Everyone hates DLP. It’s hard to implement, never lives up to its promises, users hate getting block messages, and admins get buried in alerts. Unfortunately, organizations often need to meet regulatory or audit requirements and DLP is the only viable solution. In this presentation, participants will hear how one company grudgingly adopted DLP and turned it into a value-added service.
When he’s not busy crashing bikes or sampling tiki drinks, John runs the threat modelling, application security, data retention, and privacy regulations functions for an independent financial services firm in Chicago, IL. He has over 20 years’ experience breaking systems and getting them fixed before the next workday. He is a CISSP and proud owner of several lapsed certifications.