Fortra CSO Explains Data Loss Protection Difficulty & Implementation

As we have reported consistently, the modern threat landscape continues to cause companies to revisit their posture and priorities. Through this process, some are returning to technology once considered “too complex” by many. Managed security services and technology provider Fortra’s Chief Strategy Officer John Grancarich shared his insights on the importance of data loss protection (DLP) solutions with Channel Insider.

DLP tools a ‘critical’ part of holistic security strategy

Data loss and protection tools are the focus of a new ebook resource produced by Fortra. Grancarich points out that now more than ever, data is a key value driver for any business. The need for secure data has only increased as GenAI tools gain popularity. The more data a business creates, the more it has to lose in a breach or other attack.

“Some subsets of an organization’s data – whether that be its intellectual property, proprietary research or something else – is likely its crown jewel, the thing that gives it its value in the world,” Grancarich said.

Data loss and protection tools address insider threats, external attacks, the needs of remote work environments, and regulatory compliance for organizations of all sizes and across all industries.

Protecting data is not a “once-a-done” task easily achieved, but folding DLP into a larger technology stack offers an added protection layer. As Grancarich says, data protection should be coupled with other solutions, including managed firewalls, endpoint detection and response, and email security.

“When aligned with broader security goals, DLP acts as a safeguard that helps organizations not only defend against cyberattacks targeting their data but also to build resilience and trust with their stakeholders,” said Grancarich.

Achieving C-suite buy-in is still a struggle for many

Even with the need for and value of DLP apparent to those in security, there remains a hesitation to devote resources to DLP solutions amongst leadership in many organizations. According to Grancarich, that is the result of many factors, including a historical misunderstanding of what the tools can provide, a lack of understanding around how to accurately measure return on investment and a general breakdown of communication between technical and non-technical departments within an organization.

That last point is a sore spot that can only be addressed through strategic conversations centered on business needs, with DLP as more than just a technical product.

“The key is to frame DLP in terms of business outcomes and risk mitigation – in other words, speak the language of the businesspeople and don’t get lost in translation with an overabundance of technical details,” Grancarich said.

Complexity provides an opportunity for channel partners

The solutions and services providers who can act as trusted advisers for their clients have a significant opportunity to cut through the concerns around DLP implementation and value. DLP tools have benefited from years of product innovation and are primed for a new adoption cycle.

“Historically, implementing DLP was seen as a time-intensive process requiring significant resources and expertise across a wide range of often complex use cases,” Grancarich said. “Modern DLP solutions are far more advanced, offering automation, seamless integration with existing enterprise tools and user-friendly configuration.”

Still, saying that on its own won’t be enough to move the needle at most organizations. MSPs and others can bring tangible benefits to the table in conversations with executives to ultimately improve the security posture of their clients. Partners can work together with their customers to develop use cases and a strategic approach to weaving technical needs with big-picture goals for the health of the business.

“That said, balance any cyber-horror stories with logical and pragmatic business justification. Build trust and confidence with a balanced perspective.”

Security will continue to dominate headlines and drive important business decisions in 2025. For a refresher, read our top security stories of 2024 to catch up on last year’s important news and trends.