The Intelligence Layer Behind Modern DLP: Analyst Insights from SACR

The next wave of DLP isn’t about adding more tools and rules to catch more exceptions. It’s about orchestrating what you already have. This means connecting context - who’s using the data, how  sensitive it is,, and what’s happening with it - and making that information actionable.

Analysts agree: modern enterprises are moving beyond traditional DLP and exploring intelligence-driven approaches that adapt to data context, user behavior, and AI-powered workflows.

In his SACR research report Building the Intelligence Layer for the Next Wave of DLPs (June 2025), analyst Francis Odum introduces a new architecture for enterprise data protection. Instead of rule-heavy tools at the edge, Odum describes a DLP intelligence layer that unifies discovery, decisioning, and enforcement.

What is DLP orchestration?

DLP orchestration introduces a centralized, AI-native intelligence layer, or a policy brain that:

• Ingests DSPM context, user identity, and behavioral signals
• Coordinates decisions in real time
• Connects to the tools you already use (email, SSE, SaaS, endpoints, GenAI tools)
• Translates decisions into native policy enforcement

As Odum writes:
“What today’s security leaders need is not another rip-and-replace exercise but an intelligence layer that meshes with the controls they already own.”

As the digital world transforms, so must our approach to safeguarding data. Traditional Data Loss Prevention (DLP) solutions, once the gold standard, now struggle under the weight of modern demands: cloud sprawl, hybrid work, and the rise of generative AI. At Cyera, data security  solutions aren’t a rip-and-replace of these legacy tools, but the introduction of a powerful new model- an intelligence layer that fuses context, automation, and AI to reimagine DLP for the future.

The Problem: DLP is Stuck in the Past

For years, DLP has been synonymous with rule-heavy gateways, static regex rules, and endless false positives. These tools, often agent-based and siloed across SaaS, endpoints, and networks, lack the adaptability and context needed to navigate today’s fast-moving data environments. The result? Security teams are overwhelmed, policies are outdated, and sensitive data slips through the cracks, especially in AI-driven workflows where traditional tools have no visibility.

A recent Forrester study highlights the gap: 83% of enterprises use endpoint DLP, but only 13% have effective cloud data protection. With generative AI tools like ChatGPT and Copilot embedding into nearly every workflow, data risks are multiplying and legacy DLP can’t keep up.

The Opportunity: Rebuilding DLP as an Intelligence Layer

At Cyera, we’re rethinking DLP from the ground up with a context-rich, AI-powered intelligence layer that integrates seamlessly into your existing security stack. This isn’t about adding another siloed tool, it’s aout augmenting what you already have.

Enter Cyera Omni DLP: our AI-native solution that unifies discovery, classification, and enforcement. It pulls from our Data Security Posture Management (DSPM) engine to provide deep data context and identity awareness, then connects to enforcement points (email, web, SaaS, AI tools) via APIs. The result is a centralized policy brain that adapts in real time, prioritizes what matters, and dramatically cuts false positives; by up to 95%.

Why This Matters Now

• GenAI is a Game-Changer: Sensitive data is leaking through prompts, model outputs, and shadow AI use. You need a DLP that can see and respond to these new risks, both on the backend and in real time.
• Data is Everywhere: With sensitive data sprawled across SaaS, cloud, and hybrid environments, static policies and siloed tools won’t suffice.
• Security Needs Speed and Scale: Today’s lean teams can’t afford multi-month deployments or regex-tuning marathons. They need automation, clarity, and fast time-to-value.

Looking Ahead: Unified Data Security Is the Future

The next generation of DLP won’t live in isolated data environments. It will live everywhere data lives, adaptively, contextually, and invisibly. This shift demands the convergence of DLP and DSPM and AI-driven risk evaluation.

Cyera Omni DLP delivers on this vision. Built on our AI-native DSPM, it combines deep data classification with real-time analysis - so you can finally protect data motion, at rest and in use. 

For security leaders, this is more than an evolution. It’s a chance to redefine data protection as a resilient, scalable intelligence layer, ready for the next innovations (and threats) the coming decade brings.

To get a more in-depth insight on the future of Data Loss Prevention, check out this substack, Building the Intelligence Layer for the Next Wave of Data Loss Prevention (DLPs) by Francis Odum. 

‍