On Data Leakage Prevention Maturity: Adapting the C2M2 Framework-Reference-Cited by-同舟云学术

On Data Leakage Prevention Maturity: Adapting the C2M2 Framework

Published:2024-03-30 Issue:2 Volume:4 Page:167-195
ISSN:2624-800X
Container-title:Journal of Cybersecurity and Privacy
language:en
Short-container-title:JCP

Author:

Domnik Jan¹^ORCID,Holland Alexander²

Affiliation:

1. Business Faculty, Accounting and Finance Department, Universidad Católica San Antonio de Murcia, Guadalupe de Maciascoque, 30107 Murcia, Spain

2. Institute of IT Management and Digitization Research (IFID), FOM University of Applied Sciences, 45141 Düsseldorf, Germany

Abstract

In an evolving cybersecurity landscape marked by escalating data breaches and regulatory demands, data leakage prevention (DLP) has emerged as one of several defense mechanisms. This study underscores unresolved foundational issues within DLP, revealing that it remains a significant challenge in large organizations. This highlights the necessity for a holistic approach to DLP to effectively address these persistent challenges. By developing a DLP Maturity Model, adapted from the renowned C2M2 framework, this research provides a comprehensive tool for assessing organizational DLP capabilities and pinpointing critical gaps. Applying the DLP Maturity Model within the financial sector as demonstrated through a banking scenario showcases its relevance and added value. This application illuminates the model’s effectiveness in securing sensitive data and adhering to essential regulatory standards, highlighting its adaptability across various compliance landscapes. Implementing this DLP Maturity Model in a banking scenario showcases its applicability, highlighting its ability to formulate a strategy to secure sensitive data and comply with regulatory standards. This approach aligns with the concept of a continuous risk-based strategy, merging the holistic model to identify and address critical insider risks within organizations. The study addresses a specific gap in DLP research, notably the lack of a holistic framework for assessing and enhancing DLP strategies across organizations. It equips practitioners with a foundational tool to determine current DLP maturity and devise strategies for mitigating insider-driven data breach risks, thereby bolstering organizational cybersecurity resilience.

Publisher

MDPI AG

Link

https://www.mdpi.com/2624-800X/4/2/9/pdf

Reference57 articles.

1. A Survey on Data Leakage Prevention Systems;Alneyadi;J. Netw. Comput. Appl.,2016

2. Stiennon, R. (2024, February 01). McAfee Acquires Onigma|ZDNET. Available online: https://www.zdnet.com/article/mcafee-acquires-onigma/.

3. Wilkens, A. (2024, February 01). McAfee Kauft Safeboot für 350 Millionen US-Dollar. Available online: https://www.heise.de/news/McAfee-kauft-Safeboot-fuer-350-Millionen-US-Dollar-183016.html.

4. Check Point Software Technologies Ltd. (2007). Report of Foreign Private Issuer, Check Point Software Technologies Ltd.

5. Wilson, T. (2024, February 01). Symantec Seals $350M Acquisition of Vontu. Available online: https://www.darkreading.com/cybersecurity-analytics/symantec-seals-350m-acquisition-of-vontu.