Upload
proofpoint
View
1.437
Download
1
Embed Size (px)
Citation preview
1 © 2016 Proofpoint, Inc.
SEEING IS SECURINGAdapted from ESG report “Proofpoint: Protecting Against Advanced Threats and Compliance Risks,” October 2016
2 © 2016 Proofpoint, Inc.
Conventional Cybersecurity: Blind to Today’s Threats People collaborate in new ways, much of it outside the
network perimeter- Email- Social- Mobile
Because cyber attacks target people, your biggest threats are outside your network- Malicious attachments- Infected URLs- Impostor social accounts- Malicious and risk apps
Traditional security focuses on the network, leaving organizations blindsided by new threats
3 © 2016 Proofpoint, Inc.
Most Likely Compromise: Malicious Email
Malicious URL in email
Malicious email attachment
Malicious URL on web
Infected USB device
Trusted website compromised
Infected system connects to network
Compromised web app
Insider attack by IT employee
Insider attack by other employees
0% 10% 20% 30% 40% 50% 60%
Q: In your opinion, which of the following would be the most likely way for a malware attack to compromise one of your organization's systems?
4 © 2016 Proofpoint, Inc.
Advanced Threats Are Unfolding Beyond Your Sightline
The attack surface has expanded dramatically
Cyber criminals have taken notice
The upshot: downtime, disruption, and data loss
5 © 2016 Proofpoint, Inc.
CONSIDER THESE STEPSTO MANAGE TODAY’S THREATS
6 © 2016 Proofpoint, Inc.
Step 1: Look Beyond the Network IT professionals may believe they have this visibility today, but
ESG continuously observes otherwise.
It’s unrealistic to believe that IT teams can keep pace with existing and new threats on their own.
Consider help from technology partners that spend every waking moment detecting, interpreting, and evaluating potentially dangerous activity.
7 © 2016 Proofpoint, Inc.
Step 2: Protect Email, Social, and Mobile Vectors These are new vectors that threat actors see as ripe opportunities,
and they aren’t being effectively protected.
Businesses must defend against these common threats.
You can’t leave it to employees to determine how to react to attacks on their devices.
8 © 2016 Proofpoint, Inc.
Step 3: Be Ready to Respond The remediation process should happen before a threat “walks”
through the door.
Ideally, this process can be automated without requiring manual intervention from an IT administrator.
Reacting after a threat has landed is often too late, and can put undue strain on an already under-resourced IT organization.
9 © 2016 Proofpoint, Inc.
Step 4: Get a Full Picture Organizations require visibility through constant monitoring,
reporting, and use of dashboards.
Business owners and executive teams need insight into their level of risk, remediation activity, and defense activity.
To get a full picture, you need real-time and historical views into the frequency of threats, and the impact of proactive detection and remediation across your organization.
10 © 2016 Proofpoint, Inc.
HOW PROOFPOINTCAN HELPTHE THREAT INTELLIGENCE PIPELINE
11 © 2016 Proofpoint, Inc.
Stopping Threats Where They Start Proofpoint has combined its years of capturing intelligence
and its experience remediating threats to help protect customers from advanced threats:- In more than 1 billion emails- Across more than 4,000 companies- Among piles of personal data every day
Proofpoint has scanned more than 21 million iOS and Android applications to identify high-risk behaviors.
This can be a formidable for any IT organization without the depth of knowledge of a company razor-focused on capturing and remediating potential threats before they can do real damage.
12 © 2016 Proofpoint, Inc.
The Proofpoint Threat Intelligence Pipeline
The Proofpoint threat intelligence pipeline analyzes threats, extracts malicious behavior, and correlates data across a fabric of attackers and attack campaigns.
13 © 2016 Proofpoint, Inc.
The Proofpoint Nexus Threat Graph The Proofpoint Nexus
Threat Graph is a massive database of more than 800 billion data points providing in-depth, real-time, forensic information for more effective threat detection and mitigation.
14 © 2016 Proofpoint, Inc.
Information Protection/Discover
While a number of threats are built for destructive purposes, others are seeking to steal information.
Proofpoint helps companies protect the information attackers are after before they have an opportunity to steal it.
During this process, Proofpoint identifies where sensitive data lives within the organization to properly protect it.
15 © 2016 Proofpoint, Inc.
Threat Response When something does go wrong, you need the process and the tools
to triage and diagnose alerts to quickly determine the right response.
Proofpoint Threat Response provides the platform to respond to an individual alert by correlating it with other alerts, collecting indicators of compromise (IOC) to:- Confirm infections- Responding by pushing controls out to enforcement devices
(such as updating firewalls and proxies)- Take other other remediation actions
(removing email from inboxes, locking down access for the affected users, and so on).
16 © 2016 Proofpoint, Inc.
Closing Thoughts Consider the best means to protect sensitive corporate information,
employee data, and the company’s reputation and brand from cyber threats.
Partnering with a vendor like Proofpoint enables organizations to effectively manage the time spent monitoring risk levels and remediation processes. They can focus their time and resources on employee productivity, business initiatives, and growing your business.
Read the full report at: https://www.proofpoint.com/us/solution-showcase
17 © 2016 Proofpoint, Inc.