Next DLP - Experts & Thought Leaders

Next DLP (Next), a pioneer in insider risk and data protection announced the launch of Secure Data Flow, a groundbreaking capability within the Reveal Platform that uses the "What, Where, Who and How" of data’s origin, movements and modifications to provide unparalleled protection. Revolutionising data protection In a rapidly evolving digital landscape, legacy data protection technologies are falling short. They rely heavily on pattern matching, regular expressions, keywords, user-applied tags, and fingerprinting, which can only cover a limited range of text-based data types. Secure Data Flow overcomes the limitations and complexities of legacy Data Loss Prevention (DLP) by complementing traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. This results in an all-encompassing, 100% effective, false-positive-free solution that simplifies the lives of security analysts. Secure Data Flow Employees download an average of 30GB of data each month from SaaS applications to their endpoints Recent studies show that employees download an average of 30GB of data each month from SaaS applications to their endpoints, including mobile phones, laptops, and desktops​ (Productiv)​​ (Vendr)​. This staggering volume underscores the critical need for advanced data protection measures. By tracking data from its origin as it flows to sanctioned and unsanctioned egress channels within an organisation, Secure Data Flow equips security teams to prevent data theft and misuse effectively. Data protection and risk management “Secure Data Flow is a novel approach to data protection and insider risk management,” said Ken Buckler, Research Director at Enterprise Management Associates. “It not only boosts detection and protection capabilities but also streamlines the overall data management process, enhancing the fidelity of data sensitivity recognition and minimising endpoint content inspection costs." "This advancement is particularly vital given the limitations and inefficiencies of traditional legacy DLP solutions, providing a much-needed capability to more effectively safeguard sensitive data in today’s diverse technological environments." Key benefits of Secure Data Flow Comprehensive Data Tracking: Secure Data Flow secures the flow of critical business data from any SaaS application, including Salesforce, Workday, SAP, and GitHub, ensuring that sensitive information is always protected. Enhanced Data Protection: By using data origin and sensitive data identification, Secure Data Flow safeguards your company’s intellectual property and sensitive data from accidental loss and malicious theft. Insightful Investigations: Security analysts investigating malicious data exfiltration gain invaluable contextual insights into data origin, manipulation, and lineage, enabling them to identify, investigate, and report on data security risks and incidents with unprecedented accuracy. A new era in data loss prevention "In current IT environments, Intellectual Property (IP) commonly resides in an organisation’s SaaS applications and cloud data stores,” said John Stringer, Head of Product at Next DLP. "The risk here is that high-impact data in these locations cannot be easily identified based on its content. With Secure Data Flow, we help organisations protect their IP by capturing the data’s origin and using that information to track data movement and prevent data theft.”  Powerful and easy to use With Secure Data Flow, Reveal sets a new standard for data protection, offering a solution that is both powerful and easy to use. It ensures that organisations can confidently protect their most critical data assets with confidence, regardless of their location or application.

Next DLP, a pioneer in data loss prevention and insider threat solutions announced that their Reveal Platform is the first Insider Risk Management solution to automatically map detection events to MITRE Engenuity Centre for Threat-Informed Defense’s (Centre) expanded Insider Threat Knowledge Base (ITKB 2.0). The ITKB 2.0 is the first of its kind to offer an evidence-based, multi-organisational, and publicly-available compendium of insider threat tactics, techniques, and procedures (TTPs). This endeavour was developed in partnership between MITRE, Next DLP, CrowdStrike, HCA Healthcare, JPMorgan Chase Bank, N.A., Lloyds Banking Group, Microsoft Corporation, and Verizon Business.  MITRE’s TTPs Legacy solutions often require extensive manual effort to correlate detection events Digital transformation and hybrid workforces have significantly increased the complexity and volume of insider threats organisations face. Legacy solutions often require extensive manual effort to correlate detection events with specific threat behaviours, resulting in delayed responses, potential security breaches, and data leaks. Reveal addresses this challenge head-on by automatically including MITRE’s Techniques, Tactics, and Procedures (TTPs) in its detections, incidents, and analyst case reports.  Detecting malicious insiders “The expansion and refinement of our data repository was made possible by new cases and insights from our dedicated data contributors,” said Suneel Sundar, Director of R&D, of the Centre. “We’re delighted that Next is leveraging our knowledge of adversary behaviours and capabilities to provide defenders with a better opportunity to detect malicious insiders.” Maximising efficiency By incorporating MITRE’s TTPs Reveal delivers a comprehensive narrative of the entire incident lifecycle By incorporating MITRE’s TTPs Reveal delivers a comprehensive narrative of the entire incident lifecycle, from initial reconnaissance and data collection to defense evasion and exfiltration. For the chronically overstretched Security team, a persistent problem given the ongoing security talent shortage, this rich information view maximises the efficiency of analyst resources, empowering security teams of all sizes to perform at heightened levels. Data protection standard “With Reveal, and in partnership with MITRE CTID, we are setting a new standard for data protection and insider threat mitigation,” said John Stringer, Head of Product at Next DLP. “By automating the mapping of detections to MITRE’s Insider Threat TTPs, we enhance our clients' security posture by demonstrating MITRE ATT@CK coverage and significantly reducing the time and resources required to identify, respond to and report on high-impact insider threat activity.”

Next DLP, a pioneer in insider risk and data protection, announced the launch of Reveal SaaS Access Security to its industry-pioneering Reveal Platform. This new functionality marks a significant advancement in addressing the pervasive challenges of shadow software-as-a-service (SaaS) usage and the associated risks of sensitive data exposure in digital-first business environments. Due to the lack of visibility and control, shadow SaaS heightens the chance of data leakage and compliance violations as employees may inadvertently leak confidential data through unapproved cloud applications. Risk is further amplified with the use of non-corporate or corporate credentials that are then easily susceptible to compromise. Expanse of SaaS applications There is a pressing need to gain comprehensive insights into web app usage to proactively manage As organisations embrace web applications, including generative AI tools like ChatGPT, there is a pressing need to gain comprehensive insights into web app usage to proactively manage and mitigate data exposure risks. "In an era where businesses struggle to gain comprehensive insights into how web apps are being used by their teams, Reveal SaaS Access Security fills crucial gaps in the security stack," said John Stringer, Head of Product at Next. "It not only offers visibility into the expanse of SaaS applications utilised across an organisation but also fortifies defences against potential data breaches stemming from business data exposure via unauthorised app usage." Holistic view of SaaS application Insiders transferring data to personal online storage accounted for over 17% of detected exfiltration activities A study conducted by Next in January 2024 unveiled a multifaceted security challenge with SaaS applications. Insiders transferring data to personal online storage accounted for over 17% of detected exfiltration activities. Additionally, the widespread use of messaging services (such as WhatsApp, Signal and Facebook) and PDF conversion platforms was prevalent among users, bringing further focus to potential security vulnerabilities.  These findings further highlight the need for this new capability, providing organisations with a holistic view of SaaS application use, whether sanctioned, unsanctioned, or unknown, as well as identity-based risk. Key features Key features of Reveal SaaS Access Security include: Holistic Visibility: A centralised dashboard and inventory offering detailed insights into SaaS app usage, empowering organisations to identify and manage sanctioned and unsanctioned web apps, including emerging generative AI applications, and logins through both corporate and personal accounts. Proactive Data Exposure Monitoring: Continuous monitoring of data transfers within SaaS applications facilitates the early detection of data exposure risks, protecting proprietary company information and intellectual property. Real-time Risk Mitigation: Real-time controls, including employee education, to prevent data exfiltration attempts within both sanctioned and unsanctioned apps enhances the organisation's ability to respond swiftly to potential incidents. Compliance Audit and Reporting: An effective SaaS app inventory demonstrates the organisation has a comprehensive understanding of its software assets and provides the necessary documentation and evidence to demonstrate compliance with regulatory requirements during audits.  Complexities of Shadow SaaS "Reveal SaaS Access Security is more than just a feature; it's a strategic tool that empowers organisations to navigate the complexities of Shadow SaaS with confidence and precision,” said Connie Stack, CEO at Next. “By offering a unified view of application usage and real-time data protection measures, we are enabling businesses to safeguard their most valuable assets from the endpoint to the cloud."