Running an Effective Security

Awareness Program
TOP 3 CYBERSECURITY RISKS: ALL PEOPLE-CENTRIC

Ransomware Arrival Protocol

Vast majority of ransomware

attacks start with email
— research
Email Everything
Else

BEC losses exceed all other

cybersecurity losses combined BEC
All
Others

— data for 791,790 incidents

Web
99% of data loss incidents are

85%
human-driven Cloud
Email
— proofpoint data across 3,000 organizations USB

INVOLVED A HUMAN
ELEMENT
 PEOPLE-CENTRIC SECURITY PLATFORM
ARCHITECTURE
Deliver applications to protect and respond to risks
Email TRAP Security Cloud Email Insider
Data Loss Web
Threat Response Awareness Account Fraud Threat
Prevention Security
APPLICATIONS Protection Engine Training Defense Defense Management

NEXUS PEOPLE RISK EXPLORER

Threat Detection Ensemble

Supplier Emerging Unified Data
TAP Static / ML: Cred Access Risk Threats User Classification
ML: Supernova 3PA Intel Intel Activity (ML + Static)
SHARED SERVICES Sandbox Phish Risk

NEXUS THREAT GRAPH

Apply theCloud
Inbound/Outbound mostAPI effective
Hybrid analysis
Lightweight techniques
Browser Cloud Ecosystem
CORE ARCHITECTURE Email Connectors Connectors Connectors
Endpoint
Isolation Proxy integrations
Agent

Connect to where threats and data loss can be detected and mitigated
Security and Compliance Solutions

4
Email Security & Compliance

Email Protection Email Targeted Attack Protection

Continuity
Dynamic Anti-Spam Impostor/ Attachment SaaS
URL Defense URL Isolation Dashboard
Inbound Reputation Anti-Virus DMARC Defense Defense

DDOS Spam / Virus BEC / BEC / URL File-based EAC detection Phishing People-centric
Phish / Bulk Content Insp Content Insp scanning threats protection threat intel

Cloud Account Email Fraud Defense Security Archiving Internal Mail Threat Email Server
Defense Awareness Defense Response
Email Auth Domain Brand Training Auto Pull
(DMARC) Discover Defense
Email Account
Compromise (EAC) Domain Lookalike Display Name Phishing Sim. & PreserveInternal
and discover
Mail Sandbox and monitor Automatic message
detection and response Spoofing Domains Spoofing Abuse/attack Inbox mgmt. communications
sandboxing and mon. internal email retrieval

Information Protection
Internal
Email
Email DLP Secure Share
Encryption

Confidentiality Exfiltration & Confidentiality

Compliance
Outbound Premium Services

Proofpoint, Inc. - Confidential and Proprietary 5

Security Awareness
Training

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 6
Advancing Security Awareness: Where are you?

Compliance
Awareness

Behavior

Culture

Non-existent

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 7
Challenge: Lacking Visibility into Vulnerable
Users and Knowledge Gaps

53%
Know what phishing is
99%
Have a SAT Program

41%
Conduct phishing
simulation tests
© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary Source: State of the Phish Report, Proofpoint, 2022
8
Challenge: Limited Time to Train.
Hard to Keep Users Engaged

75% of
organizations have
2 hours or less to
make an impact

Data from Proofpoint 2022 State of the Phish Report

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 9
Challenge: Don’t Know if the Program is Performing

Fewer clicks on More people reporting Higher reported email Benchmark against
malicious links suspicious email accuracy rate your industry peers

• Only 41% track click rate of phishing test

• Less than 41% track reporting rate

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 10
How Proofpoint Security
Awareness Can Help

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary
 ACE Framework

Change
Assess Behavior Evaluate

Automation Behavioral
Reinforcement
Threats & Knowledge, skills & Measure Adjust
Risks culture Adaptive Learning Change Incentives &
Consequences

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 12
Why Proofpoint Security Awareness?

Threat-Driven Content Tailored Education

Realistic phishing simulations and Adaptive learning to drive
threat-driven education & alerts sustained behavior change
Expand and
Scale

Threat Detection Better Visibility

Quickly identify malicious user- CISO Dashboard to level-up
reported messages your program’s visibility

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 13
Security Insights are in our DNA

#1 deployed solution of the F100, F1000, G2000

7,100+ Enterprise Customers 110,000+ SMB Customers 120+ world’s largest ISPs
16M+ cloud Global threat research and 400M+ domains
2B+ daily emails 6K+ IDS sensors
accounts data science teams monitored

46k+ apps in Deployed at key

26B+ URLs 12 detection engines (static,
catalog ML, behavior, etc.) internet backbones
86k+ social
400K+ daily unique media accounts
120M+ 2K+ cloud Tracking 100+
attachments tenants threat actors malware samples

Real-life phishing Threat-driven education Proofpoint threat intel and

Simulations based on the latest attacks detection stack

Insight into real email & Threat alerts to Insight into real impact of
people vulnerability communicate to users user behavior change

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 14
ACE Framework

• What users KNOW

Change
Assess • What users DO
Behavior Evaluate
• What users BELIEVE

Automation Behavioral
Reinforcement
Measure Adjust
Adaptive Learning Change Incentives &
Consequences

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 15
Assess: What Users KNOW
Knowledge Assessments:
“I like the combination of training, knowledge assessments
and mock phishing attacks. This enables training based on Accurately identify user knowledge gaps
need and training that focuses on weaknesses.” with assessments based on threat intel

Administer assessments that align

directly to specific adaptive learning
framework domains and different levels of
difficulty

Designed to be concise and precise;

easy for users to fit into schedule

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 16
Assess: What Users DO

Phishing Simulations:
 Determine how users will react when
faced with phishing emails, in a safe
environment

Real-life, customizable templates seen

by Proofpoint threat intel

Randomly-schedule and include

multiple templates per campaign

Optionally auto-enroll users who fail “The templates used are incredible. They look like
into training module(s) of your choice real phishing we have seen, and statistics are
provided for the average compromise rate.”
© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 17
Assess: Uncover Top Clickers and
Most Attacked Users in the Real World

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 18
Assess: What Users BELIEVE

Culture Assessments:
Learn how your users feel and what they
believe about your security program

Increase motivation to complete through

short, anonymous questionnaire

Identify what the areas of weakness are to

determine what to change

Impact user motivation and behavior change

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 19
 Integrated with Proofpoint
Assess: Identify Risky Users and Quantify Threat Protection Platform

Human Risk
Nexus People Risk Explorer
(NPRE)

 Uncover risky users and departments

by evaluating their vulnerability, attack
index, and privilege

 Prioritize security efforts and focus on

real risk of the organization

 Provide recommended security

controls that reduce risk score
accordingly

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 20
 ACE Framework

Change
Assess Behavior Evaluate

Threats & Knowledge, skills & Measure Adjust

Risks culture
• Tailored education Change Incentives &
Consequences
• Reinforce positive behavior

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 21
Tailored Education to Drive Motivation

Adaptive Learning Framework

 Provide learners with education at the right
level of difficulty (Beginner – Advanced) and
across key security domains
 Engage users with relevant training that
motivates them to put learning into practice

Microlearning
People
 Each module lasts < 3 minutes
 Overcome limited time to train- training across
key domains can be completed within an hour
 Focused on specific topics and outcomes

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 22
 Integrated with Proofpoint
Threat-Guided Education Threat Protection Platform

Very Attacked People and Top

Clickers from TAP
Automatically enabled for assessments or
education
 See specific threat types for laser-
focused education tracks

“I felt we had a fairly mature program but this has

really launched us into the next level.

We’ve been able to immediately show the value.”

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 23
Interactive and Engaging Content

 Make training relevant to users with timely

threat-driven content
 Variety and assortment of content, from
corporate to edgy, choose-your-own-
adventure, and more
 Engage global audience with subtitle and
voiceover in their own language
 Educate users with specific curriculum
learning paths (NIST and ISO frameworks)

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 24
Reinforce Positive Security Habits

“In the Moment” & Real-world

Education
 Our Teachable Moment provides “just-in-time”
education when users fall for a phishing simulation

 Alert users with live action modules that highlight

the latest threats and attack tactics

Integrated with Proofpoint Threat Protection Platform

Email Warning Tags

 Improve user reporting rates and accuracy by
providing contextual nudges
 Reinforce positive reporting behavior by making it
easier for users to report

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 25
 ACE Framework

Change
Assess Behavior Evaluate

Automation Behavioral
Reinforcement • CISO Dashboard
Threats & Knowledge, skills &
Risks culture Adaptive Learning
• Real-Time Reports

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 26
 CISO Dashboard: C-Level Visibility, Admin Actionability
 Communicate security
awareness results to get
buy-in

 Benchmark and act on

areas needing
improvement

 Get visibility into

vulnerability and
participation in your
security programs

Integrated VAP data from TAP

27

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary
Real-time Reporting for Administrators

 Quickly see progress and

provide updates

 Dig deeper into

assignments, behavior

 Ensure completion of
assessments and training

 Take action directly from

the report

© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 28
© 2022 Proofpoint. All rights reserved | Proofpoint, Inc. - Confidential and Proprietary 29