Data exfiltration and insider threats are constant worry at most organizations, which has lead to companies implementing DLP but about half of employees have admitted to taking data from a former employer according to a recent survey. So why does this still happen? The problems with DLP have multiple causes from poor stakeholder engagement (not knowing what data to protect), being put in to fulfill regulatory requirements (for just the checkbox to pass an audit), generates wayyyyyy too many alerts, or not being put in as part of a larger strategy. During my talk, I’ll describe about how to tie all these issues together so you can get your arms them so you can start fixing it. And no, it’s not (just) using UBA.