Fortinet’s last data security report and Cybersecury Insids highlights a paradox that worries the sector: although organizations are allocating more budget and adopting more intelligent strategies to protect their information, data loss does not stop increasing. The problem is no longer invested, but in how it is faced with a landscape of threats in full transformation, marked by the expansion of SAAS and the massive use of artificial intelligence tools.
According to the study, 77% of companies suffered at least one incident related to internal personnel in the last 18 months, while 58% acknowledged having experienced six or more episodes in that same period. The figures make it clear that the risk does not proceed only from abroad, but also from the teams themselves, often due to carelessness or lack of control.
“Companies can no longer be installed to inherited solutions designed for a world with clear digital borders. Today the data is created and moved in multiple clouds, on SAAS platforms and in AI applications, which requires a radical change of approach,” concludes the report.
The traditional DLP limit
Data loss prevention (DLP) was for years a key piece in corporate defense. Born to protect sensitive information such as medical records or credit card numbers, it was built under the logic of the perimeter and regulatory compliance, but the current reality is much more complex.
The data travel between multiple environments, and the classic tools fail to follow the track. In fact, 72% of organizations admit that they have no visibility on how their employees interact with confidential data. To this we must add that almost half of the incidents occur by human error, not by intention of causing damage, something that conventional DLP is not able to differentiate.
Although organizations are allocating more budget and adopting smarter strategies to protect their information, data loss does not stop increasing
The result is that companies face solutions that work in Silos and take weeks or even months to provide useful information, while the risks grow exponentially.
The demand for a new generation of protection
Security managers ask for a change, they want tools that offer context, that they do not limit themselves to pointing out that a file left the organization, but explain who sent it, with what intention and if that behavior fits within the expected.
The report emphasizes that the next generation of DLP solutions should be based on three pillars:
Behavioral analysis, to distinguish errors from malicious attacks
visibility from day one, avoiding long periods of blindness
Control on SAAS and artificial intelligence applications in the shadow, which are often used without supervision
The idea is that modern platforms are able to connect isolated events and build risk narratives, so that security equipment can detect patterns, prioritize incidents and react quickly.
Business impact of data loss
Beyond regulatory compliance, data loss represents a direct risk for business continuity. Almost half of the companies consulted recognize financial losses derived from internal incidents, with 41% that estimates damage between 1 and 10 million dollars in the worst case. 9% say they have exceeded the 10 million barrier.
Reputational damage is another critical consequence: 43% of organizations saw the confidence of customers and partners affected, while 39% suffered operational interruptions. In sectors such as biotechnology or manufacturing industry, a filtration of designs or intellectual property may mean the end of years of investment and competitive advantage.
Towards integrated protection
In this context, Fortinet raises the need to unify the DLP with internal risk management. Its Foridlp platform, integrated in Fortinet Security Fabric, connects identity, access and activity in the same ecosystem, allowing to offer real -time visibility and based on the behavior of users and systems.
