Category Archives: Forcepoint

  • 0

2018 Security Predictions

Category : Forcepoint

New security challenges in 2018

Hackers are already scheming their next wave of targets: will they replicate the colossal Equifax breach and cash in on reams of personal data or freeze up IoT devices simply in order to disrupt critical systems?

Join Forcepoint’s Bob Hansmann, Director, Security Technologies for a Forcepoint 2018 Security Predictions Report webcast on the most pressing security issues for the upcoming year.

You’ll receive an advance copy of the Forcepoint 2018 Security Predictions Report just for attending.

Live online Nov 30 2:00 pm
or after on demand 60 mins

  • 0

2017 NSS Labs Next Generation Intrusion Prevention System Report

Category : Forcepoint

Once again, Forcepoint NGFW is shown to be a highly-effective, secure network security solution, having received another “Recommended” rating for overall security effectiveness, performance and total cost of ownership (TCO) in the NSS Labs 2017 Next Generation Intrusion Prevention System (NGIPS) Comparative Report.

In this year’s test, NSS Labs examined products from 8 vendors ranging from next generation firewalls to dedicated IPS boxes, and measured their ability to stop exploits and attack techniques that compromise servers, workstations, databases and other systems. The results display a stark contrast between products designed to defeat evasions and those which leave networks exposed to attack.

Forcepoint NGFW, which pioneered the defense against evasions, achieved an overall 99.9% security effectiveness score. Forcepoint NGFW not only performed well against dedicated-purpose IPS devices for the second year in a row, it continued its unbroken streak of stopping 100% of evasion techniques.

In addition, Forcepoint NGFW obtained one of the lowest TCO scores, reflecting its deep integration of manageability into all aspects of operations. With Forcepoint NGFW, highly distributed enterprises and governments can deploy advanced intrusion prevention with inspection of encrypted traffic, high performance firewalling (on-premises and in the cloud), rapid-setup VPNs and SD-WAN link clustering — all managed from a single console.

According to the 2017 NSS Labs NGIPS test, Forcepoint NGFW:

  • Blocked 99.91% of exploits, even in the face of advanced evasions
  • Blocked 100% of evasions, 99.86% of NSS CAWS live exploits and 99.91% attacks overall
  • Passed all stability and reliability tests

In NSS Labs’ 2017 NGFW testing which took place earlier this year, Forcepoint NGFW achieved a 99.9% score for Security Effectiveness and a low TCO.

Forcepoint NGFW is, once again, a leader in network security.

Read the full report.

  • 0

Mission-Critical Network Security, Evolved

Category : Forcepoint

Realize the synergetic potential of integrating traditional firewalls with Forcepoint NGFW.

For governments and businesses continuing down the digital transformation path, next-generation technologies play a pivotal role in modernizing legacy network security infrastructure. IT security leaders should target a next-generation firewall that seamlessly integrates with their current firewall architecture in order to avoid security gaps that could potentially lead to compromise.

Firewalls play a fundamental role in protecting networks, and for decades, Forcepoint Sidewinder proxy firewalls have secured the most sensitive mission-critical environments on the planet. Government agencies, critical infrastructure organizations and commercial enterprises continue to trust Sidewinder due to its unmatched level of protection—there’s simply no other solution that delivers the same caliber of application-level network traffic security.

Forcepoint NGFW now incorporates the best of Sidewinder so you can leverage next-generation capabilities without sacrificing the application-level security you rely on to protect your critical data. Read this whitepaper to gain a full understanding of the benefits of Sidewinder + Forcepoint NGFW.

  • 0

Internet Outages, Botnets… Just Another Day at the Office

Category : Forcepoint

2017 seems to have been a breakout year for cyber risk, and just when you’re telling yourself it can’t get any worse… well, it gets worse. As anyone monitoring the security press (or Twitter) will be aware, both the FBI and DHS have released information about campaigns targeting our critical infrastructure  and the potential of internet outages from the quickly-growing ‘IoTroop’ IoT botnet. While neither revelation is much of a surprise (summary: bad people are targeting stuff that matters and someone is growing a big botnet for reasons yet to be disclosed) that’s hardly a good Monday morning in the office.

While it’s good that we’re seeing sharing of cyber risk, I have to ask if this is a warning that we can do much about in the short term. Yes, we can add specific detection for the botnet traffic, yes, we can detect IoCs for the latest round of people-centric attacks. However, neither of those do us much good in the long term, because the attacker doesn’t stay static and simply say ‘You got me!’ If a nation state has us in its crosshairs, I have to ask what concrete steps commercial entities can take that would make much of a difference given the vast asymmetry they face in terms of cost to attack versus cost to defend. Even if we were to disclose the “Who?”, “What?” and “Why?” would that change the specific mitigations we need to put in place? There are steps we can take, but they are anything but quick, and they are not simple. That’s an important point, so I’ll reiterate. Not quick, as this requires a fundamental do-over in how we try and build protections, and not simple, in that we live in a world where defenses and threats co-evolve: the attackers respond to us, and vice versa. Changing the technology (but more importantly, the underlying economics) of that game is something that we have to do.

As an active member of the cybersecurity community for over 25 years, the takeaway is perhaps different than one might expect. Cyber represents a continuous risk for not just vulnerable sectors, but at the upper end, to our way of life. I am not arguing that the sky is falling nor trying to sell fear or uncertainty (or doubt, to complete the thought), but we also need to recognize the highly-asymmetric threat environment in which we now live for what it is. This is not abstract… it is personal, and we’re all in it together. For example, with a botnet, your insecurity directly impacts my safely online… and vice versa. Once we recognize that, we then have to make the investments to do something about it – something well thought out, not a shared system of liability where my only recourse is litigation.

From a security perspective, these joint warnings remind us that attackers will use any means necessary to accomplish their goals, ranging from simple distributed denial of service attacks using massive botnets to the specific targeting of high-value targets within an organization. As defenders, we need to do the basics well, such as patching, continuous monitoring and secure software development. However, in addition we must recognize the criticality of focusing on not just the purely technological, but also the human. We cannot remain trapped in an arms race chasing the latest exploit or vulnerability, but must work on a more holistic strategy that provides protection for every end user in our organization. Building resilience in our systems must be our mantra as we go forward.


Author: Richard Ford

  • 0

A Predictive “PreCrime” Approach Requires a Human Focus

Category : Forcepoint

In Philip K. Dick’s 1956 “The Minority Report,” murder ceased to occur due to the work of the “PreCrime Division,” that anticipated and prevented killings before they happened. Today, we are only beginning to see the impact of predictive analytics upon cybersecurity – especially for insider threat detection and prevention. Based on user interaction with data, CISOs and their teams emerge as the IT equivalent of a PreCrime Division, empowered to intervene before a violation is ever committed.

In this webcast, we examine the technologies which make predictive analytics valuable, along with ethically minded guidance to strike the balance between vigilance and privacy.

Watch the Webcast

  • 0

Forcepoint GDPR Product Mapping Webcast Series

Category : Forcepoint

In this three-part series of short, live webcasts, Forcepoint provides insight and interpretation around the General Data Protection Regulation (GDPR), how it maps to relevant information security technology, and more specifically, how Forcepoint technology can help you prepare for the GDPR. Each session will focus on key areas where technical measures can play a part in supporting your efforts towards the GDPR.

October 4 – Inventory of Personal Data Learn why organizations must ensure they understand what personal data they hold and where it exists across the organization. In this session, we will discuss data-centric technologies like DLP and examine how they help organizations to find personal data and understand risk.

October 17 – Data Flow Mapping & Control It’s necessary to understand personal data flows in order to measure risk and apply controls: this is an important part of managing effective processing practices. Integrating multiple technologies is a key to success. In this session, Forcepoint will show how technologies like DLP can be used to provide visibility and orchestrate controls to enforce processing policies through the integration of other technologies.

November 8 – Responding in a timely manner With the 72 hour breach response window, organizations will need to rapidly detect data incidents and efficiently orchestrate the appropriate response. In this session, Forcepoint will explore how technologies can support organizations’ breach response process.

Presenters: Mike Smart, Product & Solutions Director, Forcepoint Chris Jones, Sales Engineer, Forcepoint

Register here to attend all 3 sessions

  • 0

Rethinking Your Cybersecurity Approach, Thoughts From A CIO

Category : Forcepoint

October is National Cybersecurity Awareness Month, and this week the theme is “Cybersecurity in the Workplace is Everyone’s Business.” As CIO of Forcepoint, I’m keenly aware of how important it is for cybersecurity to be a shared concern across the business. As cyber attacks rise exponentially, and the attack surface continues to expand, I know that my peers are also increasingly attuned to this issue, while many struggle to keep up with the ever-changing landscape.

I hear often from partners and customers about their concerns for protecting employee privacy, anonymizing sensitive information, and being able to extract the signal threat alerts from the overwhelming noise of available data. With the CIO’s attention pulled in a thousand different directions, how should she begin to implement an action plan for security in the workplace? In this blog, I propose a few key areas for my fellow CIOs to keep in mind as they work to strengthen their security policies and procedures.

Knowledge is Power

I know two things to be true: security begins with people, and knowledge is power. With that in mind, educating everyone at your business from the C-Suite to the salesforce about security best practices should be your first order of business. Too often, the CIO tries to speak to stakeholders in technical terms, but security is everyone’s business. To reach everyone, you have to speak their language.

Consider making education around security experiential rather than compliance-based. The people within your organization need to understand, at an individual level, why security best practices matter to them, to their business, and to their customers and partners. For example, instead of teaching people what phishing is by way of a training module or slide deck, conduct a phishing experiment. When someone takes the bait, they immediately receive information on how to say safe, creating a much more powerful learning experience.

Always be Thinking of the Business

Be sure to have a strong architecture approach to security. These days, we’ve moved way beyond the era of “protect the end device and the perimeter.” Think through what your security program is going to comprise of in an era of BYOD, shadow IT, and Cloud applications. And while you’re looking at the big picture, consider the business implications of your security architecture (and be sure to communicate them clearly!).

Speaking of the business, never forget that you are part of a broader team, and that your shared mission is to support the business. From that perspective, it’s up to you to shift security operations from the lens of “necessary evil” to “critical business infrastructure.” You would also do well to adjust the tone from “naysayer” to “enabler.” It’s important to develop a business culture that positions security as a force for good within the organization, so that employees are less likely to try to work around security protocols. This means understanding when, and why, members of your organization are circumventing security protocols, and partnering with them to find solutions that enable the business to grow stronger while still protecting critical assets.

And finally, it’s important to consider your external communications and relationships – because these have a significant impact on your business as well. Many recent breaches in the news have been remarkable in part because of the terrible external response. Speed matters, transparency matters, so reach out to customers in a matter of minutes and days not months and weeks. The faster you can react and contain the situation, the better you’ll protect the business.

A good plan today is better than a perfect plan tomorrow

Take a good look at your incident response plan. And if you don’t have one already, make that your first priority. Develop and socialize a documented policy and procedure that is shared across the organization, and make sure that your operating procedure maps to the document. Don’t let perfect be the enemy of good, here. It’s important to start somewhere, and build on your experience.

Unfortunately, no one among us is bulletproof, and security incidents will happen. While painful and costly, remember that these are also golden opportunities to review and make adjustments to your security infrastructure, your internal education, and your external communications.


Author: Meerah Rajave

  • 0

Forcepoint Achieves Highest Overall Security Effectiveness Out of 10 Vendors in 2017 NSS Labs’ NGFW Test

Category : Forcepoint


In NSS Labs’ most recent report on Next Generation Firewall (NGFW) overall security effectiveness, Forcepoint NGFW achieved the highest rating of all 11 products tested.

NSS Labs latest tests prove that Forcepoint NGFW offers the leading combination of enterprise security and low cost.

NSS Labs

Forcepoint NGFW blocked 99.95 percent of exploits in NSS Labs’ 2017 NGFW Test, and Forcepoint is the only vendor to block 100 percent of tested exploits run from the NSS Labs static exploit library. Over a continuous live testing period of 31 days, Forcepoint NGFW blocked 99.89 percent of “drive-by” exploits that target client applications. NSS Labs is the leading independent, third-party assessment that tests network security products under real-world conditions.

“The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test. The Forcepoint NGFW should be on every company’s short list.”
– Thomas Skybakmoen, Distinguished Research Director, NSS Labs

Additionally, as a result of these high enterprise security ratings and demonstrated operational efficiency, Forcepoint NGFW received its fifth consecutive “Recommended” rating since NSS Labs began testing next-generation firewalls.

Download the free report to view the full test results and analysis from NSS Labs.

  • 0

ForcePoint Viewpoint on Recent Data Hacks and Breaches

Category : Forcepoint

Updated Ed. Note:

We continue to see a rash of data breaches that impact organizations ranging from Equifax, the SEC and most recently, Deloitte. It’s clear the challenges of commercial and government cybersecurity continue to converge. Their causes are myriad, but the fact remains: these were all preventable had the affected organizations applied cyber best practices and monitored typical behavior and data access.

This blog originally contained a statement from Dr. Richard Ford, the perspective of our senior vice president and general manager of global government security, Tim Solms, and some comments from the point of view of a financial services organization. We’ve added thoughts on Deloitte from Brandon Swafford, CTO of Data Protection and Insider Threat Security at Forcepoint

Today’s disclosure on the cybersecurity breach at Deloitte, along with the recent Securities and Exchange Commission (SEC) and Equifax news, appears to be a malicious attack, but could also be tied to a compromised insider. News like this underscores the risks posed by partners, suppliers, and other parties within the supply chain, as elucidated by SEC chairman Jay Clayton.

Brandon Swafford, CTO of Data Protection and Insider Threat Security at Forcepoint, had this to say about Deloitte:

Deloitte. The SEC. Equifax. Three weeks. Three major breaches. Three unique challenges. One important lesson learned. The industry must quickly focus on the crossroads between people, process and technology to adequately address these unyielding security threats. Today’s news of Deloitte’s breach, reportedly resulting from a lack of multi-factor authentication that led to access of sensitive data in the cloud, highlights that a focus on any one security risk point is not adequate.

Organizations must start with a focus on their people and how they use and access critical data and systems. The only way to stop these cyber threats is to first understand normal user behavior and normal movement of data in and out of the company.  Behavior analytics that flags risky behavior or unorthodox usage of cloud applications can separate the signal from the noise and help security teams quickly identify potential breaches and stop them before they happen. Companies can then complement this human-centric security approach with internal training, policies and processes to help  employees and partners understand what’s expected of them. A focus on any one of these only puts more risk in the other.

Last week, Forcepoint chief scientist Dr. Richard Ford shared his thoughts on the SEC breach: 

“Companies today aren’t secure. Period. The current security model simply doesn’t work. The new revelations from the Securities and Exchange Commission (SEC) raise deep questions about organizations’ ability to protect highly valuable data, and the ways in which attackers can exploit even small security gaps to gain access to proprietary information. While adversaries ceaselessly search for vulnerabilities, the humans protecting these systems are constantly on the defensive.

In the days ahead, there will be much debate over accountability and potential solutions. Enterprises and government agencies need to take a human-centric approach to security that focuses on the data we are trying to protect and the ways both humans and machines access it. Looking for anomalous behavior and irregular access of the EDGAR data would have helped the security teams respond more effectively. Understanding the intersection of people, data and networks is without question the best path to building effective security and compliance programs. We need no further proof that the existing paradigm has failed.

The idea expressed by Chairman Clayton regarding the importance of resilience and recovery is laudable, and represents important steps for cybersecurity. At the same time, we must redouble our efforts to not just improve security, but to look critically at the role of people and understand how changing the paradigm entirely may have more substantial cybersecurity benefits long-term.”

Forcepoint’s senior vice president and general manager of global government security, Tim Solms, spoke to the unique concerns and risks of government suppliers:

“As the SEC chairman explained in his statement on cybersecurity, securing the global supply chain is essential to protecting critical data. Today it is apparent we must view the supplier or contractor as a type of insider – these are people and organizations with legitimate access to a network be it through software, systems or cloud applications. This is the new battlefield by which cyber attacks play out and we can expect these to grow larger and more malicious as companies trusted to protect our most valuable consumer, financial markets and national security data continue to be targets.

The Department of Defense has taken an important step in securing its global supply chain with the new NIST SP 800-171 requirements suppliers must comply with by December 31, 2017. Standardization of security protocols across industries is the next step both public sector and commercial enterprises should partner on to address the reality of today’s threat environment.”

And finally, we know that our partners and customers in the financial services industry are watching this news very closely, as they seek to protect their own institutions from cybersecurity risks.


Thomas Frank, system administrator of Simplicity Credit Union said:

“It seems simple, but as we’ve seen with the SEC announcement, it’s more important than ever for financial institutions to protect against employee and user risk. Whether compromised maliciously or accidentally, credentials of users are the keys to the data kingdom.  In a highly regulated industry like financial services, we must educate our teams on proper cyber hygiene and consider strategies and technologies that are more intelligent and efficient than the traditional model, which clearly isn’t working, to protect our people and our business.”

Allan Black, President, Internet Content Management (ICM)​ shared:

“Meeting today’s security challenges, especially within the vulnerable supply chain of highly regulated industries is critical. With secure supply chain requirements like NIST SP 800-171 and today’s news related to SEC breach, it’s clear threats to the supply chain are inordinate and escalating. Organizations must ensure their partners and vendors are implementing security systems that focus on the inherent vulnerabilities created by networks and human behavior to combat threats that escalate in scale often due to risks associated with the end user business activities.”

And Brian DiPaolo, Director of Strategic Services, Accudata Systems told us that:

“While unfortunate, the SEC breach is the latest reminder that more effective and efficient security controls are needed. We must shift our cyber strategies and resources, recognizing that people are the most vulnerable point within a business or government entity. Ultimately, organizations have to realize that it’s people looking to exploit people, machines are simply an avenue for access. We must acknowledge that fact, and prioritize direct protection of data, to avoid incidents like this in the future.”


  • 0

GDPR, Why US-based Organizations Must Pay Attention, Now!

Category : Forcepoint

Date: Thursday, September 14, 2017

Time: 11:00 AM – 12:00 PM Central Daylight Time

In May 2018, the EU’s General Data Protection Regulations (GDPR) will impact US-based organizations – that’s a fact. But how? Accudata’s certified GDPR expert Paul Kendall, will be joined by Forcepoint’s Global Information Security & Strategy Officer, Neil Thacker, to discuss:

  1. What is GDPR and what makes a US-based organization subject to compliance
  2. How GDPR will impact your business both operationally and financially
  3. Where organizations can start to ensure compliance is achieved by May 2018
  4. The overall intent of the EU, and what they will require of organizations in the event of a breach after the May deadlines

The following presentation does not represent nor is intended to offer legal advice.

We strongly recommend you discuss achieving compliance with the GDPR via your legal, compliance, data protection & privacy team.