Thursday, February 7, 2008

What is after DLP?

Lets put things into perspective. The latest buzzword seems to be DLP. (Just ask Gartner). And I'm down with DLP, it makes sense after a fashion.

But really, now. There's two big problems that DLP doesn't address. Two items:
* prevention will fail
* public information has an amplifying affect

I don't particularly want to focus on prevention, but it needs mentioned. Information will end up in places you do not want it. Expect it, plan for it, don't ignore the simple fact.

Public information is much more damning because there's nothing that can be done. You can certainly attempt to put in draconian policies. Let me know how that works out.

As I said, public information has an amplifying affect. In another words, the sum of the parts add up to be much more valuable than each datum individually.

I submit that OSInt is not just for governments anymore. I suspect managed security service providers will begin collecting and aggregating information to analyze open source information for customers. Open source information has a leveling affect of the playing field for competitors. Worst case we ignore this easy way of collecting and applying information and the black market embraces it and makes a fortune. Best case, we develop free tools to allow anyone easy ways to analyze this information. This will allow both sides the same insights.

I've always considered technology a tool that amplifies results; I never thought of applying the same ideas to information. Something to think about.

No comments:

Post a Comment