In case you hadn’t heard, Vericept, one of the founding DLP vendors, has been acquired by a company called Trustwave.  The acquisition marks the final consolidation play of an enterprise DLP vendor.  Most significantly, however, is that I expect this marks the death of Vericept as a DLP solution. 

Trustwave has stated pretty clearly that they intend to use this as a compliance offering.  Their nod to continued support of the Vericept product is typical acquisition BS.  It’s unlikely Trustwave will expend the innovation and engineering required to keep Vericept’s DLP technology alive, and mature it to the extend that is needed.  And why would they - such effort would not fit their business model.

You can read more about the acquisition here.  Terms of the acquisiton have not been released… I would not expect that Vericept went for much given the company’s decline over the last 12-24 months.

p.s… I am officially removing Vericept from my list of DLP vendors.

-Dave

From ITnews.com.au

Details of 1400 Australian security professionals leaked.

Security vendor McAfee has sent out a bulk email containing the contact details of over 1400 security professionals that attended its recent conference in Sydney.

The email revealed demographic data collected during the registration process for the McAfee Strategic Security Summit, held in Sydney on Friday July 17, as well as the full contact details of 1408 people who attended or registered.

Read the full article here.

July 30, 2009 — Computerworld —

Details about a U.S. Secret Service safe house for the First Family — to be used in a national emergency — were found to have leaked out on a LimeWire file-sharing network recently, members of the House Oversight and Government Reform Committee were told this morning.

Also unearthed on LimeWire networks in recent days were presidential motorcade routes and a sensitive but unclassified document listing details on every nuclear facility in the country, Robert Boback, CEO of Tiversa Inc. told committee members.

See full article here…

Well, it’s finally out.  Gartner completed its analysis and published the 2009 Gartner MQ for Content-Aware DLP.  Congrats to Paul and Eric!

There aren’t too many surprises in here:

• RSA, Symantec, and Websense are the only vendors in the leaders quadrant
• McAfee (previously Reconnex) and Vericept dropped from the leaders quadrant

The renaming of the report to content-aware DLP is meant to highlight identification techniques that go beyond basic keywords and pattern matching, and differentiate the vendors in this report from all the others out there that slap the label DLP on their USB keys in order to grab customer attention.

IMO, the folks in the leaders quadrant provide enterpries DLP… that is, the best, most comprehensive set of capabilities at the network and client to prevent loss of a wide array of data, including regulated and IP.  The rest may be suitable to address specific use cases, but lack the breadth/depth in capabilities, as well as the innovation necessarily to most adequately address the broader problem of data loss.

This is the third year Gartner has done this analysis.  Did they get it right?  Is it better or more comprehensive than the Forrester Wave on Content Security?  I’ll let you decide.  You can download the report here.

-dave

Rich Mogull of Securosis.com just completed a sponsored report called the Executive Guide to DLP, including a video series (3 clips).  You can check it out here: http://www.websense.com/welcome/MiscLandings/exec_DLP/exec_DLP.html

Description: Reported data breaches increased by nearly 50 percent in 2008 and industry and regulatory requirements are continually being added to stem the tide of data leaks. Data loss prevention (DLP) technology has never been more important. To that end, we’ve developed the tools below to help guide organizations considering DLP technologies.

p.s… congratulations to Rich and Adrian on their new website.  Looks great, guys!