April 15, 2019

Helping CISOs shift their approach to a risk-based model

Sarah Vela

At RSA we announced the formation of X-Labs division, the world’s first dedicated research division combining cybersecurity expertise with behavioral science research. Part of the work of the X-Labs team will be to leverage the Adaptive Trust Profile (ATP), also announced last month.

While at RSA I had a chance to interview CTO Nico Fischbach on the significance of the ATP and why it matters to CISOs. Those videos and transcripts are below.


The Adaptive Trust Profile is the most recent investment we are making in Next-Gen analytics. It actually is a collection of attributes, behavior models, and inferences. Attributes is about tracking entities like people or accounts. Behavior models is about trying to track down what is known good or known bad, and everything in between. And inferences is trying, without knowing what’s going on, to infer, for example, that this meeting has been running long and you’re hungry. And how do we use that in our products to help drive risk scoring.


The big differentiator with ATP is that for a long time the industry has been looking at threat intelligence. What we are doing is looking at behavior intelligence. So, the human centric side of security. We’re using counter intelligence, human behavior research and psychologists to help us frame that environment and derive behavior intelligence. That is the big difference.


I’ve had a chance lately to spend a lot of time in the field meeting with CISOs. Clearly they are shifting their approach, especially due to digital transformation, to a risk-based model. They still have to look at compliance, regulations, and infrastructure security. But what they want is actually an approach that helps them think about risk and in terms of risk. And that fits very well with our risk-based approach in our products, and all those things that we have been discussing like the Adaptive Trust Profile and the  Forcepoint Converged Security platform, which enables them to look at all of those things from an IT point of view -- but also from an OT point of view for those of them operating in that field.

Sarah Vela

Sarah Vela is senior manager of digital communications for Forcepoint. 

Read more articles by Sarah Vela

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.