Features and Benefits
Understand Your Security Risks Across Multiple Threat Vectors and Risk Factors
Take a people-centric approach
With our unique people-centric approach, we help you understand your VAPs™ (Very Attacked People) and your attack surface. Nexus People Risk Explorer extends those capabilities to model risk based on more factors: vulnerability, attack and privilege. Vulnerability looks at how people work in high-risk ways. Attack analyzes how people are targeted by threats. And privilege deals with how people access valuable data.
Nexus People Risk Explorer helps you understand your people-centric security risk in several ways:
- Gain insight into the vulnerabilities and privileges of specific users, departments, and groups through product integrations, including Proofpoint Targeted Attack Protection, Cloud Account Defense, Cloud App Security Broker, Security Awareness Training.
- Get user rankings by risk scores and group them based on risk profiles with our proprietary Attack Index algorithm combined with user vulnerabilities and privileges (risk modeling).
- Assess risk across multiple factors including regions, business functions, and custom groups.
Optimize risk mitigation
When assessing risk, it’s challenging to know where to start and which users to prioritize. Nexus People Risk Explorer helps by assigning users to subgroups based on similar risk profiles. This reduces the volume of risky users that your security team needs to focus on at any given time.
People Risk Explorer saves time by flagging your riskiest users first. Then your team can make decisions based on priorities. This means you can deploy security controls faster, and reduce your chances that a data breach will severely impact your organization.
People Risk Explorer surfaces your users:
- With the highest risk scores
- With severe vulnerabilities
- Within a particular group or department and who have access to sensitive data, which makes them a likely target
Evolve security control decisions
Research shows that most organizations will be severely impacted by breaches at some point. That means you need to be ready to identify and mitigate risk proactively to prevent and reduce the effects of these breaches. But if you don’t understand what puts your organization at risk, it’s difficult to know the best way to mitigate risk and keep your users and data safe.
What’s more, deploying security controls is costly and timely. But knowing which controls to apply and to whom helps you reduce your overall risk.
With Nexus People Risk Explorer, you can decide which controls:
- Are critical to your overall security posture, by showing the risk reduction scores associated with them
- Should be applied and to whom, with a list of users affected by them
- Were effective in mitigating risk, with line graphs in the “trending” view that visually show risk changes over time
Monitor progress and plan your budget
The 2021 Voice of the CISO Report survey states that 66% of CISOs believe their organization is not prepared to cope with an attack. And more than half (53%) of all CISOs are more concerned about the repercussions of a cyber attack in 2021 than they were in 2020.
Nexus People Risk Explorer helps you address these concerns. And it provides valuable tools, such line graphs and trending visualizations, so you can show a control’s effectiveness to your executives and your Board. No other vendor provides risk values at the person and groups level. And to reduce strain on budget and resources, it helps you:
- Quantify overall organizational and group/departmental risk to business stakeholders.
- Make educated decisions for where to invest next.
- Track risk improvements with visual representations that are easily understood by non-technical audiences, to justify spending.
- Analyze the impact of each applied security control on the broader organization. We associate each recommendation with its “risk reduction score,” making it easy to identify which controls will have the most impact on overall risk of the identified subgroup.
“We are excited about the capabilities that Proofpoint is well known for, as well as the capabilities that are emerging and that we think are forward-thinking and innovative.”
Michael Manrod, director of security, Grand Canyon University
“Attackers used to focus on exploiting infrastructure. Now they target people. Our focus has shifted to protecting people, which illustrates the changing boundary of security. That boundary has gotten very personal, very quickly.”
Seth Edgar, chief information security officer, Michigan State University
“After using Nexus People Risk Explorer, we have stabilized the number of employees who are vulnerable, attacked and privileged to a group more manageable for our security teams to analyze.”
“The data provided by Nexus People Risk Explorer has been eye-opening. We’ve used this data to assign more security awareness training to empower our users to be our first line of defense.”