Proofpoint launches NIST-inspired framework to tackle data loss prevention challenges

Proofpoint launched a proprietary, partner-friendly, end-to-end information protection framework, providing organizations access to expertise, industry benchmark data and proven methodology in designing, implementing and maturing data loss prevention (DLP) programs.

While DLP programs and technology are undoubtedly maturing, only 38% of organizations say they have a “mature” DLP program. Today, organizations with complex needs are looking for more comprehensive solutions that go beyond traditional DLP measures. Until now, the industry has been lacking a practical framework that addresses the challenges of deploying a DLP program across a rapidly evolving, multi-channel data risk landscape.

Proofpoint’s NIST-inspired framework, deployed and managed by Proofpoint and its certified partners, gives organizations access to singular expertise and efficiencies that most organizations cannot replicate, even with highly skilled internal resources. It provides a blueprint for utilising a combination of people, process and technology to analyse user behaviour and content across all channels and apply best practices and intelligence to modernise data protection.

The new framework leverages Proofpoint’s human-centric approach to information protection, combined with over 20 years of experience in designing and operating tailored DLP programs for some of the world’s most security-conscious organisations.

It also offers a CISO Visualisation Workshop, an in-depth, guided exercise for organizations seeking to implement a DLP program. Proofpoint certified partners can leverage the framework to help customers identify critical maturity gaps, evaluate benchmarking against industry peers, and determine a strategy and timeline for prioritising and addressing impacts based on Proofpoint’s analysis and recommendations.

Key elements include:

Planning, visibility and rule setting:

• In-depth assessment of DLP program maturity
• Benchmarking against industry peers
• Guided program design and implementation recommendations
• Behavioural and content visibility to inform rule-setting

Prevention and adaptive response:

• Research into emerging exfiltration and threat tactics with impact assessments
• Tuning of rules and policies for detection optimisation and data protection
• AI-enabled SOC capability designed to optimise event analysis and investigation, incident escalation and response

Metrics and governance reporting:

• Daily system checks and monitoring
• Executive reporting and documentation of outcomes

“Today, data is at risk because of human behaviour,” said Rohit Dixit, EVP and chief customer officer at Proofpoint. “The rise of the perimeter-less workplace has dramatically increased the complexity of delivering a modern, adaptive, risk-based DLP program for most organisations. Proofpoint’s unique framework and human-centric approach to information protection builds on decades of experience and expertise in planning and executing tailored DLP programs that protect some of the world’s largest enterprises. Now customers can evolve their DLP program, safe in the knowledge that their team is supported by experts who know Proofpoint technology better than anyone.”

Proofpoint Information Protection is deployed to over 46 million users worldwide and is trusted by some of the world’s biggest brands. With the new framework, Proofpoint and its certified partners provide a proven method for organisations to consolidate data defences across all channels while protecting information based on user behaviour and intent, content and data lineage.

“We’ve long recognised the challenges enterprises face in safeguarding their most critical assets,” commented Adam Gray, CTO at Novacoast. “Our ongoing partnership with Proofpoint, and the expertise and ability to utilise the comprehensive and mature Information Protection Program framework announced today, positions us to drive real, impactful change for organisations with the most complex security needs.”

“It’s well-documented that organisations face significant challenges in finding and retaining the specialised expertise needed to execute and mature their information protection programs,” said Sean Steele, managing partner at InfoLock. “Proofpoint’s pedigree in this space is unmatched, and we are excited to be one of their select certified partners to bring this tried and trusted programmatic approach to data risk management to market.”