Forcepoint Fights Shadow IT with Cybersecurity Analytics Functions

Human-centric cloud security solution for web, email and cloud-access security brokers provides reporting and context to address biggest risks--internal and external.


Global cybersecurity provider Forcepoint, which focuses much of its expertise on insider threats in enterprise security, has released new cloud-based functionality for its platform aimed at improving the secure adoption and deployment of cloud applications.

Forcepoint’s new software, released May 25, protects enterprise and government employees alongside business data and IP at all times and at any location, including from advanced threats such as ransomware and phishing attacks, the company said.

The latest augmentations include new cloud app discovery and risk assessment; DLP (data loss prevention) security analytics; advanced malware for CASB (cloud access security brokers) players; and certified cloud-service offerings that increase GDPR (European Union General Data Protection Regulation) compliance. These new cloud security enhancements for trusted global data centers enable customers to be fully cloud-deployed or to fold hybrid cloud and on-premises security into their business strategy, the Austin, Texas-based company said.

They bring visibility and risk reporting to potential incidents and technology deployed throughout an organization. This includes so-called shadow IT, in which employees use non-sanctioned applications inside the business and may be a source of risk.

Internal Breaches Are at Top of the List

“Internal incidents top the list of breach causes in 2016 (at 41 percent by Forrester Research, and estimated up to 60 to 70 percent by other analysts), and the proportion of those that are malicious is rising,” Forrester Research analyst Heidi Shey wrote in a recent market report. “Even external attacks ultimately involved attackers targeting and taking advantage of insiders and using user authentication credentials.”

While security training and awareness programs go a long way toward preventing internal breaches, organizations often struggle to enforce policies against employees who adopt unsanctioned shadow IT technology and data practices in order to maximize workplace efficiencies, Forcepoint said. At this point there’s no way to completely stamp out these practices; they're too widespread in use.

New capabilities now in the platform include:

  • Cloud app discovery and risk assessment included in web security: Integrating Forcepoint CASB technology, Forcepoint Web Security adds discovery and reporting of shadow IT and users of unsanctioned applications. These reports on both apps and users provide details and risk rankings to eliminate a major enterprise security blind spot.
  • Data Loss Prevention (DLP) security analytics for web and email: Incident Risk Ranking is now included with DLP for Web and Email (formerly DLP Module). Forcepoint applies machine learning to intelligently rank and classify security incidents across the cyber continuum of intent, including accidental leaks, broken business process or data theft. Security teams can proactively address issues and prioritize responses for incidents linked to insider threats versus inadvertent user error.
  • Advanced malware detection for CASB: Forcepoint CASB now supports the Advanced Malware Detection cloud service, offering sandboxing and behavioral analysis technology to uncover Zero-Day attacks, ransomware and other advanced threats hidden in cloud storage solutions such or Office 365 OneDrive.
  • Web security appliances with SSL decryption mirror port: Organizations can lower Capex and Opex by using a single Forcepoint policy to securely send decrypted data to third-party passive security analysis tools to extend the value of existing IT investments.
  • Certified cloud service offering GDPR compliance controls: Forcepoint is the only security vendor that runs a dedicated cloud trust program encompassing ISO 27001 and CSA STAR certifications with SOC attestations. Forcepoint recently added ISO 27018 certification to its trust program to provide an improved system of controls for privacy protection of personal data to enhance GDPR compliance. Users can securely extend their infrastructures with 27 global data centers that offer full IPSEC coverage, including new sites now open in Milan, Stockholm, Warsaw and Toronto.

Forcepoint is based in Austin, Texas. For more information, go here.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 15 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...