The People Variable: Data Doesn’t Lose Itself

Share with your network!

Data doesn't lose itself; a person loses the data. What do we mean when we talk about people-centric security?

In our latest The People Variable episodeBrian Reed, Cybersecurity Evangelist at Proofpoint and former Gartner analyst, talks to us about data loss prevention (DLP).

People-centric security aims to strike a balance between risk reduction and employee agility. Traditionally, a DLP project is seen as a massive hassle at best.


Brian described three reasons why anybody would ever deploy DLP:

  1. A regulatory compliance requirement
  2. Verification of intellectual property protections
  3. Data visibility, movement, and monitoring

It's point #3 that really speaks to the context of data.




Remember, data doesn't just get up and walk around. It requires some intervention — a bad actor, a user mistake, a broken process — that triggers data loss. How should you frame your communications about data security to an employee who is potentially mishandling data?


What we talked about in this episode:

  • Three reasons you would ever start a DLP project
  • How to speak to your CISO about data loss
  • Communication is everything in security awareness training

Listen here! Find additional content and subscribe to Protecting People on Apple Podcasts and Spotify.