Insider Threat Management

Proofpoint’s Insider Threat Management Platform Takes to the Cloud to Protect from Insider Threats

Share with your network!

tl;dr: Proofpoint announces the next generation of the Proofpoint Insider Threat Management Platform, with extended capabilities to reduce insider threat risk, accelerate incident response and optimise security teams’ resources built on the new cloud based architecture.

Today, Proofpoint announces the next generation of the Proofpoint Insider Threat Management Platform on top of our new cloud based architecture. Since its acquisition of Proofpoint ITM in November, 2019, Proofpoint has demonstrated its commitment to broadening the concept of security and taking a modern, people-centric approach to Insider Threat Management (ITM). 

ITM plays an important role within Proofpoint’s Information Protection strategy, with our unique context on the insider and their activity. We are excited to extend Proofpoint ITM capabilities that reduce insider threat risk, accelerate incident response and optimise security teams’ resources.

H2: MODERN, SCALABLE & SECURE CLOUD-BASED INFRASTRUCTURE

The latest release of Proofpoint ITM boasts a modern SaaS architecture built for:

  • Scale: From thousands to hundreds of thousands of endpoints
  • Analytics: Summarise enterprise risk for executives and the board
  • Security and Privacy: Balance insider threat security with privacy by design
  • Ease of use: Manage without infrastructure baggage
  • Extensibility: Integrate our people centric user risk analysis with rest of the enterprise security ecosystem

Even better, it has the flexibility to deploy as SaaS, on-premise, or in hybrid environments. The updated platform also enables better collaboration across departments, including cybersecurity, compliance, HR and legal for incident investigation and response. In other words, Proofpoint ITM makes it seamless to communicate between technical and nontechnical teams.

If an incident occurs, it is quick and straightforward to understand what happened, when, where, and who was behind it. ITM also enables efficiency across the broad range of insider threat management activities, from prevention and user behaviour correction; to rapid investigation and containment; to clear audit trails for compliance and airtight proof in the event legal action is required.

Across the SaaS and on-premise deployments, Proofpoint’s ITM leads the insider threat management category, setting the standard for people-centric security with unified visibility into user activity, data interaction, and insider threat context.

INSIDER THREATS ARE ON THE RISE, DRIVING UP RISK AND COSTS

If the changing nature of work didn’t already underscore the increasing risk of insider threats, recent data reports certainly do. 

The Verizon DBIR 2020 revealed that 30% of all breaches were perpetrated by internal actors. Moreover, 8% of breaches involved misuse by authorised users. 

Ponemon’s 2020 Cost of Insider Threats: Global found the average global cost of ​insider threats​ jumped ​31% in two years​ to $11.45 million​. Meanwhile, the frequency of incidents spiked ​47%​ in the same time period. The average number of days to investigate an insider-caused incident is 77 days, and the average cost of mitigating a single incident is $645,000. This is because early warning signs are difficult to detect, and incident response requires significant evidence-gathering and collaboration across teams. 

These figures highlight the need for a purpose-built insider threat management solution that takes a people-centric approach to reducing the risk, severity, and number of insider threat incidents. 

DIGITAL TRANSFORMATION & THE CHANGING NATURE OF WORK

Digital transformation continues to spread throughout industries and organisations of all sizes. Almost every business today runs all or part of their operations from the cloud. According to Gartner, worldwide public cloud revenue is expected to reach $266.4 billion in 2020. 

Moreover, given current economic and societal conditions, including the spread of the novel coronavirus, remote work is becoming more common than ever before. While this can be a boon for productivity and employee satisfaction, remote work can also increase insider threat risk

This is why it’s more necessary than ever for businesses to take a people-centric approach to security, including insider threat management. 

REDUCING RISK AND DELIVERING GREATER ROI FOR ITM

The overall goal of Proofpoint ITM is to reduce risk and deliver greater return on investment for teams. Reducing the mean time to detect (MTTD) is key for insider threat incidents, because it reduces the risk, severity, and number of incidents—ultimately reducing the financial and brand damage caused by insider-driven breaches. 

Proofpoint ITM accelerates incident response by reducing mean time to respond through faster correlation of user, endpoint, and data context. The platform helps teams hone in on early indicators of insider threat risk. ITM also empowers teams with broader visibility into user, data, and threat signals, making security teams more resource efficient and reducing the technology spend associated with insider threat management. 

STREAMLINING SECURITY BY BRINGING ITM UNDER ONE UMBRELLA

One challenge many IT and security teams face is having too many tools, with too many alerts firing (hello, alert fatigue). This hampers their ability to operate efficiently and contain actual threats before they spread and cause financial and reputational damage. 

Consolidating technology into a single, purpose-built ITM platform is much more efficient than using disparate technologies to collect user behaviour, data movement, system access and application usage and manually correlate the alerts to achieve similar results, often without sufficient context. Ultimately, ITM offers a unified, people-centric platform under the Proofpoint umbrella, avoiding the need to attempt to integrate disparate solutions from multiple vendors. 

MODERN, SCALABLE & SECURE CLOUD-BASED INFRASTRUCTURE

The latest release of Proofpoint ITM boasts a modern architecture built for: 

  • Scale
  • Analytics
  • Security
  • Privacy 
  • Extensibility  

Even better, it has the flexibility to deploy as SaaS, on-premise, or in hybrid environments. The updated platform also enables better collaboration across departments, including cybersecurity, compliance, HR and legal for incident investigation and response. In other words, ITM makes it seamless to communicate between technical and nontechnical teams. 

If an incident occurs, it’s quick and straightforward to understand what happened, when, where, and who was behind it. ITM also enables efficiency across the broad range of insider threat management activities, from prevention and user behaviour correction; to rapid investigation and containment; to clear audit trails for compliance and airtight proof in the event legal action is required. 

Across the SaaS and on-premise deployments, Proofpoint’s ITM leads the insider threat management category, setting the standard for people-centric security with unified visibility into user activity, data interaction, and insider threat context.

Ready to get started?

Get in touch with us here!