DLP solutions (world market)

Information leaks

Losses from information leaks in the organizations are calculated by tens of billions of dollars a year. The separate article is devoted to this subject on TAdviser.

Main article: Date leaks

2020: Microsoft submitted the DLP solution

In November, 2020 Microsoft put on the market the first in the product line solution for protection against date leaks. The Microsoft Endpoint Data Loss Prevention (DLP) system is available to corporate clients. Read more here.

2016: Gartner: Zecurion and InfoWatch among leaders of the world market of DLP systems

At the end of January, 2016 analysts of Gartner published the new version of "a magic quadrant" in the field of solutions of protection against leaks. In the list of the best producers of DLP systems there were two Russian companies — Zecurion and InfoWatch.

They were located in group of leaders among niche players near Clearswift and Somansa. Assessment of DLP producers was performed by two key criteria: strategic vision and efficiency of implementation which display permanent focus of the company on production of high-quality and innovative solutions and also strategic vision of development of the industry and understanding of customers needs.

"Magic quadrant" of Gartner in the field of solutions of protection against leaks, 2016.

In a case with solutions of InfoWatch analysts noted possibilities of scanning and recognition of white papers and printings, a scope of a large number of languages at technology of linguistic analysis and noticeable promotion in Latin America, India and the countries of the Pacific Rim.

Experts referred lack of the built-in means of check of content in InfoWatch EndPoint Security to InfoWatch minuses (this function is performed by network components that limits its uses for remote end devices) and cloud support on the basis of own API functions (the same problem was noted at Zecurion) and also weak brand recognition of the company.

Specialists considered advantages of the DLP products Zecurion the built-in function of archiving, OCR technology for recognition of content, an extensive set of templates of confidential data and dictionaries which are used as a basis for development of security policies.

Estimating shortcomings of Zecurion, analysts of Gartner called weak presence of the company in the world market of DLP and limited opportunities of the agent of Zlock for Mac OS X and lack of support of Linux.

Among leaders of "a magic quadrant" in the field of solutions of protection against leaks Symantec, Intel Security and Forcepoint also appear.^[1]

2014

The standard of information security support in banks

On June 1, 2014 the new standard of information security support in banks recommended to them by the Bank of Russia took effect. According to the standard, the Bank of Russia recommends to the Russian banks to implement the Data Loss Prevention (DLP) systems to prevent date leak about clients. With their help credit institutions will be able to analyze correspondence of employees and also to find out what websites they use.

The new standard which became effective on June 1 replaced old, acting since 2010. In the document it is for the first time told about "date leak" and measures for its prevention are registered. For this purpose the Central Bank of Russia permitted banks to use DLP (Data Loss Prevention is a system for prevention of leaks). This type of the software is established on computers of employees and corporate servers and allows to monitor all their actions on the Internet and also correspondence and information exchange.

Application of DLP obliges banks to archive e-mail that in case of information leak it was possible to trace its source. Besides, the standard of security means application of the protected network protocols. According to the text of the document introduced to the Duma, the companies are going to be allocated with an opportunity to receive the remote consent of the citizen to processing of his personal data. Now it is possible to make it only at personal presence of the person.

• The policy of the Central Bank in the field of data protection (cyber security)
• The policy of the Central Bank in the field of development of innovations and financial technologies

Anti-Malware

According to forecasts of Anti-Malware, made in September, 2014, at the end of 2014 the volume of the Russian market of DLP systems will be $85-88 million Software to implementations of DLP systems in Russia large business (64%), a public sector (26%) and medium business (10%) are in the lead.

Gartner: Market size is $830 million.

Analysts of Gartner company adhere to assessment of market size in 2014 in $830 million.

ABI Research: Market size is $1.7 billion.

According to the estimates of ABI Research, by the end of 2014 the market of the solutions DLP could reach $1.7 billion.

2013: IDC estimated market size at $634 million, the forecast of Gartner - $680-710 million

By a preliminary estimate of IDC, the volume of the world market of DLP systems in 2013 was $634 million. Analysts of Gartner predicted its volume in 2013 at the level of $680-710 million, in 2014 - $830 million (growth by 22-23%).

2012: Gartner: Market size is $535 million

Earlier it was announced that it agrees to the research of the market of the systems of data loss prevention published by Gartner analytical company (Data Loss Prevention, DLP), its volume in 2012 was 535 million dollars that on more than 100 million dollars was exceeded by value of last year. Permanent growth of losses of corporate data forces to strengthen control of their transfer and processing including unrolling the DLP systems. It gave the grounds to analysts to expect that in 2013 the sales volume of DLP will reach 670 million dollars.

Gartner subdivides the DLP systems into three classes:

• corporate,
• "lungs" and
• channel.

The first use difficult sensing technologies of contents of data which are built in software agents for the PC and servers, monitors of network and also software tools of recognition of data. They work under control of the central console, implement the security policies admitted to the organizations and event management. In easy DLP basic technologies are used, they support limited number of data transmission channels (as a rule, Web, FTP and e-mail) and usually are established for protection of termination points or network; abilities to manage are also limited. Channel DLP are intended for integration into other means of ensuring of information security, for example, in the module of data encryption of e-mail; as a rule, are applied to meet requirements of the regulator.

Carry the companies to number of "leaders" of the market of analytics of Gartner:

• Symantec,
• Forcepoint (before Websense),
• RSA,
• McAfee,
• CA Technologies и
• Verdasys.

The group of niche players along with several other companies includes the Russian InfoWatch.

According to Gartner, about 35% of the enterprises installed the DLP systems because of requirements of network security, 20% were guided by need of recognition of important data, and 45% were required to protect endpoints of network.

2011

Ernst & Young: 38% of the polled companies implemented DLP

Based on an issledzhovaniye of Ernst & Young, in 2011 for protection against leakages of 38% of the polled large companies already implemented DLP systems, and DLP products are on the second place at these organizations in items of expenditure of cybersecurity budgets (after means of ensuring of business continuity and recovery after disasters). According to data of InfoWatch, the scope the DLP systems of a segment of medium and small business (SMB) is much lower, than the same indicator for the large companies.

Natalya InfoWatch about the market of DLP

Geographically world market of DLP as the CEO of InfoWatch Kasperskaya Natalya noted, making a start from experience of the company, it is significantly heterogeneous. So, in Europe, according to her, at that time there were practically no installed full-function DLP systems — only means of protecting from leaks on some certain canals. It sees a basic reason of it in the legislation existing in the majority of the European countries protecting the mystery of private life (including private correspondence) which has the dominating impact on use of data in government institutions and private companies. As a result in such countries as, for example, Germany and France, a priori was considered that DLP means can potentially violate the private rights of citizens during execution of service duties by them, so, you should not implement them. As opponents of DLP also labor unions of these countries acted.

At the same time in the English-speaking countries, for example in Great Britain and the USA where there are no similar laws which are so categorically protecting the mystery of private life, DLP means were used then actively. According to data of InfoWatch, to DLP the countries of the Middle East began to show great interest. Violently also the market of DLP in India, however, developed as Mrs. Kasperskaya noted, local users agree only to the offers smaller on the price in comparison with European and American time in ten. And nevertheless vendors made advances these customers in hope to receive a lost profit afterwards.

2010

InfoWatch registered 794 incidents of date leaks, in Russia 28

According to results of the global research of leaks of confidential information conducted InfoWatch companies, the stable growth of number of incidents of information security is explained by constantly increasing volume of corporate information at rather slow implementation of means of its protection and enciphering. So, in 2010 analysts of InfoWatch registered 794 incidents (i.e. more than two leaks a day) which resulted from malicious actions of insiders or reckless acts of employees in the organizations.

According to the research, total number of the compromised data in 2010 (so far as concerns personal data) made nearly 654 million records that is 100 million more than indicators of previous year. Thus, personal data remain the tidbit for swindlers (95% of the total number of leaks) as it is simple to sell them in the black market, consider in the company. The commercial secret (it is slightly less than 2%), as well as state (1.5%), hardly finds the buyer.

The essential number of incidents, according to InfoWatch, happens because of loss of mobile computers and flash cards on which information was not ciphered (19% of a total quantity). In 2010 the share of accidental leaks grew by 10%, and the share of intentional decreased by 8%.

The ratio of accidental and deliberate leaks continues to fluctuate about 60/40. It means that methods of counteraction to leaks still should be guided by both types of leaks, without giving preferences to one of them. However analysts of InfoWatch predict increase in a share of deliberate leaks and reduction of the implementations, accidental in connection with a large number, performed in 2010.

As Nikolay Fedotov noted in spite of the fact that the number of leaks through Network was slightly reduced (by 14%), the trend of personal data leakages through social networks was outlined, as confirmation to what serve loud discussions around Facebook and MySpace in 2010.

In Russia for the reporting period 28 incidents of leak of confidential information were recorded. The most part of leaks belonged to the category of intended and was connected with personal data of the citizens of Russia who flowed away from bank and government institutions reported in InfoWatch. At the same time a considerable part of the flowed-away data was used for commission of fraudulent activity. The financial damage in 2010 from leaks, according to the estimates of analytical center InfoWatch, exceeded $200 million.

IDC: Volume of the world market of DLP of $362 million

According to analysts of IDC, the volume of the world market of DLP in 2010 was $362 million. With a growth mentioned by IDC approximately in 17% a year (according to Gartner company — 20%) the predicted market size by 2015 will be in terms of money about 808 mln. dollars.

Notes