Deploying advanced monitoring and analytics tools that focus on user behavior and correlate events across systems. This is where a human-centric approach diverges from traditional methods. Instead of just logging events, the focus shifts to understanding who is doing what, when, and why, and whether that behavior deviates from established norms. Educating the entire workforce about the risks of threat actors impersonating employees and the need for more vigilant cybersecurity awareness practices. Seven out of 10 working adults admitted to taking a risky action, such as reusing or sharing a password, clicking on links or QR codes from unknown senders or giving credentials to an untrustworthy source, according to Proofpoint’s “2024 State of the Phish” Integrated Human- Centric Protection In an environment where agencies manage high volumes of sensitive information, the most effective security strategies place people at the center of protection efforts. Proofpoint’s experts know this space well, highlighting how modern threat intelligence and machine learning help agencies reduce risk by identifying and stopping harmful emails before staff ever see them. When a suspicious message does slip through, a network must have the capabilities that allow security teams to quickly remove it from inboxes, limiting exposure and
“Across state and local agencies, the volume and variety of email threats continue to grow, making advanced screening essential for protecting staff and safeguarding public data. Sandboxing tools must play a central role in that effort. Secure systems evaluate warning signs such as questionable IP addresses, unfamiliar or risky file attachments, and links that could redirect users to unsafe destinations. When needed, they can also rewrite or isolate URLs so employees interact only with verified sites,” Witt explains. “Protected clients have a very granular view of the most attacked individuals in their organization, based on volume or severity and sophistication of exploits being sent to them,” he adds. “By analyzing email activity on a client’s network, you can identify the last five people an individual emailed, or who sends email to that individual most often, or who that individual groups together.” “There is a whole other form of questioning that [a service desk agent] could ask when trying to go through the authentication and
verification process,” Witt notes. Only the latest technology can compliment those capabilities by providing a holistic architecture that identifies and mitigates risk across an organization’s entire digital environment, reducing the burden on end-users and the service desk. Agencies, for instance, can track user activities across various platforms – cloud application usage, file access patterns, permission changes, email sending behavior, login locations and times. Advanced tools utilizing AI and ML can establish baseline behaviors for individuals and roles, automatically flagging deviations that indicate potential compromise. For instance, an employee suddenly accessing unusual files, attempting to change permissions or sending emails with suspicious links after contacting the help desk would trigger an alert. Those and other capabilities led Gartner to name Proofpoint a “Leader” in its 2024 Magic Quadrant for email security platforms.
helping agencies maintain continuity of operations. – 2026 Legislative Edition – Florida Technology Magazine 28
Powered by FlippingBook