One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8601780 |
| Date de publication | 2024-10-25 10:37:05 (vue: 2024-10-25 22:07:57) |
| Titre | Journey d'un fabricant mondial: passer de la sécurité anormale au point de preuve A Global Manufacturer\\'s Journey: Making the Switch from Abnormal Security to Proofpoint |
| Texte | Cybersecurity is a big concern for organizations, especially with today\'s rapidly evolving digital landscape. This is especially the case for global manufacturing companies. Their complex operations spanning multiple regions and digital systems create unique security challenges when safeguarding their networks and sensitive information. In this blog, we share insights of a global manufacturing company that switched from Abnormal Security to Proofpoint. While the company is a Proofpoint customer, they requested anonymity to share their story openly. Starting from scratch The cybersecurity director took over about a year and a half ago. At that time, the cybersecurity infrastructure was basic. His predecessor had laid the foundation, but the business had yet to fully invest in a comprehensive cybersecurity framework. Though they had invested in technologies such as Abnormal Security for email security, Zscaler for network security, SentinelOne for endpoint detection and response, and a predominately Microsoft Azure-based cloud infrastructure, its security posture was incomplete. The director recognized that the systems in place were siloed, operating as independent point solutions rather than an integrated ecosystem. His goal was to build a cybersecurity framework where core platforms could interconnect and complement each other, creating a more robust defense mechanism. Cybersecurity threats As a global manufacturer, they face several cybersecurity threats. Some are industry-specific, and some are common across sectors: Supply chain risks. The supply chain is complex, with vendors and partners spread across different regions. A breach within a partner or supplier network could compromise the company\'s systems, resulting in operational disruptions. Ransomware attacks. Operational continuity is critical. A ransomware attack could stop production, causing significant financial and reputational damage. Industrial espionage. The proprietary manufacturing techniques and intellectual property (IP) are prime targets for cybercriminals. A breach could result in the theft of valuable IP and the loss of their competitive advantage. Insider threats. With a geographically dispersed workforce, insider threats-whether through malicious intent or negligence-remains an ongoing concern. Operational technology (OT) security. The company\'s manufacturing processes rely heavily on operational technology. An attack on OT systems could halt production and pose safety risks. Third-party risk. The company depends on numerous third-party vendors and service providers, making it vulnerable to attacks originating from weaker links in the supply chain. Phishing and social engineering. Human error remains a significant cause of breaches. Employees are often targets of phishing attacks that try to steal credentials or spread malware. Moving to an integrated approach. To tackle these threats, the director emphasized the need for interoperability between cybersecurity platforms. A key point of frustration was the organization\'s initial reliance on Abnormal Security, a point solution focused on post-delivery email security. While effective in specific cases, Abnormal lacked the versatility and integration capabilities necessary to meet the company\'s broader needs. The director explained, "Abnormal did one thing really well, but nothing else. What I wanted was platforms that I could build upon and connect together." Abnormal Security: Specialized but limited At first, Abnormal Security seemed like a good investment. It provided efficient detection of specific threats, and its automation helped streamline identification of phishing and scam emails. But soon its limits became clear. It was a point solution, focusing only on limited types of emails. It lacked the comprehensive functionality required to serve as the primary email security platform. The director needed an all-encompassing email security solution. It needed to not only stop phishing attacks but also sophisticated spear-phishing, malware, suspicious att |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 365 abnormal about according across actionable actors added addressed adopting advanced advantage after against ago ahead all allowed allowing also analysis analytics anonymity another any appear approach are areas attachments attack attacks attacks that attempts automated automation azure based basic became before behavioral better between big blocked blog board breach breaches brief broader budget build building built business but buy can capabilities care case cases cause causing chain chairman challenge challenges changer choice claimed clear click clicked closely cloud combined common communicated companies company compares competition competitive complement complex comprehensive compromise concept concern concerns confidence confidently confusion connect continue continued continuity continuous core could create creating credentials critical customer customized cybercriminals cybersecurity damage decision decreased dedicated defense defenses delay delays deletion delivering delivery depends described detailed detection did different digital director disappearing dispersed disruptions distant does don due during each easily easy ecosystem effective efficacy efficient else email emails emphasis emphasized employees enabled enabling encompassing end endpoint engineering enough ensuring enter enterprises eroding error especially espionage essential establish ever everything evolving executives existing experience experienced experts explained expressed face false faster feel financial find first fit flagged focus focused focusing fortunately found foundation framework from frustration fully functionality further game gaps gateway geographically get global goal good had half halt have heavily helped high his hours how human identification immediately impact implement improved improvement improvements inboxes incident including incomplete inconsistent increased independent industrial industry information infrastructure initial insider insights instance integrated integration intellectual intelligence intent interact interception interconnect interconnected interoperability invest invested investment investments ip and isolated issue issues its journey: key knowing lacked laid landscape large largely later layered leaders leadership learn leaves led lesson level levels lifecycle like limited limits links logs longer loss making malicious malware manually manufacturer manufacturing many marked may mechanism mechanisms meet message microsoft minutes missed mitigation modern months more move moving multiple narrow necessary need needed needing needs negligence network networks niche not noted nothing noticed now number numerous occasionally offer offered often one ongoing only openly operating operational operations organization organizations originating other over overcoming part particularly partner partners party paving people performance phase phishing place platform platforms point poor pose positives post posture pre predecessor predominately pressure primary prime proactive proactively processes production proof proofpoint proofpoint: property proprietary protect protected protection provided providers provides raised raising range ransomware ransomware attack rapidly rate rather reached read real realized really recognized recommendations reconsider recurring reduced regions reliability reliable reliance rely remains remediate remediation removed reporting reputational requested require required resilient resistance resources response responses restored result resulting results reviewed risk risks robust safeguarding safety sandboxing saw scalable scam scratch seamless seconds sectors: secure securing security security capabilities security: see seemed senior sensitive sentinelone serve service several share show showed shown significant significantly siloed similar social solution solutions some something soon sophisticated spanning spear specialized specific spread starting stay steal stop stopped story strategic streamline stronger successful such supplier supply support supportive suspic |
| Tags | Ransomware Malware Tool Threat Industrial Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.