To make informed security decisions in today’s threat landscape, it is vital to understand the severity of the threats that are targeting your organization and people rather than just the volume of attacks.
For example, a hyper-targeted threat from a known nation-state attacker delivering a remote access trojan (RAT) payload is much more concerning than a widespread threat from an unknown attacker delivering a corporate credential phish.
How Proofpoint Exposes Security Risk
Understanding the threat severity, not just volume of attacks, targeting your people and your organization enables better protection from data breaches and financial losses. For some time now, Proofpoint has provided this type of unique insight through the Proofpoint Attack Index. The Proofpoint Attack Index quantifies a security risk based on four factors:
- Attacker sophistication (e.g. nation-state vs. unknown actor)
- Targeting type (e.g. highly targeted vs. broad-based campaigns)
- Attack type (e.g. credential phishing, backdoor malware, etc.)
- Attack volume (e.g. how much is this person being attacked?)
This capability helps organizations better identify and manage risk by providing unique visibility into the severity of each attack.
New Executive Report Reveals Company-Level Risk
This week, Proofpoint introduced an industry-first executive level report to understand and communicate company-level risk based on the Attack Index. Customers can now see a company-level Attack Index score to better understand the severity of threats that are attacking them. In addition, customers can leverage Proofpoint’s proprietary (and anonymous) data to create comparisons of their company attack index to peer groups such as industry to enhance their visibility into the threat landscape.
This new report also allows CISOs and security teams to understand how much more or less attacked they are and what types of threats are targeting them relative to peers across industries. With this insight, organizations can prioritize security controls based on their organization’s unique attack landscape. For example, if your company is being targeted with credential phishing more than others in similar industries, you could roll out additional training to end-users on that specific threat. In some cases, this report could be used in budget discussions. For example, if your attack index is higher than your peers, you could share that insight with the CFO and/or Board of Directors to illustrate how challenging it is to protect your organization.
The company-level Attack Index and Industry Comparison reports are available to all Proofpoint Targeted Attack Protection (TAP) customers at no additional charge. These reports can be found by:
- Logging-in to the TAP Dashboard
- Click the Reports Tab on the left-hand menu bar
- Click the Organizations Tab
- Begin filtering by industry
Want to leverage our unique insights at your organization? Learn more about the Proofpoint Targeted Attack Protection offering here.