AI may be redefining cyberattacks and defenses, but the real security battleground is data. In an environment where information flows freely between SaaS platforms, personal devices, and remote endpoints, preventing data leakage is a strategic imperative critical to company performance.
Data Loss Prevention (DLP) has become the cornerstone of digital trust, especially as organizations automate more of their operations and employees leverage AI platforms in their day-to-day work. Modern DLP tools need to support expanded functionality and new layers of context to truly integrate into broader access and identity policies in the quest to safeguard and futureproof business.
Vice President of Cybersecurity Sales and Service for Hughes Network Systems.
Inside your business, the need for DLP continues to evolve
Employees do things they aren’t supposed to. That isn’t a new phenomenon, but it presents big challenges for DLP efforts. The rise of content-hungry tools such as ChatGPT and increased reliance on shared data repositories in the cloud – Google Drive, Dropbox, etc. – create more opportunities for workers to move or exfiltrate sensitive customer data in ways they shouldn’t.
Alongside company-provided solutions, the 2025 Netskope Cloud and Threat Report found that 88% of people use personal cloud apps at work. Shadow IT, where users quietly implement SaaS apps without IT’s knowledge, means your business may have numerous undiscovered apps floating around that put your data at risk.
Even the sanctioned use of large language models (LLMs) is frequently hampered by insufficient governance and oversight to ensure employees don’t run afoul of data boundaries. Companies struggle to identify and stop data leakage because there’s scant visibility into what the LLM is ingesting, what data it’s storing, where its outputs go, who’s using those outputs, and how. Unfortunately, legacy DLP platforms often can’t monitor and control AI-powered SaaS apps, leaving sensitive data potentially unprotected.
External threats amp up the value of DLP
When threat actors get onto a network, they’re typically looking to steal sensitive data or encrypt files for a future ransom. Those two risks have enterprises on high alert, and while robust ransomware prevention tools can help with the latter, DLP is key to protecting against the former.
The right DLP platform can prevent sensitive data from leaving your network, no matter how the attacker entered or where their search for content takes them. Anytime somebody tries to touch, access, or move data you’ve earmarked as sensitive, you’re going to know who’s trying to access it and what they’re trying to do with it.
Used in conjunction with a capable ransomware protection service to manage against attacks, DLP can stop external threat actors from accessing and moving your sensitive data.
Integrations solve DLP challenges in modern architectures
There are a few core capabilities to consider that make a big difference in a DLP solution’s effectiveness and usability. Historically, some primary complaints have been the lack of integrations and limited ability to stop employees from getting around established parameters.
Modern DLP tools can integrate with tens of thousands of web applications used by employees, from email to Slack, Salesforce, Teams, and others. A DLP solution designed for today’s infrastructure can also keep an eye on what users are submitting to LLMs.
Custom rules enable you to scan LLM inputs for discrete data types, such as credit card numbers, customer records, valuable source code, and even confidential keywords that may denote a highly sensitive project or pending business deal. If you can define it, an integrated DLP can watch for it and prevent unauthorized actions.
Context and customizations are key to quick response and efficient alert triage
Every threat is not created equal. Leading DLP tools offer flexibility in customizing rules and responses to suit nearly every scenario. To achieve the best results, your security team must begin by finding and defining your sensitive data, which may be different from one company to the next. CRM lists, source code, customer data—it’s up to you to decide what you want to monitor.
An advanced DLP can then use your unique content definitions to drive tailored response actions. What if a user tries to exfiltrate sensitive customer data? Your DLP may automatically block the action and immediately notify your security team. Alternatively, a less risky action might trigger a pop-up window that provides active coaching and policy reminders to help change user behavior. The DLP could allow an action after confirming the user’s identity through an additional authentication prompt, or allow an action but automatically redact sensitive data, such as patient names or payment card numbers.
The ability to customize your DLP strategy by choosing the automated response based on the severity of the threat enables a faster and more effective response to every event. By adding context to surface the most pressing risks, you also reduce the non-critical alerts sent to your security and IT teams and preserve their time for high-priority situations that require their attention.
Data loss prevention is a priority for enterprises navigating the AI age. Managing and protecting data moving through the organization requires integrated tools that can act as a traffic light to stop risky actions, encourage users to adopt preferred behaviors, and apply automated rules to free your security and IT teams to focus on critical threats. Innovative solutions empower security and IT teams to effectively prevent data leakage even in highly fluid environments.
We list the best data recovery service.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.