Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform aiming to address the full spectrum of data security challenges across today’s complex data landscape

Proofpoint Inc., a leading cybersecurity and compliance company announced it has entered into a definitive agreement to acquire Normalyze, a leader in Data Security Posture Management (DSPM). With this acquisition, Proofpoint will further enhance its human-centric security platform with Normalyze’s leading AI-powered DSPM technology, allowing organizations to discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments, while prioritizing the reduction of human-centric risks in data security.

Addressing Human Risk in the Data-Driven Cloud Era

As organizations embrace AI and generative technologies to drive innovation, the human element in data security has become increasingly critical. The widespread adoption of AI platforms, Databases as a Service (DBaaS) and Continuous Integration/Continuous Development (CI/CD) practices has created a web of interconnected data environments that security teams can struggle to secure. This rapid technological evolution has led to increased complexity and heightened risks of improper data handling as development teams focus on quick outcomes, often bypassing essential security governance. As more access to data is granted to people and machines, gaps in visibility and control can emerge without appropriate governance or controls from security teams.

This evolving landscape presents complex challenges in discovering, classifying, and securing data, leading to an increased risk of data breaches due to forgotten and misclassified data, as well as overprivileged access. In fact, recent research from Enterprise Strategy Group reveals that over a quarter of businesses don’t know where their sensitive data is. By implementing DSPM technology, organizations are enabled to fill the security gaps created by their teams’ interactions with complex data environments and reduce the total data attack surface. 

“Today, data is at risk because of human behavior. Modern applications are rapidly changing, driven by small teams of developers working independently on microservices and various data sources, leading to an explosion of data,” said Mayank Choudhary, executive vice president and general manager, Data Security & Compliance, Proofpoint. “These modern applications are highly interconnected, making it hard for security teams to manage the heterogeneous and ever-growing sprawl of their data. By combining Proofpoint’s leading human-centric security platform with Normalyze’s pioneering DSPM technology, we can provide our customers with comprehensive visibility and control of their data posture so they can further mitigate human risk across their organization.”

“With the rapid proliferation of internally developed cloud applications, and use of SaaS applications procured by teams outside of IT, security teams are faced with the daunting challenge of inconsistent visibility and control of their critical data in the cloud,” said Ravi Ithal, cofounder and chief technology officer, Normalyze. “As data has become increasingly difficult to secure, the driving force behind our mission and technology has been to help organizations secure the data they care about, wherever it is. By joining forces with Proofpoint, we can empower organizations to further improve their data security posture, reducing the risk of data breaches caused by human errors and help them to prioritize data loss threats.” Read more here…

Coding vulnerabilities will soon be identified and remediated automatically, complete with code suggestions ……

How cyber insurance will evolve over the next decade…..my post in TechCrunch

More than a billion dollars in ransomware is paid out each year….a flourishing business indeed.

According to 451 Research, over 100 new security startups are formed each year. Add that to ~1300 existing security vendors that are shouting each other out in the marketplace. What you have is a lot of noise, confusion and me-toos. And that’s why orchestration and automation matters….

Why security will matter over the next decade…my post in TechCrunch published in 2016…