Proofpoint Sets New Standard for Human-Centric Security with Powerful AI-Driven Intelligence, Insights and Integrations

Proofpoint, Inc., a leading cybersecurity and compliance company, today announced expanded capabilities across its award-winning platform to provide customers with broader, adaptive human-centric security controls. These new solutions and integrations shield organisations from incoming threats across messaging, collaboration and social media apps; secure SaaS applications and identity posture across a vast array of applications; prevent data loss with smarter, more adaptive data security; and steer employees to safer behaviours through adaptive educational security guidance.

Announced at the company’s flagship Protect conference, these new capabilities set a new standard for how organisations address human risk, by leveraging two key proprietary platform elements: Proofpoint Nexus, an AI, behavioural, and threat detection ensemble that identifies and mitigates risk; and Proofpoint Zen, a set of technologies that deliver world-class, comprehensive protection as people work with email, collaboration apps, the web, and data. Together, they provide an integrated, cohesive experience that brings human-centric protection to end users and security professionals alike.

“From ransomware to Business Email Compromise to data loss, the most damaging cyber risks all centre around humans and their identities,” said Sumit Dhawan, Chief Executive Officer, Proofpoint. “But human risk is difficult to tackle as we all work across email, collaboration apps, the cloud, and the web, creating threat risk, identity sprawl, and data exposure in new ways. Proofpoint pioneered human-centric security, and now we’re redefining it by bringing together previously disparate processes and technologies into one unified platform to protect new digital channels, reduce risk for organisations, and better guide users in real-time, every day.”

Stopping Targeted Threats Across Any Messaging, Collaboration or Social Media Platform

Threat actors are increasingly using digital channels such as Slack, Microsoft Teams, Zoom, and LinkedIn to launch phishing attacks, tricking people into divulging personal information or performing certain actions, such as transferring money or revealing sensitive company data. Over the past three years, URL threats delivered by email have increased 119% and those delivered by SMS have skyrocketed by 2,524% according to Proofpoint data.

Powered by industry-leading threat intelligence and Proofpoint’s new ZenWeb browser extension, Proofpoint Collab Protection provides real-time advanced threat protection to block malicious URLs delivered in any messaging, collaboration or social media application and can be deployed across Google Chrome, Microsoft Edge, Apple Safari or any Chromium-based enterprise browser. Leveraging Nexus TI (Threat Intelligence), customers benefit from the collective defences that protect a network of thousands of the most critical organisations around the world.

Securing SaaS Applications and Preventing Account Takeover with Proofpoint Posture Management

While corporate identities empower employees to work with ease across Microsoft 365, GenAI, cloud storage and collaboration applications, threat actors have also learned to exploit them to launch ransomware attacks, hijack cloud accounts, and exfiltrate data.

According to Proofpoint data, nearly all (96%) organisations have been targeted for cloud account takeover, and more than half have experienced it firsthand. Further, half of all hijacked accounts had multifactor authentication (MFA) enabled, demonstrating how unsecured applications – both enterprise-provided and shadow applications – are valuable stepping stones for attackers to take over corporate cloud accounts.

Proofpoint Nexus maps user identity sprawl and common attack paths and detects configuration and access anomalies to prevent unauthorised access and cloud account takeover; this helps security practitioners understand where an account is located and whether it creates risk due to its privilege, the data it’s linked to, or how well (or how poorly) its security is configured. Based on the posture and risk of an identity, Proofpoint Posture Management makes recommendations and performs configurations to improve it.

Defending Data and Mitigating Insider Risk with Smarter, Adaptive Controls and Intent-Aware GenAI Protection

Identifying insider threats is a challenge, making internal investigations reactive in nature: cybersecurity administrators concentrate on high-risk users, such as departing employees, those on a performance improvement plan, or contractors, only after being alerted to their potential risk to the company. Proofpoint’s Adaptive Information Protection empowers security teams to take a proactive approach to managing insider risks, shifting the responsibility of the security analyst from building manual policies to automating responses to a user’s risky behaviour. That, in turn, helps analysts work more efficiently.

Further, as GenAI tools have become pervasive in the workplace to accomplish tasks like summarising meeting transcripts, rewording emails or writing code, careless or unintentional actions can expose business-critical information such as PII, source code and other corporate information. Some of this information is difficult to identify and protect using legacy DLP tools. Proofpoint’s new intent-aware GenAI protection and GenAI prompt redaction help organisations enable GenAI use while protecting both structured and unstructured organisational data from being overshared. It educates end users and guides behaviour change via compliance notifications when interacting with GenAI tools.

Shifting from Security Awareness to Sustained Behaviour Change

Traditional compliance-driven security awareness programs are not effective at mitigating human risk and guiding employees toward safer behaviours. In fact, research shows most employees (68%) knowingly engage in risky behaviours despite 99% of organisations having a security awareness program. Proofpoint is evolving its security awareness solution to empower organisations to reduce security incidents by cultivating real behavioural change and building a strong security culture.

Proofpoint’s ZenGuide (formerly Proofpoint Security Awareness Training) enables lean security teams to automate and scale personalised learning paths based on an individual’s unique risk profile, behaviours and role. It uses people-risk insights across the Proofpoint ecosystem to deliver relevant interventions that build security champions and reduce risky behaviours, enabling organisations to move beyond compliance-driven programs and provide targeted, context-awareness education that addresses specific risks and behaviours.

Proofpoint’s new platform capabilities will be showcased during Proofpoint’s ‘Protect’ event series, which begins today in New York City.