Proofpoint and certified partners provide their customers with a NIST-oriented end-to-end framework that supports the development, implementation and optimization of data loss prevention (DLP) programs.
Although DLP programs and technologies are becoming increasingly sophisticated, only 38% of organizations believe they have a "mature" DLP program. Organizations with complex needs are looking for more comprehensive solutions that go beyond traditional DLP measures. Until now, the industry has lacked a practical framework that addresses the challenges of implementing a DLP program in a rapidly evolving, multi-channel risk environment.
Framework supports NIST specifications
Based on NIST1 standards and operated and managed by Proofpoint and its certified partners, Proofpoint's framework provides organizations with expertise and efficiencies that most organizations cannot achieve, even with highly skilled internal resources. The framework provides a blueprint for how organizations can combine people, processes and technology to analyze user behavior and content across all channels and apply best practices and insights to modernize data security.
The new framework follows Proofpoint's people-centric approach to protecting information and is based on over 20 years of experience developing and operating customized DLP programs for some of the most security-conscious organizations in the world. It also features a CISO Visualization Workshop: an in-depth, guided session for organizations looking to implement a best-in-class DLP program. Proofpoint certified partners can use the framework to help customers identify critical deficiencies and benchmark against industry peers, and establish a strategy and timeline for prioritizing and remediating the deficiencies based on Proofpoint's analysis and recommendations.
Some essential components of the framework:
Planning, insights and setting rules:
- In-depth assessment of the maturity level of a DLP program
- benchmarking against industry colleagues
- Recommendations for program design and implementation
- Insights into behavioral patterns and content as a basis for rules
Prevention and adaptive response:
- Investigation of new exfiltration and threat tactics with impact assessments
- Coordination of rules and policies to optimize detection and data security
- AI-powered SOC capabilities to streamline incident analysis and investigation, incident escalation and response
Metrics and governance reporting:
- Daily system checks and monitoring
- Reporting to management and documentation of results
Framework secures company information
"Today, data is at risk due to human behavior," said Rohit Dixit, executive vice president and chief customer officer at Proofpoint. "The rise of the 'workplace without boundaries' has dramatically increased the complexity of deploying a modern, adaptable, risk-based DLP program for most organizations. Proofpoint's unique framework and people-centric approach to protecting information builds on decades of experience and expertise in planning and executing customized DLP programs that protect some of the largest organizations in the world. Now customers can evolve their DLP program with the confidence that their team is supported by experts who know Proofpoint technology better than anyone else."
Proofpoint Information Protection is used by over 46 million users worldwide and is trusted by some of the world's biggest brands. With the new framework, Proofpoint and its certified partners offer a proven method for organizations to consolidate data security across all channels and protect information based on user behavior and intent, content and data lineage.
More at Proofpoint.com
About Proofpoint Proofpoint, Inc. is a leading cybersecurity company. The focus for Proofpoint is the protection of employees. Because these mean the greatest capital for a company, but also the greatest risk. With an integrated suite of cloud-based cybersecurity solutions, Proofpoint helps organizations around the world stop targeted threats, protect their data, and educate enterprise IT users about the risks of cyberattacks.