Cyber security firm Sourcefire said in an exclusive interview with CBR that it may target the growing data leakage prevention market in 2010.
Sourcefire is the company built around the open source intrusion detection technology, Snort. Asked whether it would make sense for the company to broaden its portfolio into the DLP space, CEO John Burris told us, “Yes, we don’t think that anyone has DLP right today. We think that we have a lead in awareness technologies with real time network awareness (RNA) and RUA – real time user awareness, which really associates a user with an IP address so that you can tell really what’s happening.”
“We think that we have the ability to extend those technologies to data awareness possibly, you know, a really good name would possibly be real time data awareness or RDA,” Burris said. “Then you have RNA, RUA, RDA as a potential. You could even do that with an open source project; we probably have the credibility to launch that if you want to do it.”
Burris also noted that, “We could, because of the money we have in the bank and our stock price as we pointed out earlier, we have equity that we could buy something that would give us a jump start, so there’s a lot of possibilities.”
Burris insisted that he was not announcing a DLP strategy, saying, “I’m not announcing that we’re going to do that but it’s very interesting to us and I know we have the capability if we wanted to go that direction, that we could do that… that is a really interesting area for us and something we’ve definitely been kicking around.”
Data leakage or data loss prevention is a technology that has become of increasing interest to CIOs and indeed their CEOs and boards, who believe it could help reduce the chance of the company being exposed to an embarrassing and potentially very costly data loss incident.
The technology can work in a number of ways: restricting access to certain types or classes of information to certain users, restricting what can be done to the data (for example copied to a laptop or memory stick) or simply tracking every change to the status or location of the data so it can be traced later. Companies with products in the space today include Symantec, McAfee, Trend Micro, EMC/RSA and CA.