- Reduce cyber risks to companies, employees and revenue potential
- Continuously strengthen and mature controls in spite of organizational complexity and limited resources
- Deliver value-added capabilities to current companies and attract new companies
- Proofpoint Email Protection
- Proofpoint Targeted Attack Protection
- Proofpoint Email Fraud Defense
- Proofpoint Threat Response Auto-Pull
- Proofpoint Email Encryption
- Proofpoint Security Awareness Training, PhishAlarm and PhishAlarm Analyzer
- Automated advanced threat detection and removal to prevent harm from cyber threats
- Enabled security team to focus on “true positive” alerts instead of chasing false positives
- Gained detailed insight and supporting data for identifying most attacked users and tracking changes in the threat landscape
- Added value to companies and their clients
- Enabled automation deeper into the kill chain
IPG and its companies deliver award-winning campaigns for many of today’s world-leading brands. Marketing and advertising strategies, creative work, and brand equity can represent billions of dollars of corporate value to each client. Security is important to win agency clients; therefore, it’s essential for IPG to protect its companies and employees in order to attract new agencies.
“Our mission is reducing business risk,” said Chris White, director of security operations and deputy chief information security officer for IPG. “That’s not easy with massive scope and complexity. We can’t possibly hire enough cybersecurity experts—they simply don’t exist—so we must find other methods to achieve our goals.”
The IPG security team manages more than 100 agency tenants in Microsoft Azurebased 365 email. Among tenants, there are huge differences in office size, ownership and work style. The goal is to move the hundreds of IPG companies to Microsoft Office 365, but meanwhile, the team needs a way to defend multiple email platforms against crimeware, email fraud, impostors, and nonstop phishing campaigns.
“I knew Proofpoint could arm us with the tools and information that enable us to defend our companies and give us the data, automated capabilities, and vendor expertise we needed,” said White. “We chose Proofpoint as our primary tool to support security for one of our most critical business systems.”
Building on strength
The IPG team built its defenses on Proofpoint Email Protection. With multilayered threat protection and analysis, it defends IPG employees against spam, bulk email, malware and viruses. It also evolves impostor email and phishing attacks. And by using Proofpoint Targeted Attack Protection (TAP), the IPG team can detect, analyze and block advanced threats delivered through malicious attachments and URLs before they reach employees. TAP also detects polymorphic malware, weaponized documents, and credential theft attacks across cloud and premisesbased email systems.
For example, IPG exchanges email with its companies, and each company also exchanges email with external clients. Once, a client’s email was co-opted by a threat actor who inserted a malicious URL—unbeknownst to the client. Proofpoint detected and blocked the email, which enabled IPG to provide the agency’s client with the important data needed for remediation.
“Proofpoint enables us to add value to our companies,” said White. “In turn, they can demonstrate security assurance to their clients. Proofpoint supports our trusted relationships, which are critical to delivering great work.”
Besides detecting advanced threats, the IPG team can automatically remove them from mailboxes with Proofpoint Threat Response Auto-Pull (TRAP). This automation has been a game-changer for IPG. White’s team plans to extend Proofpoint Threat Response automation to other use cases, such as automatically isolating endpoints or correlating data with other security controls.
“There will always be more threat and attack data than security analysts,” said White. “With Proofpoint Threat Response, we can automatically enable protections further down the kill chain. This is extraordinarily beneficial.”
Maturing front-line Defenses
Knowledgeable employees are powerful front-line defenses. Proofpoint Security Awareness Training with PhishAlarm makes it easy for IPG users to report phishing emails. PhishAlarm Analyzer ranks reported emails in real time by their threat potential, which saves time for the security team. The Proofpoint Attack Index within the TAP Dashboard provides data on IPG’s most attacked people. And it gives them instant visibility into these targeted users and the threats that attack them. With this insight, White’s team can track changes in the attack landscape over time, as well as improvements in user awareness.
“We can measure how well users recognize phishing attacks and if they take action when they see something suspicious,” said White. “Having users report suspicious emails is a huge step forward in security maturity.”
Proofpoint enables the team to focus its time on “true positive” alerts and issues with potentially high impact. Now they’re spending their time on the security measures that matter most to their enterprise and its companies.
“By improving our companies’ security, we provide a distinct benefit to their businesses and their clients,” said White. “Proofpoint enables us to bring more value to these relationships and plays a key role in making us attractive to new agencies.”