Service Provider Cloud

Forcepoint Takes Cloud Security Beyond the Perimeter

Forcepoint is taking a user-centric approach to cloud security, analyzing activity to find users -- and malware masquerading as users -- that threatens the enterprise.

"It's about understanding the human interaction with technology and understanding why a user is moving data," Aaron Smith, Forcepoint senior product manager for cloud security, tells Enterprise Cloud News. "Not all threats will be outside the perimeter. Some of them will be inside."

To that end, Forcepoint announced on Tuesday that it is adding new capabilities to its suite of cloud security products.

The company upgraded its Web Security product with its Cloud Application Security Broker (CASB) to add discovery and reporting of users making unsanctioned use of cloud applications and services -- known as "shadow IT."

Forcepoint acquired the Skyfence CASB from Imperva in February. (See Forcepoint Boosts Cloud Security With Acquisition.)

Forcepoint enhanced Data Loss Prevention (DLP) security analytics for web and email to include incident risk ranking, to classify the seriousness of data leaks -- incidents where confidential or proprietary data leaves the enterprise by email or other Internet channels.

And it integrates malware detection with the CASB for cloud services such as Microsoft Office 365 OneDrive, Google G Suite, and Box

Also, Forcepoint addded ISO 27018 certification to its trust program for privacy protection of personal data, to enhance compliance with the European General Data Protection Regulation (GDPR) in 27 global data centers offering full IPSEC coverage including new sites in Milan, Stockholm and Warsaw. Forcepoint previously offered ISO27001 and CSA STAR certifications with SOC attestations.

Smith noted that not all breaches detectable by Forcepoint are malicious -- some of them can be caused by employees circumventing security just to get their jobs done, for example, emailing work files to external accounts. That sort of behavior can still result in security problems, however.

While the WannaCry ransomware -- an external threat -- is generating security headlines today, internal threats are a big deal. In financial services and healthcare in particular, insiders accounted for well more than half of attacks, according to the IBM X-Force Research 2016 Cyber Security Intelligence Index. Overall, some 25% of attacks are conducted by insiders, according to the Verizon 2017 Data Breach Investigations Report. (See WannaCry Continues at a Slowed Pace and Cyberespionage, Ransomware Top 2017 Verizon DBIR.)

Forcepoint is reacting to a reality of today's threat environment -- perimeter security isn't enough. Enterprises don't even have a perimeter anymore, with data traveling from on-premises to the cloud, users hooking up personal devices to the company network, customers and partners making connections, and software-as-a-service (SaaS) applications such as Salesforce and Microsoft Office 365 essential to doing business.

Security vendors such as Cisco, Nuage and VMware are touting microsegmentation as a solution -- using network virtualization to divide the network into many compartments, with security barriers between them to prevent the spread of infection.

Forcepoint, headquartered in Austin, Texas, is a privately held cybersecurity company with 2,500 employees and 20,000 customers, backed by Raytheon and launched early last year to bring defense technologies to the private sector. Forcepoint comprises three previously separate companies -- Raytheon Cyber Products, Websense and Intel McAfee Stonesoft.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News

Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.

JohnMason 6/6/2017 | 4:40:20 PM
Re: Sublte One can learn a lot when working for small company. Or even a big company. The things I've seen....
Mitch Wagner 6/6/2017 | 2:30:32 PM
Re: Sublte ... and a denial of service attack, of sorts, if he leaves the company on bad terms. Or gets run over by a beer truck. 
JohnMason 5/29/2017 | 3:16:17 AM
Re: Sublte There were issues when the people involved were not available. There were no backup people. That's where the job security figured in.
Michelle 5/28/2017 | 2:42:09 PM
Re: Sublte @John Were there ever any issues with the startup sequence requirement? I assume they had enough back up folks that could handle the process if one of the main folks was out.
JohnMason 5/25/2017 | 5:47:39 PM
Sublte Security threats can be subtle. For instance, I had heard of a manager who had quietly arranged for the sequence of server activation to follow a specific but complicated pattern, or the network would not operate properly. In other words, you couldn't just bring a server online by itself. You had to coordinate it with certain other servers, or it didn't work correctly. Only a few people knew the sequence. It was job security for them.
Sign In