With Wiz adding ”DSPM” or rather data classification, do you see there being much need for DSPM on top of CSPM? I feel like the DLP and Detection and Response are way more important than CSPM checks, but is that just me?

Data Privacy & Protection
1.4k viewscircle icon6 Comments
Sort by:
CISO in Softwarea year ago

They are distinctly different postures and needs.  They are not overlapped. 

Director of Information Security in Healthcare and Biotecha year ago

CSPM and DSPM sit with slight overlap but in distinct capability towers. I see CSPM being more of a misconfiguration detector to shift right and through the cycle. Thye tool and capability shared with infrastructure and IT.  DSPM on the other hand is used by privacy, Audit, Cyber and Data governance teams and has a much broader audience.  DLP is just a tool to protect sensitive data but DSPM gives you a more holistic view and scope for DLP. 

Chief Information Security Officer in Healthcare and Biotech2 years ago

The need for DSPM and CSPM is different. It depends on the organisation's security posture and how they want to manage their digital risk.  

CISO in Software2 years ago

It is about vendors moving to provide an entire suite of services versus businesses needed to individually deploy and integrate a whole set of independent security products and solutions

CIO in IT Services2 years ago

There are wonderful vendors available in both the DPSM and CSPM spaces and I worry that Wiz is taking on too many functions for their platform. It's hard to be a unicorn, the pressure must be over the top - but when is it too much?

Lightbulb on1

Content you might like

What strategies can organizations use to address the added compliance burden that comes with AI-enabled tools? How do you keep up with changes to both the vendor’s Terms of Service as well as various data privacy laws?

Read More Comments

Has anyone gone through the UK's Cybersecurity Essentials Plus certification and if so, would you be willing to share with me your experience and what was involved? I just want to make sure I understand what is involved and what is in scope.

New NSA, CISA, and FBI guidance reveals 3 critical threats that can compromise AI systems:
1. Data Supply Chain Vulnerabilities – tampering or poisoning for as little as $60–$1,000
2. Maliciously Modified Data – adversarial poisoning and model inversion
3. Data Drift – natural evolution creates security blind spots

Where does your organization sit on the AI security maturity curve? Are you enhancing existing tools or implementing AI-specific platforms?

Read the full guidance: https://media.defense.gov/2025/May/22/2003720601/-1/-1/0/CSI_AI_DATA_SECURITY.PDF

How is your company complying with CCPA's Do Not Sell My Personal Information requirement for your California users?

We configured our current consent manager to support Do Not Sell signals.19%

We built an internal tech solution to propagate Do Not Sell signals to relevant adtech platforms.43%

We use a different tool, in addition to our consent manager, to meet this requirement.16%

We are not doing anything, but know we need to find a solution.8%

We are not doing anything yet, and are purposely waiting until CPRA's Do Not Share requirement comes into effect in 2023.3%

We are not doing anything, and do not need to meet this requirement.10%

View Results

Which cybersecurity attack is currently your highest priority (to defend against)?

Ransomware and multifaceted extortion34%

Business email compromise39%

Third-party vendor compromise (supply chain)18%

Cloud security incidents6%

I have no idea1%

View Results