Overview
A global insurance provider invested in a Data Loss Prevention (DLP) solution but didn’t see proper value; they engaged Performanta to resolve the issue.
Performanta tackled the project through two angles: gain an extensive understanding of the client’s data situation and establish a secure and integrated DLP system.
Our consultants collaborated extensively with the client, working with different business units and conducting data audits and workshops.
Our discoveries of data processes, regulatory demands, and business unit expectations created a roadmap to fully realise the DLP’s potential.
Performanta’s engineers fine-tuned the DLP, working with our client’s IT and security teams to integrate the solution comprehensively into their systems.
The result is a DLP that meets ROI expectations and a secure data environment. Performanta’s intervention also helped our client gain business-wide buy-in of its data culture and shared security responsibilities.
Executive Summary
Data access, control and security is a concern for all organisations. But the stakes are higher than usual for some, such as insurance enterprises. Beyond that, data is intrinsic to a competitive insurance business. The data they handle are typically highly sensitive, involving financial details and personal information. Data losses and theft ripple wider than usual, creating severe financial and reputational damage. Performanta’s client, a global insurance organisation, recognised these risks and moved to address them with a Data Loss Prevention (DLP) solution.
A DLP is an excellent answer to insurance’s myriad of data challenges. Yet it doesn’t work out of the box—DLP solutions need to be integrated and fine-tuned to the business they serve. Our client did not see the value they expected from their DLP and engaged Performanta to help bring it to fruition. We have extensive experience deploying and fixing DLPs, and we started by establishing a collaborative partnership with our client. This step enabled us to audit their data, engage with different business units, and map out a DLP strategy based on the different data processes, business and compliance requirements, and security risks.
With this information and our partner’s hands-on involvement, Performanta fine-tuned and integrated the DLP, improving it from a standalone tool into an intelligent guardian that adapts to emerging threats. Notably, since reaching this milestone, the DLP has thwarted unauthorised data transfers and exposed numerous breach attempts. The insurer enjoys a more engaged data culture across their departments and a general culture of shared security responsibility. Crucially, they now get proper value from their DLP investment, thanks to Performanta’s expert intervention.
The Challenge
Our client, a global insurance organisation, manages large volumes of data, including financial details and personal information— much of it very sensitive. For most companies, this would already be a significant burden. But the insurance sector doubles down with extensive and evolving legislation requirements, not to mention the constant spectre of cybercrime threats. Damage to their data would severely damage their finances and reputation.
Yet data cannot thrive when locked away. The insurer’s employees and partners need access to different parts of that data without including the wrong people. That isn’t an easy task. To achieve this, our customer invested in a data loss prevention (DLP) solution, a highly sensible remedy to regulatory, access, and security challenges. Yet DLPs don’t work effectively out of the box. They require technical, business, and cultural alignments to deliver their promise. Unfortunately, Performanta’s client was not seeing enough of those benefits.
The Solution
DLP is a comprehensive program that requires active management, participation and support from various business units across the organisation. Without this involvement, the DLP system will not reach its full potential. Performanta has extensive experience deploying and revitalising DLP solutions and jumped into action when our client engaged us to address its DLP shortfalls. We accomplished this from two angles: we engaged with several business units to map their data and respective processes, and our engineers worked closely with their IT and security teams to ensure a fully functional and integrated DLP solution.
Our client accepted that a proper DLP requires buy-in and cooperation from various business units. Going beyond data audit, we created a strategic partnership that identified the organisation’s unique data flows, points of vulnerability, and regulatory obligations. Through workshops and cross-functional discussions, we helped our client grasp the scope of their DLP requirements. These mapping and collaboration engagements ultimately guided the necessary change management, integration, and security risk reductions, enabling Performanta’s engineers to fine-tune the DLP solution.
The Results
By integrating it with the company’s ecosystem, the DLP stopped acting as a standalone tool. It became a vigilant sentinel—an intelligent guardian that adapts to emerging threats. Beyond those gains, it strengthened our client’s data protection posture, encouraged shared security responsibility, and improved the insurer’s data culture. Once properly aligned, the DLP has since thwarted unauthorised data transfers, detected breaches that were promptly mitigated, and delivered the return on investment our client expected when they initially deployed the DLP solution. Our client’s journey demonstrates the power of a comprehensive approach to DLP. By recognising that DLP is not a magical solution but a strategic imperative, and partnering with Performanta to fuse strategy and implementation, they fortified their defences— emerging as a leader in the insurance industry’s ongoing battle for data security.
Talk to our experts
About Performanta
Performanta was founded in 2010 and has over 150 staff worldwide, including former CIOs/CISOs from large enterprises. It has a global footprint with a team of 80 analysts working in two SOCs, helping to secure customers across 50 countries, from offices in the United Kingdom, Australia, Germany, South Africa and the USA. Performanta offers a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk. With a holistic cybersecurity view, we understand the modus operandi of the perpetrator and accordingly build an intelligent defence mechanism to make customer environments less susceptible to attacks.