SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Proofpoint unveils new data protection framework for organisations

Thu, 5th Sep 2024

Proofpoint, a cybersecurity and compliance company, has launched an end-to-end information protection framework to address complex data loss prevention (DLP) challenges. This new framework, inspired by the National Institute of Standards and Technology (NIST), draws on Proofpoint's extensive experience and is implemented in conjunction with its certified partners.

The framework has been designed to cater to the needs of organisations, particularly those with complex requirements, helping them navigate the evolving multi-channel data risk landscape. Proofpoint highlighted that only 38% of organisations currently describe their DLP programs as mature, underscoring the necessity for a more comprehensive approach that extends beyond traditional DLP measures.

The newly introduced solution leverages Proofpoint's human-centric methodology, which the company has honed over two decades to create adaptive, tailored DLP programs. Proofpoint's executive vice president and chief customer officer, Rohit Dixit, emphasised the increasing risk posed by human behaviour: "Today, data is at risk because of human behaviour. The rise of the perimeter-less workplace has dramatically increased the complexity of delivering a modern, adaptive, risk-based DLP program for most organisations."

"Proofpoint's unique framework and human-centric approach to information protection builds on decades of experience and expertise in planning and executing tailored DLP programs that protect some of the world's largest enterprises. Now customers can evolve their DLP program, safe in the knowledge that their team is supported by experts who know Proofpoint technology better than anyone."

Key components of the framework include planning, visibility, rule setting, prevention and adaptive response, and metrics and governance reporting. The planning and visibility phase involves a thorough assessment of an organisation's current DLP program maturity, benchmarking against industry peers, and recommendations for program design and implementation. Additionally, it offers behavioural and content visibility to guide rule setting.

The prevention and adaptive response component focuses on researching emerging exfiltration and threat tactics, optimising rules and policies for better detection, and utilising AI-enabled Security Operations Centre (SOC) capabilities to enhance event analysis, incident escalation, and response. Daily system checks, executive reporting, and documentation of outcomes form the metrics and governance reporting phase.

Proofpoint's new framework also includes a CISO Visualisation Workshop. This in-depth exercise assists organisations in implementing a DLP program. Certified partners can use the framework to help their clients identify critical maturity gaps, benchmark against peers, and establish a strategy and timeline based on Proofpoint's analyses and recommendations.

Adam Gray, chief technology officer at Novacoast, commented on the initiative: "We've long recognised the challenges enterprises face in safeguarding their most critical assets. Our ongoing partnership with Proofpoint, and the expertise and ability to utilise the comprehensive and mature Information Protection Program framework announced today, positions us to drive real, impactful change for organisations with the most complex security needs."

Sean Steele, co-founder and managing partner at InfoLock, also expressed optimism about the framework: "It's well-documented that organisations face significant challenges in finding and retaining the specialised expertise needed to execute and mature their information protection programs. Proofpoint's pedigree in this space is unmatched, and we are excited to be one of their select certified partners to bring this tried and trusted programmatic approach to data risk management to market."

Proofpoint will showcase the new framework and the CISO Visualisation Workshop at its upcoming 'Protect' event series. The solution is available globally and aims to enhance the data protection efforts of organisations across different sectors through a people-centric approach.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X