DLP Sucks and Why You Should Use It

Wednesday, October 30

9:45 AM - 10:45 AM

Location: Northern E2

Speaker(s)

JO

John Orleans, CISSP

AVP, Information Security
Mesirow Financial

In an environment where privacy concerns and regulatory requirements are getting more strict, we need to find a way to enable security professionals to meet those needs. Data Loss Prevention software is often sold as the panacea for all your privacy ills. Unfortunately, it's extremely hard to implement and either ends up burying information security teams in alerts or becomes yet another abandoned project. In this interactive session, participants will learn how one company set the expectations, addressed users' concerns and delivered a solution that went beyond a simple set of use cases. There will also be a demo of common exfiltration techniques and how to counter them.

Learning Objectives:

Define reasonable expectations for the use of DLP and build tests to verify effectiveness.
Effectively communicate with business units regarding DLP status, features and issues.
Demonstrate the business value of an effective DLP system in terms of governance, regulatory compliance, audit and forensics.