- Cloud Security Newsletter
- Posts
- Changing Data Security in Cloud : Beyond Traditional DLP, Runtime with SOC, and Data Protection
Changing Data Security in Cloud : Beyond Traditional DLP, Runtime with SOC, and Data Protection
Your Cloud Security Strategy is About to Change - Here's What's Coming in 2025 especially as Cloud Environments become more complex with AI & Kubernetes on Serverless, here's what will be reshaping your security landscape in 2025:
Hello from the Cloud-verse!
This week’s Cloud Security Newsletter Topic is 3 Public Cloud Security Incidents That Changed Everything! (continue reading)

Changing Data Security in Cloud : Beyond Traditional DLP, Runtime with SOC, and Data Protection- (Image Credit - Dalle)
Incase, this is your 1st Cloud Security Newsletter! You are in good company!
You are reading this issue along with your friends and colleagues from companies like Netflix, Citi, JP Morgan, Linkedin, Reddit, Github, Gitlab, CapitalOne, Robinhood, HSBC, British Airways, Airbnb, Block, Booking Inc & more who subscribe to this newsletter, who like you want to learn what’s new with Cloud Security each week from their industry peers like many others who listen to Cloud Security Podcast & AI CyberSecurity Podcast every week.
Welcome to this week's edition of the Cloud Security Newsletter!
This week, we're diving deep into how data security is evolving in the enterprise space, particularly as organizations grapple with cloud adoption, AI implementation, and the limitations of traditional data loss prevention approaches and the changing landscape of security operations. Our featured experts share valuable insights on why traditional approaches for data security are being redefined and how the industry is adapting to address these challenges.
Featured Experts This Week 🎤
Francis Odum - Founder and Lead Research Analyst at Software Analyst Cyber Research
Mike Privette - Founder of Return on Security
Ashish Rajan - CISO, Trainer & Host of Cloud Security Podcast
Definitions and Core Concepts 📚
Let's clarify some key terms that will be referenced throughout:
DSPM (Data Security Posture Management): A framework focused on visibility and classification of enterprise data assets. Unlike traditional DLP solutions, DSPM is primarily concerned with understanding what data exists, its sensitivity level, and compliance requirements.
DLP (Data Loss Prevention): Traditional security controls focused on preventing data exfiltration, primarily through email and endpoint monitoring.
Sensitive Data Types: As Francis Odum explains: "When you think about data specifically, we're speaking about if you're a banking financial institution, that's credit card data, that's users' bank accounts information, their PIN, personal identification number, that could be their gender... all of what we consider really classified."
Runtime Security: Real-time monitoring and protection of cloud workloads during execution, as opposed to static configuration checking.
DSP (Data Security Platform): An emerging concept combining DSPM capabilities with real-time DLP in cloud environments. We would like it to be called DNAPP, inspired by the cloud native acronym CNAPP (more on this later) 🙂
eBPF (Extended Berkeley Packet Filter): A cloud native technology enabling real-time monitoring and security in Kubernetes environments without significant performance impact.
This week's Issue is sponsored by Cloud Security Bootcamp
If you are looking to upskill your AWS Cloud Security or Kubernetes on AWS Cloud knowledge for you and your SOC Teams, you might want to check out Cloud Security Bootcamp.
Sign up today for upcoming AWS Security & Kubernetes Security February 2025 MasterClass and learn what Cloud Security Engineers and Architect do for work during the MasterClass on AWS Security, Amazon EKS & more with Labs, Walkthrough of the AWS Services used to build Applications in Cloud.
Our Insights from these Practitioners 🔍
1. The Renaissance of Data Loss Prevention
Mike Privette makes a bold prediction: "I think data loss prevention is going to be real for once." He explains that traditional DLP has been "largely been like a failed product" due to its hammer-like approach when a scalpel was needed. However, with AI advancements, we're seeing a transformation in how DLP can be implemented more effectively.
Key developments:
More nuanced detection capabilities
Better understanding of context and value
Improved ability to identify intellectual property
As Privette notes: "The cost of a breach of a social security number versus the cost of a leaked M&A document for a competitor - they're not really comparable. One has a finite dollar, one has an uncapped dollar amount."
2. The Three Pillars of Modern Data Security
Francis Odum outlines three crucial elements for a comprehensive data security strategy:
Visibility and Discovery (DSPM) "DSPM or Data Security Posture Management is primarily around visibility... let's understand all of the different types of data sets that we have internally within our enterprise."
Protection (DLP) "DLP is like a follow-up process... how do we actually go about securing that data from getting lost?"
Recovery "You might have a DSPM with visibility, you might have DLP for protection, but if an attacker is still inside... how do you make sure you recover really quickly?"
As Francis notes: "Before you could actually use some of those datasets to make your LLM significantly better, you need to make sure that directly the PII, you're not violating PII type, GDPR type, HIPAA type compliance."
3. The Shift to Runtime Security
Ashish Rajan emphasizes the importance of runtime security in 2025: "Now with AI kind of exploding everywhere... Cloud security engineers and Architects are working on proactively trying to build a cloud blueprint so that you can build security from the beginning."
Key developments:
Movement from static CSPM/CNAPP alerts to real-time monitoring
Integration of eBPF for enhanced visibility
Focus on actual threats rather than configuration issues
4. The Three-Dimensional Approach to Data Security
The experts outline a comprehensive approach to data security:
Visibility and Discovery (DSPM) Mike Privette predicts: "I also think data loss prevention is going to be real for once... AI will be able to actually make it a lot more specific."
Runtime Protection (DLP) Ashish Rajan emphasizes: "DLP or data leakage prevention which has been there for a long time... is runtime going back to my top Trend data leakage prevention is what's happening right now."
Cloud Native Integration (DNAPP, I'm calling it) "As a cyber security leader I would think my capability should include both DSPM and DLP combined hence the word DNAPP," explains Ashish.
5. The Impact of AI on Security Operations
Both Francis and Ashish highlight how AI is reshaping security operations:
Francis cautions: "My whole thesis is just, look, there's still fundamental steps within enterprises before they actually adopt these things or this technology is at scale that we still need to get right."
Ashish adds perspective on data security: "I would probably say if you were to do a side note for AI Trends data security is going to be 97% of the thing and the 3% would be the true AI capability."
6. The Impact of AI on Data Security
Both experts highlight how AI is reshaping data security requirements:
Enhanced Classification: AI enables more accurate identification of sensitive data and intellectual property
Context-Aware Protection: Better understanding of data usage patterns and potential risks
Compliance Challenges: New considerations for using enterprise data in AI/ML initiatives
Software Analyst Research Newsletter - Francis Odum's analysis
Return on Security Newsletter - Mike Privette's market insights
Cloud Security Bootcamp - Training for SOC teams on cloud security
NIST Special Publication 800-53 Rev. 5 - Data Security Controls
Cloud Security Alliance - Runtime Protection Guidelines
This newsletter combines perspectives from all three experts to provide a comprehensive view of how data security, runtime protection, and SOC operations are evolving in the cloud security landscape. The insights should help practitioners understand and prepare for the significant changes coming in 2025.
Question for you?
Do you believe Your SOC Teams have been trained to respond to Data or Cloud Security Alerts?
Next week, we'll explore another critical aspect of cloud security. Stay tuned!
We would love to hear from you📢 for a feature or topic request or if you would like to sponsor an edition of Cloud Security Newsletter.
Thank you for continuing to subscribe and Welcome to the new members in tis newsletter community💙
Peace!
Was this forwarded to you? You can Sign up here, to join our growing readership.
Want to sponsor the next newsletter edition! Lets make it happen
Have you joined our FREE Monthly Cloud Security Bootcamp yet?
checkout our sister podcast AI Cybersecurity Podcast