DLP isn’t a disruptive force to company’s culture: Roman Foeckl, CoSoSys

DLP is quickly becoming a mandatory tool in the arsenal of IT departments says Roman Foeckl, Founder and CEO, CoSoSys.


Data Loss Prevention (DLP) market has become a much mainstream technology of the security posture of companies worldwide. CoSoSys offers On-premise full DLP ‘Endpoint Protector’ for Enterprise and Small-Medium businesses, as hardware and virtual appliance, and as cloud infrastructure. CIO India interacted with Roman Foeckl, Founder and CEO, CoSoSys on the company’s differentiator in DLP world and the road ahead for CIOs and CSOs with their data-flow strategy.
Edited Excerpts.

How scary or murky is the new threat surface for endpoints in 2018 and beyond?
We have seen an alarming rise in cyberattacks in recent years, targeting especially large organizations whose stores of data are considerable and valuable. When people think of threats to endpoints, their minds race to these spectacular headlines and, while there is a clear danger, oftentimes, companies suffer more data loss from their own employees than external interference. What this means in terms of what companies should be afraid of: it is their accountability for these breaches in the eyes of the law.
With the rise of data protection regulations such as the GDPR—which sparked a worldwide increased awareness and race for compliance earlier this year—companies, nowadays all globally oriented, should be mindful of their own internal weak links. 

What is the current state or the maturity curve of Data Loss Prevention (DLP) in today’s digital transformation era?
I think that digital transformation, while it can help businesses bring their processes into the 21st century, increases the risk of data loss, mostly because traditional data protection strategies are not evolving as quickly as digitalization efforts.

Roman’s ‘DLP’ Bucket List for CSOs and CIOs

  • Familiarize with capabilities of DLP for an informed decision on the product.
  • Join the demos and talk to the experts. Most security companies offer this.
  • Always test the product before buying. See how smooth it is and how it matches their needs.
  • Beware of hidden costs in DLP implementation. For e.g. Windows Server and database licenses.
  • Read the fine print for TCO over the long term.

With data now constantly traveling— in the cloud, through third-party services, social media, messaging apps etc. — and the inability of many companies to restrict and control both shadow IT and data mobility, DLP is quickly becoming a mandatory tool in the arsenal of IT departments trying to control the flow of data in and out of their networks.

DLP is more of culture shift for companies which more than often acts as roadblock, isn’t it?
I think companies are more and more aware of the importance of DLP. With the number of breaches continually rising and even big companies like Adidas and H&M falling prey to them, there is a mounting fear that they could be next. Add to this the rise of data protection legislation like the GDPR in Europe, and HIPAA and FISMA in the US and you can see why companies may be less reluctant to take the leap to DLP implementation than they did say five years ago. They have started to see it more as a necessity than a disruptive force to their company culture.

What about the other persistent roadblocks or fear factors for companies to adopt DLP? Who is the actual influencer or buyer of DLP at customer end - CIO, CFO or CSO?
One of the main fears that haunts DLP products is the worry that their implementation will affect employee’s productivity by needlessly complicating otherwise simple tasks by the enforcement of excessive and inflexible data protection measures. In my view however, it is the job of DLP product developers to ensure that interference with the normal day-to-day tasks of employees is minimal.

DLP’s role is to protect sensitive data. Employees should only be affected by it when they step beyond the boundaries of its policies which they should have personally known and enforced in their work anyway. DLP products also have to be so simple to use that companies embrace their implementation.

The IT or security budgets for DLP really depends on the size of the company. For smaller companies, the decision often comes down to the CEO. For bigger companies, IT departments are usually allocated security budgets which they spend according to their needs; so decisions to buy are discussed and taken at that level. This is not a roadblock but an important factor for our team to pitch DLP to the respective influencer or buyer at the customer side.

CoSoSys offers ‘On-premise full DLP for Enterprise and SMB’. What exactly do you mean by full DLP and how it scores over competing ones from Symantec, Forcepoint to name a few?
Full DLP for us means focusing not only on all aspects of Data Loss Prevention from device control to the monitoring and control of data at rest and in motion, but also the breadth of its implementation.

“Roman’s vision is to offer an easy-to-use-and-implement DLP Solution that covers all popular platforms from Mac OS to Windows and Linux, so large and small businesses can protect their data against accidental loss or intentional data theft.”

Our main advantage on the DLP market is that we have always looked beyond Windows, to macOS and Linux as well. Few of our competitors can say the same and we were among the first to think of the security struggles of companies running multi-OS networks. Our cross-platform coverage enables a seamless management of all endpoints regardless of their operating system, from a single dashboard.

We also offer one of the most diverse implementation options on the market: Endpoint Protector can come as a Virtual Appliance compatible with the most popular virtualization tools, as an easy-to-use hardware appliance pre-installed with a variety of models based on clients’ needs, or as instances for AWS, Google Cloud or Microsoft Azure.

In today’s multi-cloud era, are the organizations ready for Cloud-based Data Loss Prevention (DLP) available anywhere, anytime?
I think anywhere, anytime is a stretch. After all, cloud-based DLP requires an internet connection to run. Many companies still prefer the security of on premise solutions which they have complete control over.

We might see the rise of a different kind of DLP implementation beyond traditional DLP solutions: at the heart of applications, services and infrastructure. The GDPR, in fact, requires applications to be built secure by design and by default. Since the number of security engineers is limited, we are likely to see the rise of security APIs and SDKs for Data Loss Prevention.

Amazon already rolled out Macie, Google has its own DLP API, although both are, as of yet, limited in their scope. We at CoSoSys, have been working around the clock on that takes the idea of DLP APIs to the next level, with over 12 supported integrations and an additional eight supported clouds and infrastructures for eight programming languages on five operating systems.

You and your team interact with CIOs and CISOs of companies of varied verticals across the globe. Any pitfalls they should avoid on their DLP journey?
I think it’s first of all important for them to familiarize themselves with the capabilities of DLP, so they can then take an informed decision when they need to decide on a product. Join demos, talk to experts. Most companies offer them. Finally, always test the product before buying it, see how smoothly it operates and how well it serves those needs they’ve identified.

As for pitfalls, beware of hidden costs in DLP implementation. Many are not aware some DLP solutions require Windows Server and database licenses for example, which, depending on the company, may need to be purchased separately. When they’re planning to implement DLP tools company-wide, they must read the fine print and ensure they know the TCO clearly and always budget for it in the long term. DLP is not a one-time investment. 

After the acquisition of CoSoSys by Astaro and the subsequent acquisition of Astaro through Sophos, you together with Michael Bauner took CoSoSys private again in a Management Buyout (July 2011). What’s been the report card since?
The goal since then and till date has been to build CoSoSys and its Endpoint Protector product family in the leading content aware Data Loss Prevention (DLP) and Mobile Device Management (MDM) offering on the market.

... “Full DLP for us means focusing not only on all aspects of Data Loss Prevention from device control to the monitoring and control of data at rest and in motion, but also the breadth of its implementation.”
Roman Foeckl
Founder and CEO, CoSoSys

We have seen a tremendous growth in the last seven years. CoSoSys’ products now protect over 11 million users worldwide and are represented by more than 130 partners in over 90 countries. There’s also been a marked increase in our brand awareness globally with Endpoint Protector being recognized in 2017 Gartner Magic Quadrant for Enterprise Data Loss Prevention and by the Radicati Group in the Enterprise Data Loss Prevention Market Quadrant 2017.

Your professional and personal goal for 2018?

Professionally, I am always striving for the continued growth of CoSoSys, to ensure that our products serve our customers well and continually evolve to meet new market challenges and needs.

Personally, I strongly believe that work-life balance is an essential part of a healthy and happy work force and I try to keep that in mind both for myself and everyone working at CoSoSys.