Nexus People Risk Explorer

Nexus People Risk Explorer (NPRE) gives you a unified view of your people-centric risk across the Proofpoint platform and third-party products. It assesses the impact of user risk on your organisation. And it allows you to scope and prioritise security projects to protect your people and data.


Understand Your Security Risks Across Multiple Threat Vectors and Risk Factors

Take a people-centric approach

With our unique people-centric approach, we help you understand your VAPs™ (Very Attacked People) and your attack surface. Nexus People Risk Explorer extends those capabilities to model risk based on more factors: vulnerability, attack and privilege. Vulnerability looks at how people work in high-risk ways. Attack analyzes how people are targeted by threats. And privilege deals with how people access valuable data.

Nexus People Risk Explorer helps you understand your people-centric security risk in several ways:

  • Gain insight into the vulnerabilities and privileges of specific users, departments, and groups through product integrations, including Proofpoint Targeted Attack Protection, Cloud Account Defense, Cloud App Security Broker, Security Awareness Training.
  • Get user rankings by risk scores and group them based on risk profiles with our proprietary Attack Index algorithm combined with user vulnerabilities and privileges (risk modeling).
  • Assess risk across multiple factors including regions, business functions, and custom groups.

Optimize risk mitigation

When assessing risk, it’s challenging to know where to start and which users to prioritize. Nexus People Risk Explorer helps by assigning users to subgroups based on similar risk profiles. This reduces the volume of risky users that your security team needs to focus on at any given time.

People Risk Explorer saves time by flagging your riskiest users first. Then your team can make decisions based on priorities. This means you can deploy security controls faster, and reduce your chances that a data breach will severely impact your organization.

People Risk Explorer surfaces your users: ​

  • With the highest risk scores​
  • With severe vulnerabilities​
  • Within a particular group or department and who have access to sensitive data, which makes them a likely target

Evolve security control decisions

Research shows that most organizations will be severely impacted by breaches at some point. That means you need to be ready to identify and mitigate risk proactively to prevent and reduce the effects of these breaches. But if you don’t understand what puts your organization at risk, it’s difficult to know the best way to mitigate risk and keep your users and data safe.

What’s more, deploying security controls is costly and timely. But knowing which controls to apply and to whom helps you reduce your overall risk.

With Nexus People Risk Explorer, you can decide which controls:

  • Are critical to your overall security posture​, by showing the risk reduction scores associated with them
  • Should be applied and to whom, with a list of users affected by them​
  • Were effective in mitigating risk​, with line graphs in the “trending” view that visually show risk changes over time

Monitor progress and plan your budget

The 2021 Voice of the CISO Report survey states that 66% of CISOs believe their organization is not prepared to cope with an attack. And more than half (53%) of all CISOs are more concerned about the repercussions of a cyber attack in 2021 than they were in 2020.

Nexus People Risk Explorer helps you address these concerns. And it provides valuable tools, such line graphs and trending visualizations, so you can show a control’s effectiveness to your executives and your Board. No other vendor provides risk values at the person and groups level. And to reduce strain on budget and resources, it helps you:

  • Quantify overall organizational and group/departmental risk to business stakeholders​.
  • Make educated decisions for where to invest next​.
  • Track risk improvements with visual representations that are easily understood by non-technical audiences, to justify spending.
  • Analyze the impact of each applied security control on the broader organization. We associate each recommendation with its “risk reduction score,” making it easy to identify which controls will have the most impact on overall risk of the identified subgroup.

Ready to give Proofpoint a try?

Start with a Free Proofpoint Trial.