Key Findings – Proofpoint: Data Security Posture Management

As data security becomes ever more complicated, driven by SaaS growth, expanding attack surfaces and the rapid adoption of AI, businesses are having to rethink how they manage and protect sensitive information. Proofpoint’s Data Security Posture Management report details exactly what security leaders are up against. From trends and examples of the challenges security teams are dealing with right now to the strategies needed to keep data secure across modern environments, the resource shines a spotlight on where organisations are struggling most and what needs to change.

‍

What is Data Security Posture Management (DSPM)

Data Security Posture Management (DSPM) is a security approach that works to address the root cause of many breaches, blind spots in data environments while reducing human-centric risk. It does this by identifying where sensitive and valuable data actually resides, and who has access to it, so security teams can close gaps, protect critical information and reduce the potential attack surface.

DSPM has become essential as businesses operate with interconnected systems, AI platforms and sprawling data distributed across SaaS, cloud, on-prem and hybrid environments. While these tools accelerate productivity and innovation, the pace of change has made it extremely difficult for security teams to maintain visibility into sensitive data. What’s more, overburdened teams often skip critical steps and prioritise speed over security. The risks are compounded when organisations don’t know which insiders have access to what data, with unauthorised data repositories, over-privileged accounts and system misconfigurations further increasing vulnerability.

DSPM’s power lies in its ability to discover and classify data stores, prioritise what matters most, and identify excessive or risky access across users, systems and applications, including SaaS, multi-cloud environments, LLMs and AI-powered agents. DSPM enables a data-first security posture, giving organisations clear and full visibility into where data lives, how and by whom it is accessed, the level of exposure, and where remediation should be prioritised based on data type and risk likelihood.

‍

Critical Insights

Proofpoint’s report highlights the same story we hear again and again: cyberattacks and data breaches are rising sharply, and so is the scale of impact. AI is accelerating both the volume and the sophistication of attacks, expanding the attack surface beyond anything security teams have ever had to manage. The cost and risk to organisations are clear:

• The projected global cost of cyberattacks will reach $10.5 trillion by the end of 2024
• 83% of organisations have experienced at least one breach related to access issues
• The average cost of a data breach is now $4.35 million, with public cloud breaches costing more.

Today’s businesses are operating in an increasingly challenging environment, with sensitive data distributed across SaaS platforms, cloud services, hybrid environments and AI systems. Data is everywhere, permissions are often excessive, and access is rarely monitored closely enough. Add the unique risks introduced by AI-driven environments and complex data pipelines, and it’s clear why traditional perimeter security can’t keep up.

This is where DSPM comes in. Instead of reacting after data has already been exposed, DSPM uses AI to the organisation’s advantage. Its AI-powered, agentless scanning accurately identifies and classifies valuable and sensitive data across diverse environments at speed and scale. It can map attack paths that could lead to data loss and visualise how people and systems access data, providing actionable insights and guided remediation. And it does all of this in a cost-efficient way that enhances and strengthens existing security tools, rather than replacing them.

‍

Countering Data Risks for Organisations

Proofpoint’s report makes it clear that DSPM is a vital tool in helping organisations counter the data risks that come with distributed data, rapid AI adoption and increasingly complex cloud and SaaS ecosystems. Rather than reacting after damage has been done, DSPM gives security teams the visibility, control and intelligence they need to stay ahead of threats. It enables risk reduction across four key areas:

1. Visibility: DSPM works continuously to discover new data stores, scanning all entities in a single pass, which makes it incredibly efficient at keeping pace with constantly changing environments. The agentless scanner uses a hybrid approach, combining regular expressions, natural language processing and large language models, to optimise performance and minimise resource usage, accurately classifying valuable and sensitive data at scale across diverse environments.
2. Risk Prioritisation: DSPM can identify and eliminate unnecessary data stores, including shadow, duplicate or abandoned data, reducing cost and shrinking the attack surface. It then estimates the potential cost of breach for each remaining store and combines that with insights around access and exposure to produce a clear risk matrix so security teams can focus their efforts and resources.
3. Governance & Access Control: DSPM supports least privilege access by identifying over-permissioned users and unused access across diverse data stores, forming a strong foundation for a Zero Trust model. It analyses IAM roles, permissions, database grants and other access controls in near real-time. Security teams can rapidly remove unnecessary access and shrink the attack surface, while also flagging under-protected identities such as accounts without MFA.
4. Future Proofing: DSPM helps organisations prepare for tomorrow’s threats by continuously tracking how environments change and spotting new exposure points before they turn into incidents. By mapping potential attack paths across cloud, SaaS and PaaS, and flagging misconfigurations or risky access patterns in real time, DSPM gives security teams the chance to act early rather than react after damage is done.

DSPM gives organisations a clean starting point: get full visibility, prioritise what matters most, fix risky access and automate ongoing compliance. With that foundation in place, security teams have a clear plan of action and the confidence to move fast without losing control. It becomes far easier to focus resources where they’ll have the biggest impact, eliminate unnecessary risk and build a security posture that can keep pace with rapid change.

‍

Defending Businesses Against Malicious GPTs

As organisations embrace AI and increasingly rely on interconnected, cloud-based systems, the risks surrounding data are accelerating just as fast as the opportunities. DSPM provides the foundation needed to stay ahead, delivering the ability to understand where sensitive data lives, prioritise real risks, control access, and adapt as threats evolve.

Attackers are already experimenting with malicious GPTs and automated AI-powered attacks, and waiting until something goes wrong is no longer an option. A proactive, data-first security posture is the only way forward.

To find out how to strengthen your organisation’s data security posture, contact the experts at Infotrust.

Meanwhile, if you would like to read the full Proofpoint report, you can download it here.