Proofpoint Integrates AI to Combat New Generation Threats in Information Protection
Proofpoint, Inc., a leading cybersecurity and compliance company, and recognised in the 2024 Gartner® Peer Insights™ Voice of the Customer for Data Loss Prevention report as Customers’ Choice, today announced the general availability of Data Loss Prevention (DLP) Transform, including GenAI use cases.
Today, businesses struggle with the limitations of legacy DLP solutions that are fragmented across channels and are not designed to address today’s most problematic use cases like insider risk, protecting cloud data and controlling the acceptable use of GenAI tools, including copilots and chatbots. In a recent Proofpoint study, 70% of security professionals cited visibility into sensitive data, user behaviour and external threats as the most important capability for their DLP program.
Unlike legacy solutions limited to data classification or point solutions limited to one channel, Proofpoint Information Protection works across all major channels: email, cloud, endpoint, and web. Our solution leverages all three critical analytical capabilities, including user behaviour, AI-augmented data classification, and threat context.
This has enabled over 6,000 organisations, including more than half of the Fortune 100, to mitigate all three major types of data loss risk: negligent user error, exfiltration by threat actors, and theft by malicious insiders. DLP Transform brings together—in a single, economically attractive package—a cloud-native architecture that analyses user behaviour and content understanding to quickly assess and protect against data risk across channels. Critically, this enables organisations to consolidate their DLP point solutions, their insider risk tools, and their cloud DLP or CASB into a single architecture, agent and interface, adding capabilities and channel coverage as their data loss and insider risk programs mature.
Making Responsible Generative AI Use a Reality for Organisations
The uncertainty that has accompanied the explosion of GenAI tools has given the consolidation of DLP tools a new urgency. The loss of data to a single party is bad enough but given the propensity of GenAI tools to train their models on user-submitted data and their tendency to disclose sensitive information via prompt engineering, sensitive data leakage to a GenAI tool may be the equivalent of making it public.
Many organisations have crafted acceptable GenAI use policies to prevent privacy and corporate violations, ensuring confidential and customer information is not uploaded to GenAI tools and chatbots. However, such policies are nearly impossible to implement without an understanding of the content and employee behaviour. Proofpoint DLP Transform allows organisations to enforce those policies across all channels by allowing and disallowing interactions with GenAI tools based on user behaviour, content, and data lineage.
Unlike blunt tools such as legacy DLP solutions or web filtering that completely blocks all use of GenAI applications, Proofpoint can surgically allow and disallow interactions based on employee behaviour and the content being input. Incidents such as uploading source code files or pasting corporate intellectual property can be detected, blocked and alerted upon. In addition, end users can be provided reminders or nudges of the corporate Acceptable Usage Policies to reinforce awareness and adherence to such policies.
Proofpoint will augment DLP Transform with a browser-based extension for content typed into Generative AI tools such as OpenAI ChatGPT and Google Gemini, expected to be made available at the end of Q2 2024.
“With little transparency about how data submitted is stored and used, and even less clarity about how it can be removed or deleted if sent in error, GenAI systems represent a risky new channel through which data can leak,” said Mayank Choudhary, Executive Vice President and General Manager, Information Protection Group, Proofpoint. “While some organisations have banned the use of generative AI sites altogether, others recognise the productivity benefits they can provide and seek controls around the use of GenAI tools. It’s to point out the age-old tension between providing productivity tools to end users and ensuring the security of the organisation. Proofpoint DLP Transform brings these two worlds together through an easy-to-deploy and easy-to-manage solution.”
Trusted by More of the World’s Most Security Conscious Organisations
Today, 50% of the Fortune 100 trust Proofpoint as their DLP partner of choice. Proofpoint was recently recognised as a 2024 Gartner® Peer Insights™ Customers’ Choice for Data Loss Prevention – the only vendor placed in the upper right “Customers’ Choice” Quadrant.
Recently, Proofpoint announced the general availability of Adaptive Email DLP to automatically detect and prevent accidental and intentional data loss over email. By combining Proofpoint’s industry-leading threat and data loss protection technology and intelligence with Tessian’s AI-powered behavioural and dynamic detection, Proofpoint provides organisations with the most comprehensive defence available against human layer risks.
Supporting Quotes:
-
“Consumption of GenAI applications, such as large language models (LLMs), from business experiments and unmanaged, ad hoc employee adoption creates new attack surfaces and risks on individual privacy, sensitive data and organisational intellectual property (IP).” Gartner, 4 Ways Generative AI Will Impact CISOs and Their Teams, Jeremy D’Hoinne, Avivah Litan, Peter Firstbrook—29 June 2023.
-
“While large language model (LLM) applications such as ChatGPT have been publicly available since late 2022, corporate leaders are still grappling with how to manage their use in the workplace.” Gartner, Generative AI: 4 Decisions to Make When Creating a Policy, Laura Cohn, Stuart Strome, Anthony Mullen, Avivah Litan, Lauren Kornutick—22 June 2023.
For more information about Proofpoint DLP Transform, visit this link.