Protecting People Proofpoint

In the digital age, data loss prevention is a top concern in cybersecurity as organizations strive to safeguard sensitive information in the hands of careless, compromised and complicit users.

Today’s episode of Protecting People dives into the inaugural Data Loss Landscape report. Our guests, Itir Clarke and Brian Gleeson shed light on the alarming statistics and insightful findings around data loss and people-based risk.

One of the most surprising findings: a mere 1% of users were responsible for almost 90% of data loss alerts.

The conversation also goes into exploring human-centric approaches to DLP, including: How understanding user behaviors can influence policy and shape effective controls to mitigate data loss risksThe impact of departing employees on data security and the need for proactive strategies to prevent unauthorized data exfiltrationThe importance of continually evaluating and adapting DLP strategies to address evolving threatsTune in to discover actionable strategies and best practices for safeguarding sensitive data in an increasingly complex threat landscape.Resources mentionedData Loss Landscape report:https://www.proofpoint.com/us/resources/threat-reports/data-loss-landscapeBlog posts about generative AIhttps://www.proofpoint.com/us/blog/email-and-cloud-threats/ai-concerns-safeguard-data-in-genai-chatgpthttps://www.proofpoint.com/us/blog/email-and-cloud-threats/generative-ai-risks-to-organizational-data

Today’s episode revolves around the latest edition of our monumental research endeavor, the "State of the Phish" report. Joining host Brian Reed is a diverse panel of global experts: Jennifer Cheng from Singapore, Carl Leonard from the U.K., Marcelo Bezerra from Brazil, and Paul Chavez from the U.S.

While we see new encounters with malware strains, vulnerabilities, and tactics yearly, the human element remains a constant. In an era of human-based risks, safeguarding people is as crucial as securing networks and infrastructure.

Noteworthy insights include a decline in successful phishing attacks (from 88% to 75%) but an underlying concern as three-fourths of organizations still fall victim. A groundbreaking aspect of this report is its inclusion of user actions, revealing that 71% of users engage in risky behaviors—96% fully aware of the risks. The panel explores the cultural and organizational factors contributing to this phenomenon, touching on convenience, urgency and leadership buy-in.

Other topics discussed include:
Regional perspectives & cultural influencesGlobal validation of user behavior insightsTune in for a riveting discussion that goes beyond statistics, unraveling the intricate web of human behavior in the face of cybersecurity challenges.

Five Minute Forecast for the week of January 29th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• 23andMe shares details of genetic data stolen in last year’s breach
• Ransomware payments drop to a new low
• The FBI warns of a new scam using bike couriers
And senior researcher Greg Lesnewich talks about the 100 days of YARA initiative.

Five Minute Forecast for the week of January 22nd. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Microsoft under attack from Russian state-sponsored hacking group
• A ransomware attack steals data of over 35 million shoppers
• Researchers link 3AM ransomware to the notorious Conti group
And senior threat intelligence analyst Selena Larson shares insights into recent activity by threat actor TA866.

Few tools are as critical to modern business than Microsoft 365. Unfortunately, the platform’s ubiquity and central role in the workplace also make it a prime target for cyber attackers.

In the face of these threats, Microsoft announced what it’s calling the Secure Future Initiative, or SFI. Today’s guest is Mark Harris, a cybersecurity advisor at Proofpoint and former Gartner analyst, who provides insights into the challenges Microsoft faces in this effort–and what it means for other cybersecurity vendors.

We also discuss:The increasing use of AI in security tools, both by defenders and attackersThe growing trend of bad actors using AI, such as in phishing emails and the emergence of deep fakesCautions against relying on a single vendor and emphasize the need for efficacy and efficiency in cybersecurity practices

Five Minute Forecast for the week of January 15th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• CISA issues warning over high-severity SharePoint vulnerability
• Ransomware gang steals 1.3 million records from Fidelity National Finance
• Fake 401k statements used to hook victims on phishing spree
And senior threat intelligence analyst Selena Larson offers an update on the 2024 threat landscape.