Proofpoint’s Normalyze Deal Tackles Cloud Security Crisis

Proofpoint is set to acquire Normalyze, a major player in data security posture management, with the deal expected to wrap up in November.

The move comes at a crucial time. These days, teams are building cloud apps left and right, and departments are signing up for SaaS tools without going through IT. This has left security teams scrambling to keep track of sensitive data across all these cloud services.

By bringing Normalyze’s AI-powered tech into the fold, Proofpoint is beefing up its security platform. They’ll now be able to help companies spot, categorize, and lock down their data across pretty much any environment – whether it’s in SaaS apps, public clouds, private servers, or a mix of everything. The focus is on tackling security risks that stem from human behavior, which is often the weakest link in data security.

Cloud security at a crossroads

The rise of AI and generative technologies has transformed how organizations innovate, but it’s also made the human factor in data security more critical than ever. With companies rapidly adopting AI platforms, cloud databases (DBaaS), and modern development practices (CI/CD), security teams are facing new and scary challenges in protecting increasingly interconnected data environments.

This technological sprint has created a rather complex web of security risks, particularly as development teams sometimes prioritize speed to market over security protocols. As both human and machine access to data expands, security teams often struggle to maintain proper visibility and control without appropriate governance measures in place.

The stakes are high – recent Enterprise Strategy Group research reveals that over 25% of businesses can’t accurately locate their sensitive data. This lack of visibility, combined with issues like forgotten datasets, misclassified information, and excessive access privileges, has significantly increased the risk of data breaches.

Data Security Posture Management (DSPM) technology has emerged as a crucial solution, helping organizations address security gaps created by human interaction with complex data environments while reducing overall attack surfaces. It enables companies to maintain innovation speed while ensuring their valuable data remains protected.

A strategic response to data sprawl

“Today, data is at risk because of human behavior. Modern applications are rapidly changing, driven by small teams of developers working independently on microservices and various data sources, leading to an explosion of data,” said Mayank Choudhary, executive vice president and general manager, data security & compliance, Proofpoint. “These modern applications are highly interconnected, making it hard for security teams to manage the heterogeneous and ever-growing sprawl of their data. By combining Proofpoint’s leading human-centric security platform with Normalyze’s pioneering DPSM technology, we can provide our customers with comprehensive visibility and control of their data posture so they can further mitigate human risk across their organization.”

Security teams are facing mounting challenges as organizations rapidly develop their own cloud applications while business units independently adopt SaaS solutions, according to Normalyze CTO and cofounder Ravi Ithal. This decentralized approach to technology adoption has created significant blind spots, making it increasingly difficult for security teams to maintain visibility and control over sensitive data across cloud environments.

“As data has become increasingly difficult to secure, the driving force behind our mission and technology has been to help organizations secure the data they care about, wherever it is,” says Ithal. “By joining forces with Proofpoint, we can empower organizations to further improve their data security posture, reducing the risk of data breaches caused by human errors and help them to prioritize data loss threats.”

The Normalyze DSPM platform combines data discovery, access management, and risk assessment capabilities to help organizations manage their data security. The platform’s core features include an AI-powered scanner that identifies sensitive data across environments, while its assessment tools map potential vulnerabilities and quantify potential data loss impacts.

The platform provides automated remediation guidance and compliance monitoring across multiple benchmarks, covering both on-premises and cloud environments. These capabilities are expected to integrate into Proofpoint’s security portfolio following the acquisition’s completion.

Read more about how and why cybersecurity and application and services integration are the top IT priorities and challenges these days.