InfoSecurity Europe was hosted at the ExCeL in London this year with over 350 exhibitors and welcomed over 13,000 visitors across the Information Security industry. Proofpoint promoted the message of ‘Defend data. Protect people.’, focusing on four key areas; protecting people from the number one threat vector – email, changing user behaviour to be more resilient, stopping data loss and insider risk, and modernising compliance.
Our experts indulged in insightful conversations with a multitude of cybersecurity specialists and offered bespoke solution demos within our main products areas; email security, security awareness training, information protection and insider threat management, and compliance. Demos weren’t the only thing on offer; visitors could enjoy refreshments at the stand and enter a competition to win a Meta Quest 2, Sonos Roam Speaker, or a pair of Apple AirPods Pro.
Talking Tactics – Building an Advanced Email Security Strategy
In one of our Talking Tactics sessions on the second day of the conference, Matt Cooke, Cybersecurity Strategist, explained how you can build an advanced email security strategy. During this session, we discussed why we need to be thinking more comprehensively about email security.
Email is our number one threat vector, and we can no longer rely on entry level email security, thinking it will be good enough. We presented the Proofpoint Human Factor report and discussed its key findings, highlighting the need for an advanced email security strategy.
Key findings from the Human Factor Report 2022 include:
- More than 20 million messages tried to deliver malware linked to an eventual ransomware attack.
- Over 80% of businesses are attacked by a compromised supplier account in any given month.
- Attackers try over 100,000 telephone-oriented attacks every day.
- SMS-based phishing attempts doubled in the U.S. year over year.
- Managers and executives make up only 10% of users, but almost 50% of our data's most severe attack risk.
We also discussed how greater efficacy (stopping more) at the email gateway leads to significant operational savings, with fewer cases making their way to the security team for investigation. Meaning not only are we reducing risk, but we are also saving the security team's time. Find out more about how automation can help address staffing shortages in cybersecurity.
Hear more from Matt and find out more about protecting people with a platform approach to email security in our Protecting People: The New Perimeter webinar.
Tech and Strategy – Defending your Data: A Modern Approach to DLP
Our Information Protection Cybersecurity Strategist, Carl Leonard, presented a tech and strategy session on the third day of the conference around defending your data, specifically, a modern approach to data loss prevention (DLP). In this session, we explained how the challenging and changing landscape in terms of threats, the new ‘work from anywhere’ reality, and economic and regulatory concerns have necessitated a shift in how organisations approach an information protection program.
Quoting from various research reports, we sought to understand the audience’s expectations around the prevalence and root cause of data leaks/data breaches in 2022. The audience did not expect to hear that in a study of 2021 data, Proofpoint observed that 96% of organisations had experienced employee account takeover attempts.
As practitioners, we immediately seek technology to help identify, detect and protect our data and user behaviour. Technology is readily available to identify critical data both on-premise and in the cloud, classify data in automated ways, and provide context to users working with data. The insights into how people work with data are critical to a modern, successful information protection program.
Yet this technology must be adopted with support from your business. We covered how to engage the business early in the process – if you don’t, we often see information protection programs fall foul.
Carl’s three key takeaways:
- Legacy DLP doesn’t cover all data types and loss scenarios and doesn’t prevent a motivated adversary.
- Consider implementing a modern approach to DLP, an Insider Threat Management solution, and a Cloud App Security Broker.
- Ensure your solution is 1) Behaviour aware, 2) Content aware and 3) Threat aware.
Get started with a Threat Assessment
To find out how Proofpoint Solutions could improve your security posture, take one of our free threat assessments, including Email Rapid Risk, Digital Risk, People Risk, or Insider Threat Risk assessments.
Thoughts from our CISO
Andrew Rose, Resident CISO for EMEA explains his key takeaways from InfoSecurity Europe 2022:
- The theme for 2022 was ‘Stronger Together’, and there was certainly an amount of joy present in the walkways as industry friends and colleagues bumped into each other for the first time in years to share stories and updates.
- There were a lot of new vendor names on show and some stalwarts notable by their absence. These new vendors may have great solutions; however, we must ensure core value propositions have clarity and are communicated through marketing backdrops, so passers-by understand the key message.
- Proofpoint’s focus on ‘people-centric security’ seems to have become contagious and spread across the whole marketplace, with many vendors jumping on the bandwagon on the back of the Verizon Data Breach Investigations Report 2022. ‘People-centric’ controls work when you have a platform approach, vision, and a holistic tool set. However, it could be seen as ‘just marketing’ when there is only a single point technology solution on offer.
- Staff and skill shortages across the cyber security industry continue, and an increasing number of suppliers, even small ones, are moving into the managed services space, proving that it’s worth investing in a managed services provider.
- ExCeL gave Infosec a much more polished feeling this year. Easy to get to (train strikes notwithstanding) and with full catering facilities within the walls, it felt like a step up. Someone described it as a mini-RSA Conference, and that felt accurate. They need to manage the noise levels for the keynotes, and they’ll be onto a winner.
Keep up to date
To learn more about our upcoming events and webinars, follow us on Twitter or LinkedIn.