Adapted from and ESG report - Seeing Is Securing - Protecting Against Advanced Threats and Compliance Risks

1 © 2016 Proofpoint, Inc.

SEEING IS SECURINGAdapted from ESG report “Proofpoint: Protecting Against Advanced Threats and Compliance Risks,” October 2016


Conventional Cybersecurity: Blind to Today’s Threats People collaborate in new ways, much of it outside the

network perimeter- Email- Social- Mobile

Because cyber attacks target people, your biggest threats are outside your network- Malicious attachments- Infected URLs- Impostor social accounts- Malicious and risk apps

Traditional security focuses on the network, leaving organizations blindsided by new threats


Most Likely Compromise: Malicious Email

Malicious URL in email

Malicious email attachment

Malicious URL on web

Infected USB device

Trusted website compromised

Infected system connects to network

Compromised web app

Insider attack by IT employee

Insider attack by other employees

0% 10% 20% 30% 40% 50% 60%

Q: In your opinion, which of the following would be the most likely way for a malware attack to compromise one of your organization's systems?


Advanced Threats Are Unfolding Beyond Your Sightline

The attack surface has expanded dramatically

Cyber criminals have taken notice

The upshot: downtime, disruption, and data loss


CONSIDER THESE STEPSTO MANAGE TODAY’S THREATS


Step 1: Look Beyond the Network IT professionals may believe they have this visibility today, but

ESG continuously observes otherwise.

It’s unrealistic to believe that IT teams can keep pace with existing and new threats on their own.

Consider help from technology partners that spend every waking moment detecting, interpreting, and evaluating potentially dangerous activity.


Step 2: Protect Email, Social, and Mobile Vectors These are new vectors that threat actors see as ripe opportunities,

and they aren’t being effectively protected.

Businesses must defend against these common threats.

You can’t leave it to employees to determine how to react to attacks on their devices.


Step 3: Be Ready to Respond The remediation process should happen before a threat “walks”

through the door.

Ideally, this process can be automated without requiring manual intervention from an IT administrator.

Reacting after a threat has landed is often too late, and can put undue strain on an already under-resourced IT organization.


Step 4: Get a Full Picture Organizations require visibility through constant monitoring,

reporting, and use of dashboards.

Business owners and executive teams need insight into their level of risk, remediation activity, and defense activity.

To get a full picture, you need real-time and historical views into the frequency of threats, and the impact of proactive detection and remediation across your organization.


HOW PROOFPOINTCAN HELPTHE THREAT INTELLIGENCE PIPELINE


Stopping Threats Where They Start Proofpoint has combined its years of capturing intelligence

and its experience remediating threats to help protect customers from advanced threats:- In more than 1 billion emails- Across more than 4,000 companies- Among piles of personal data every day

Proofpoint has scanned more than 21 million iOS and Android applications to identify high-risk behaviors.

This can be a formidable for any IT organization without the depth of knowledge of a company razor-focused on capturing and remediating potential threats before they can do real damage.


The Proofpoint Threat Intelligence Pipeline

The Proofpoint threat intelligence pipeline analyzes threats, extracts malicious behavior, and correlates data across a fabric of attackers and attack campaigns.


The Proofpoint Nexus Threat Graph The Proofpoint Nexus

Threat Graph is a massive database of more than 800 billion data points providing in-depth, real-time, forensic information for more effective threat detection and mitigation.


Information Protection/Discover

While a number of threats are built for destructive purposes, others are seeking to steal information.

Proofpoint helps companies protect the information attackers are after before they have an opportunity to steal it.

During this process, Proofpoint identifies where sensitive data lives within the organization to properly protect it.


Threat Response When something does go wrong, you need the process and the tools

to triage and diagnose alerts to quickly determine the right response.

Proofpoint Threat Response provides the platform to respond to an individual alert by correlating it with other alerts, collecting indicators of compromise (IOC) to:- Confirm infections- Responding by pushing controls out to enforcement devices

(such as updating firewalls and proxies)- Take other other remediation actions

(removing email from inboxes, locking down access for the affected users, and so on).


Closing Thoughts Consider the best means to protect sensitive corporate information,

employee data, and the company’s reputation and brand from cyber threats.

Partnering with a vendor like Proofpoint enables organizations to effectively manage the time spent monitoring risk levels and remediation processes. They can focus their time and resources on employee productivity, business initiatives, and growing your business.

Read the full report at: https://www.proofpoint.com/us/solution-showcase

https://www.proofpoint.com/us/solution-showcase




Technology

Adapted from and ESG report - Seeing Is Securing - Protecting Against Advanced Threats and Compliance Risks