In a recent blog post for Gartner, Kasey Panetta recommends that IT leaders focus on a list of “top 10 security projects, based on Gartner forecasts and adjusted for the impact of COVID-19.” Panetta notes that these are projects that can best “prioritize business enablement and reduce risk.”
As we come to the close of 2020 and look to 2021, Panetta’s top 10 list is a good starting point for planning. Proofpoint is well-placed to help you with your 2021 planning against this list as we have a leading role to play in eight of the items on Panetta’s list and can contribute to another two items.
Let’s take a look at Panetta’s list, and the role Proofpoint can play to help you with it.
No. 1: Securing your remote workforce plays a leading role in everything Proofpoint does.
When thinking about a “remote workforce” it’s helpful to remember that workforce equals people. Panetta is really talking about securing remote people. Proofpoint implements a people-centric approach to security across our full portfolio of products. Everything we do helps you secure your remote workers.
No. 2: Risk-based vulnerability management is central to the Proofpoint people-centric strategy and Proofpoint Security Awareness Training.
Panetta suggests that instead of trying to “patch everything, focus on vulnerabilities that are actually exploitable.” While most people may look at this project purely as a patch management one, we recommend taking a people-centric approach and recognizing that the greatest risks come from vulnerabilities that can’t be patched because they involve your people. Addressing those people-centric vulnerabilities through security awareness training will help you mitigate your greatest risks and vulnerabilities.
No. 3: Extended detection and response (XDR) play a leading role with Threat Response Auto Pull (TRAP).
TRAP’s automated remediation capabilities for email will remove potentially malicious emails from user inboxes. TRAP can also help lock down and remediate potentially compromised accounts on cloud platforms such as Office 365 and Google Workplace. On top of that, Proofpoint’s platform is a phenomenal source of security information and events and can share this information to enhance the effectiveness of any security project.
No. 4: Cloud security posture management (CSPM) is fundamental to the Proofpoint Cloud App Security Broker (CASB) offering.
CSPM is very similar to CASB except that it focuses on the management of cloud infrastructure as a service (IaaS) such as Amazon AWS or Microsoft Azure. The CASB and CSPM worlds are starting to consolidate and at Proofpoint Protect we have already announced the addition of some CSPM capabilities to our CASB platform.
No. 5: Simplifying cloud access controls is also core to the Proofpoint Cloud App Security Broker our CASB offering.
Simplifying cloud access controls is the bread-and-butter of the Proofpoint CASB solution. As noted above, our CASB offering can help not only with cloud access controls but also CSPM as well.
No. 6: DMARC is central to Proofpoint Email Fraud Defense (EFD).
Panetta notes the centrality of email to organizations and users: “organizations use email as the single source of verification, and users struggle to determine real messages from fakes.” A key solution to the problem of authenticating email is Domain-based Message Authentication, Reporting and Conformance (DMARC). DMARC is a central feature of our Email Fraud Defense (EFD) product. Not only that, but as Panetta notes, “DMARC is not a total solution for email security, and should be one piece of a holistic security approach,” which is precisely what EFD provides: a holistic approach to email security
No. 7: Passwordless authentication plays a role with Cloud App Security Broker.
When talking about passwordless authentication projects, remember the role that adaptive controls can play in those projects. Cloud App Security Broker provides for risk-based adaptive access controls and integrates with authentication providers, making it a key player in any passwordless authentication project.
No. 8: Data classification and protection included in Proofpoint Enterprise Data Loss Prevention (DLP).
Talking about a data classification and protection project, Panetta notes that all data is not the same. A one-size-fits-all security approach will “create areas of too much security and others of too little, increasing the risk for the organization.” In other words, to be effective, a data classification and protection project has to mirror the people in the organization to match their needs. Our Enterprise DLP brings a people-centric approach to data classification and protection, making it the best tool out there to implement DLP as Panetta discusses.
No.9: Workforce competencies assessment-having the right people in place with the right skills is never easy.
Partnering with Proofpoint ensures you get not only the right technology, but also the right people to provide oversight and assistance on your security projects and day to day operations.
No. 10: Automating security risk assessments is possible with Nexus People Risk Explorer and EFD using supply chain risk assessment.
Panetta notes that risk assessment tends to be “either skipped entirely or done on a limited basis.” Automation can “allow for limited risk automation and visibility into where risk gaps exist.” Nexus People Risk Explorer can help with automated risk assessment by helping security leaders answer three important questions:
- How do I prioritize the different types of threats targeting my employees?
- How can I shorten the process of risk mitigation without disrupting business?
- How can I justify my security spend and prioritize future investments?
Another tool for automating security risk assessments is EFD which is adding a risk-based view to your supply chain.
Panetta’s list of ten projects shouldn’t be viewed as a one-size-fits-all mandate for IT leaders for 2021. But it serves as a good starting point for your own planning. As you look to 2021, this list can help focus your thinking and priorities. And we see that Proofpoint is well-placed to help you quickly and easily implement these projects while realizing cost savings and efficiencies.