The company stores a variety of valuable data: internal patents, intellectual property (IP), merger and acquisition data, machine schematics, and geological data like potential drill sites. Many of those with access to this sensitive data are temporary contractors, employed for only a brief period of time. Understanding the higher risk that accompanies shorter-term employees, company leaders brought in third-party analysts to do an assessment of insider threat risk. Analysts found that data was indeed leaving the company, and that nearly half of the data loss incidents were directly related to the actions of negligent or malicious insiders. Upon hearing the results, company leaders authorized the creation of an internal insider threat task force.

UCI, a financial institution that provides mortgages to homebuyers in four European countries, faced the challenge of safeguarding sensitive personal and financial data of its customers. With the advent of new GDPR regulations, the need to protect this data became even more critical. The institution needed to ensure safe and efficient connectivity across devices and locations. The challenge was to deploy a solution that could minimize security risks, reduce manual solution management, and integrate into UCI’s existing SIEM systems to help detect company policy infractions.

Southern Communications, a provider of mission-critical infrastructure as a service (IaaS) for medium to large scale enterprises, was facing a challenge with their signature product, Smart-Connect. As broadband lines improved, leased lines became more affordable, and new technologies became available, the customer desired an alternative solution that could support larger enterprise customers. Managed services are a commoditized market, and Southern Communications needed a way to differentiate their offering from its competitors. The new solution needed to support a wide range of connectivity options, allow for redundancy at each site, have the ability to assign priority to business-critical application traffic, provide visualization tools and reports, offer next-generation security, and have centralized management.

Rösler, a leading player in the mechanical surface finishing sector, was facing challenges with its IT security. The company had been using several firewall systems in its branches, all of which had to be separately managed and maintained. This made determining the IT security status of the entire network either rarely possible or extremely time-consuming. Tasks like updates or the securing of individual firewalls were also very time-consuming. Most firewalls in the individual branches could not be regularly monitored due to time constraints. This meant that settings and administrative activities were not being monitored on an ongoing basis, daily compliance checks were not being carried out, and configuration errors and potential security risks were not immediately being noticed. It was therefore imperative for the IT department to improve network transparency and to guarantee the simplest possible management process.

St. Benedict Preparatory School faced a challenge in maintaining a safe and productive educational environment. The school needed to prevent students from accessing inappropriate or distracting web content through classroom technology. However, stringent policies could hinder faculty and staff from performing their duties effectively. The existing firewall/router combo solution was unable to filter web addresses on a per-user basis, which was necessary for the school's unique needs. Additionally, the school needed a solution that could protect students and staff even when they were off-premises.

The power distributor provides energy to five power companies across an Indian state with a population of more than 25 million people. Managing the state’s power also means securing the personal and financial data of individuals and business customers. The company manages customer bill pay, consumer feedback, and more—which means that it acquires a sizeable amount of data, from customer names and contact information to invoicing details and power usage trends. In the wrong hands, this data can potentially be used to commit fraud or theft. While the company’s data stores increase, India’s attitude toward data protection is evolving. In August 2017, the country’s Supreme Court ruled privacy was a fundamental human right, spurring work on a nationwide personal data protection bill. While that bill has not yet been enacted, businesses see increased regulation of private data on the horizon and know they will likely need strong regulatory compliance processes very soon. The power company first engaged Forcepoint after reaching an impasse with a web security solution that wasn’t effective or flexible enough to meet its needs. The incumbent web security solution would bypass the URL filter, allowing users to access unauthorized sites. Separate URL filtering and web proxy point products caused a second challenge: the products were meant to work together but dependencies between them meant upgrades to one product would cause the other product to stop working—leading to support and management issues. In addition to these functionality and integration issues, the security product’s category database was less than comprehensive, with multiple categories missing. And a complex update process made it difficult to revise.

The global telecommunications enterprise was in a race against time and competitors to secure a significant market share in the 5G technology. The company was under constant pressure to innovate, share information, and move quickly. However, the company was fined for a breach of customer data that its existing DLP product neither prevented nor detected. The security team was under pressure to secure data and intellectual property without slowing down the business operations. The high level of competition in the industry meant that the enterprise leaned towards freeing the business with fewer data controls over completely shutting down data loss, even if that meant taking some risks.

Microland, a medium-sized enterprise in the computer services industry, was facing challenges in controlling and managing data that were subject to regulation. The company needed a solution that could effectively discover, control, and limit the usage of regulated data or sensitive intellectual property (IP), even when the data wasn't on the network. The solution also needed to provide visibility into data movement within the business and help prevent potential data breaches.

In the highly regulated world of investment banking, new communication channels like Skype and WhatsApp, and web forums like Investopedia, are raising the risk of widespread abuse, whether through insider trading, fraud, or leaks of sensitive company information. This bank’s operations and compliance leadership knew they needed a better way to stay close to trader conversations and safeguard the trading floor. The bank’s monitoring technology was obsolete and required a high level of manual intervention to identify and investigate potential compliance issues. With essentially just an email archiving system, investigators had to build lists of words indicative of insider trading activity and conduct manual searches within the archives to build cases.

The enterprise energy provider, serving tens of millions of customers, faced multiple external and internal vulnerabilities to both the power grid and their multi-pronged operations. The cyber threats faced by all companies—like data loss and fraud—come with the added complexity of protecting critical infrastructure. Breaches, downtime, and fraud can cause massive problems for both the enterprise and its customers, from loss of revenue and reputation to endangering human safety. Safeguarding sensitive customer information is always paramount; in this case, that includes a number of high-profile individuals whose home addresses or social security numbers make a tempting target for data thieves looking for a quick payday. Then, of course, there are the millions of dollars flowing through the company, including funds from the resale of renewable energy that could be fraudulently rerouted through altered direct deposit information. Finally, the company’s substations, not always managed by a human operator, run the risk of being taken over by an outside entity without the company knowing.

The Instituto FederaI de Educacao, Ciencia e Tecnologia of Sao Paulo (IFSP) faced a major challenge in ensuring the protection of its IT network and communication resources. This required maintaining the integrity, confidentiality, and availability of information regardless of where it is located and, above all, ensuring compliance with applicable government regulations. After suffering a number of injection-type attacks and system interruptions due to hardware and other bugs, the IT team decided to look at several NGFW (Next-Generation Firewall) options available in the market. IFSP also found that its former security solutions were a contributing factor in employees leaving the organization. Furthermore, it was important to implement a solution with the best TCO (total cost of ownership) as IFSP had a limited budget and wanted technology that would not require additional licensing and whose functionalities would not stop at the end of the license.

Davies Turner, a leading multimodal freight forwarding group in the UK, faced several challenges with its existing security solution. The nature of their business required employees to regularly use the web for work-related tasks, which posed a risk to the network. The company had different user requirements across several offices, necessitating a customizable solution. The HR team also needed increased insight and reporting on time spent online. The existing solution was not user-friendly and could not provide the depth of information needed as the company grew.

The Center for Army Analysis (CAA) was working with an infrastructure in which access to all Command, Control, Communications, Computers and Information Management (C4I) networks required each user to have four separate workstations and a Black Box KVM switch at their workspace. This resulted in duplication of hardware and massive power consumption. Another problem that CAA faced was a severe time degradation in moving classified information across multiple networks. This prevented the execution of critical Global War on Terror and warfighting analyses.

The international banking group was facing challenges in meeting SEC compliance regulations due to the increasing use of personal messaging channels and web forums by traders. The bank's existing monitoring technology was outdated and required a high level of manual intervention to identify and investigate potential compliance issues. The system was not covering the full spectrum of modern communication channels and offered no systematic ways to flag potential indicators of fraudulent behavior. These time-consuming investigations, a vast majority of them false positives, were costing the bank millions of dollars.

Copa Airlines was facing a challenge in providing better protection for its roaming users and distributed offices. The company was in need of a solution that could offer a full-featured policy set. Prior to choosing Forcepoint Secure Web Gateway, Copa Airlines evaluated other vendors including Zscaler and McAfee. The company was looking for a solution that offered efficacy, deployment flexibility, and ease of management.

FERCAM, a logistics company, was experiencing growth that necessitated the modernization of its technology resources. Internet access had become a crucial part of daily operations, and the company needed a more effective monitoring solution. The previous solution was plagued with issues such as weak performance, ineffective blacklist updating, and inadequate web traffic monitoring and analysis for 800 users. These inefficiencies led to a high number of IT tickets related to service issues or false positives.

Healthcare professionals at AZ Sint-Lucas Hospital required unfiltered access to websites to provide patients with the best possible outcome. This resulted in a substantial amount of unprotected data being sent and received via smartphones, tablets, or other devices. A study of user behavior discovered that staff visited more non-work-related websites than job-related sites, posing a serious risk for data loss or theft. The increasing number of spam complaints also required too much time from the IT team to handle.

Sauer Corporate Services, LLC faced several challenges that led them to evaluate and ultimately select Forcepoint Secure Web Gateway. These challenges included the difficult and costly maintenance of appliances and the need for better protection for roaming users and/or distributed offices. They chose Forcepoint’s hybrid deployment option for Secure Web Gateway because of its dedicated filtering in the cloud, the full-featured policy set, and the need to prevent loss of DLP functionality in a cloud deployment. Before choosing Forcepoint Secure Web Gateway, they evaluated or previously used vendors including Cisco, Symantec, and McAfee.

Adventist Health, a not-for-profit health care organization, was facing a major challenge in safely embracing new technology without putting the hospital chain’s patient database at risk. The healthcare sector faces some very specific regulatory and legal requirements, as well as medical technology obstacles to maintaining its data integrity. The more powerful and sophisticated digital technology becomes, the easier it is to use and save lives. Unfortunately, technological advances also make it easier for cybercriminals to access and exploit critical data. This mixed blessing of technological advancement and more sophisticated cybercrime is the new reality going forward. The growth curve of the cyber threat landscape is both steep and evolutionary; thus the growth curve of cyber defense solutions that effectively address those threats must be so as well. Adventist Health faces threats as they adopt new technology safely and effectively.

The airline was undergoing a digital transformation, moving data and processes to the cloud. This widened the attack surface and created more entry points for malware. The distributed and mobile teams needed safe, efficient access to cloud data and processes. The open web browsing policy necessary for staff to do their jobs left more room for user error. The airline needed a security solution to safeguard off-network activity while keeping business moving at cruising speed.

The telecommunications company, a leading internet and mobile services provider in Switzerland, is an integral part of the country’s connectivity, owning most of the country’s business-critical broadband network market and more than half of its mobile networks. As broadband and mobile connectivity edge closer to commodity status throughout the world, the company has leveraged its technological prowess to take its place in the fast-growing managed IT services business, notably in security. As companies move to cloud-based and hybrid infrastructures, digitization and new technologies are creating new avenues for cyberattack. However, a current IT talent shortage is making staff security experts hard to find. This explains why, according to an ICT Security Study 2018 by MSM Research Ltd, fully half of IT security spending in Switzerland flows into the managed services sector. Of surveyed companies, 64% want to expand their collaboration with external service providers further. The company needed airtight security with protection against malware and evasions with zero downtime to keep Switzerland’s economy—as well as the world’s—operating without a hitch. A security failure could lead to a network outage, hindering thousands of financial transactions for customer banks and costing hundreds of thousands of dollars. Worse, a security breach could disrupt or even crash worldwide financial markets.

The enterprise energy provider, serving tens of millions of customers, faced multiple external and internal vulnerabilities to both the power grid and their multi-pronged operations. The cyber threats faced by all companies—like data loss and fraud—come with the added complexity of protecting critical infrastructure. Millions of people, companies, and government organizations depend on it, and failure is not an option. Breaches, downtime, and fraud can cause massive problems for both the enterprise and its customers, from loss of revenue and reputation to endangering human safety. Safeguarding sensitive customer information is always paramount; in this case, that includes a number of high-profile individuals whose home addresses or social security numbers make a tempting target for data thieves looking for a quick payday. Then, of course, there are the millions of dollars flowing through the company, including funds from the resale of renewable energy that could be fraudulently rerouted through altered direct deposit information. Finally, the company’s substations, not always managed by a human operator, run the risk of being taken over by an outside entity without the company knowing.

The company, a leading supplier of cables and wires across several sectors, including automotive, industry, and elevators, was facing the challenge of protecting its valuable IP and that of its high-profile clients across its corporate and international locations. The company needed visibility to risky activity, indicating corporate espionage. With collaboration on a global scale, this sensitive, proprietary data is frequently on the move. Realizing data in motion can be difficult to see and control, the company needed a better way to secure it. And as the company expanded into countries with a known high risk of IP theft and corporate espionage, it wanted to ensure proprietary data was locked down. The breach of just one client’s IP could mean the loss of every clients’ trust—hurting the company’s reputation and its bottom line.

Marcegaglia, a leading steel processing company, relies heavily on the integrity of its technology and data to support its production activities and global strategies. The company employs about 2,000 licensed users with personal accounts and email addresses. In 2008, Renzo Rossi, CTO of Marcegaglia, began looking for a more efficient and secure means for thousands of users to access web content safely. Rossi recognized the need for a more efficient navigation process, company-wide, while protecting employees and data in real-time implementing and improving internal technology hand in hand with the development of the risks of the network.

Comdata Group, a global leader in customer interaction and process management services, faced a significant challenge in protecting sensitive and critical data as it expanded abroad through acquisitions. The company recognized the importance of focusing on the most valuable layer of their information, related to strategic plans, economics, or synthesis of production trends. They needed to overcome their pre-existing open source solutions, which were burdensome in terms of maintenance and dedicated resources, and make room for technologies that could provide greater automation and continuous evolution. The solutions needed to respond promptly to evolving threats and, with a cloud component, also provide protection on the mobility front.

Tekno Group, a company specializing in manufacturing pre-painted metallic products, was facing a challenge with their previous security solution. The solution had become cost-prohibitive and was not keeping up with advancing technologies. The company needed a security strategy that could protect their intellectual property and client data, increase prevention of threats via email and web, and was cost-effective while still maintaining the highest quality.

Validium, an Employee Assistance Programme (EAP) provider and psychological wellbeing consultancy, was facing a significant challenge with its existing security solution. The solution was high maintenance and was not effectively detecting threats entering Validium’s corporate network. The situation was further exacerbated when Validium became the target of highly-advanced attacks. The company experienced firsthand the severe effects of two crypto-ransomware attacks on its network within a few weeks of each other. The false positives in quarantined emails and malicious activity required tedious, daily management from Validium’s entire Business Projects Department. This wasted valuable time and resources for the business, so the cost of the solution was significantly more in terms of the ongoing management requirement.

Validium, an employee assistance and wellbeing consultancy, was facing a significant challenge with its on-premises web and email security solution. The system was ineffective, allowing sophisticated attacks to slip through. Malicious code embedded in attachments or URLs led to the organization falling victim to two crypto-ransomware attacks within a few weeks. The system also required frequent manual updates, which were time-consuming and did not necessarily improve functionality.

The Open Source Center (OSC) is the US Government’s premier provider of foreign, open-source intelligence. OSC collects data from a wide range of sources, formats, content, media, and languages resulting in large volumes of data distributed across multiple repositories. One of OSC’s challenges is to derive value from this corpus, providing accurate insights while remaining flexible to incorporating new sources and integrating different technological capabilities. OSC analysts needed technology to help discover content, accomplish data harmonization (integration), identify relationships and connections in the data, use visualization and exploratory analytics to better understand the content, and capture/ enable the sharing of analytic discoveries (retain knowledge). OSC must be able to quickly respond to constituent requests from other agencies or Congress, special projects, and general inquiries and therefore required a system that was adaptive, flexible, and agile with respect to the changing landscape of data, requests,and knowledge.

MagnaChip Semiconductor Corporation, a leading semiconductor company, faced the challenge of preventing the leakage of high-level internal information due to the competitive nature of the semiconductor industry. The company needed a system that could monitor internal users for signs of behavioral anomalies, identify the causes, and prevent data loss. The system needed to not only inspect unsafe actions but also monitor the entire situation, predict potential data loss incidents, and analyze causes. Additionally, the system needed to be compatible with various existing PC security software and should not interfere with the daily business of each user.