Critical data loss from within spawns new market

Outbound content compliance segment expected to hit $2 billion by 2009

A shift in information security practices — companies are moving from firewalls that keep external intruders out to systems that keep proprietary data in — has created a small but growing market for federal agencies and information technology providers.

IDC, a market research firm, calls this market segment “outbound content compliance” and predicts sales will grow from $50 million this year to almost $2 billion by 2009.

Doug Jacobson, associate professor of electrical and computer engineering at Iowa State University and director of the school’s Information Assurance Center in Ames, said thieves can profit from attempts to illegally collect proprietary and personal data.

“What we’re seeing now that we didn’t see five years ago is that information like that can be turned into money,” Jacobson said.

Companies used to think that if they bought better firewalls, their data would be more secure, he said. “That is what we’ve been doing for the last several thousand years as a society,” he said. “We build walls and we hide inside and we keep other people out.”

But technology now facilitates an easy flow of information, especially outward. In addition to keeping hackers out, security technology needs to prevent insiders from exporting inappropriate data.

Nevertheless, he said, the outbound content compliance market contains fewer than 10 vendors. Jacobson said that from February 2005 to November 2005, organizations reported more than 51 million cases of lost personal information via stolen laptop PCs and other hardware, network breaches, or accidental disclosure.

“The whole public awareness of this data leakage problem has resurfaced,” he said, and not only because of the recent theft of a Department of Veterans Affairs laptop that contained personal data on more than 26 million veterans and their families.

In less well-known incidents, he said, sometimes 10,000 files are lost or stolen. “That’s not 26 million, but if you’re one of the 10,000, it’s a big problem.”

In a recent study by Deloitte Touche Tohmatsu, more than half the technology companies surveyed said they had had security breaches in the past 12 months, and most of them admitted they had not taken aggressive action to prevent future incidents.

“Addressing the insider threat is becoming more complex,” said Brian Burke, manager of IDC’s security products and services research. In the past, outbound content was mostly in the form of e-mail messages. Now many employees to carry sensitive information on mobile devices.

Proofpoint, a three-year-old messaging security company in Cupertino, Calif., found that almost 35 percent of the companies it queried said their business had been adversely affected by the exposure of sensitive or embarrassing information in the past year.

Keith Crosley, director of market development at Proofpoint, estimated that about one-third of the company’s business now involves internal content security. In its own survey, Proofpoint found concern for protecting identity and financial privacy rose from 64.3 percent in 2004 to 71.1 percent in 2006.

“Leak prevention isn’t just about e-mail,” he said. Companies and government agencies are interested in preventing data losses via FTP, instant messaging, and blog and message board posts, he added.

Until recently, health care and financial services were most active in the market. But in the past year, Crosley said, companies are looking to protect customer and client information from a best practices perspective. “The regulatory issues are secondary,” he said.

Proofpoint’s clients include defense contractors and government agencies such as the U.S. Agency for International Development. He said new business is coming from state and local governments as chief information officers start to focus on ways to standardize outbound content compliance solutions.

chart

About the Author

David Hubler is the former print managing editor for GCN and senior editor for Washington Technology. He is freelance writer living in Annandale, Va.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group