionally, a DLP project is seen as a massive hassle at best.
Brian described three reasons why anybody would ever deploy DLP:
- A regulatory compliance requirement
- Verification of intellectual property protections
- Data visibility, movement, and monitoring
It's point #3 that really speaks to the context of data.
Remember, data doesn't just get up and walk around. It requires some intervention — a bad actor, a user mistake, a broken process — that triggers data loss. How should you frame your communications about data security to an employee who is potentially mishandling data?
What we talked about in this episode:
- Three reasons you would ever start a DLP project
- How to speak to your CISO about data loss
- Communication is everything in security awareness training
Listen here! Find additional content and subscribe to Protecting People on Apple Podcasts and Spotify.