When I joined Proofpoint a year ago, I was humbled by the opportunity to lead a company at the forefront of cybersecurity. Reflecting on this past year, my journey has underscored an undeniable truth: cybersecurity and artificial intelligence (AI) are now inseparable. They are both fundamental domains where technology empowers humans -- whether for good or bad -- to achieve far more than ever before, driven by rapid advancements. I'm convinced we've only scratched the surface of what is possible as an industry.

Power of AI for Cybersecurity

Machine learning (ML) and AI have been at the core of Proofpoint's DNA for over 20 years. Bad actors have always taken advantage of new tools to scale and amplify their impact, and we have continuously evolved to counter them. We were the defenders - a group of engineers and data scientists leveraging our own state-of-the-art ML to stop them in their tracks. As the landscape shifted, and threats became increasingly complex and elaborate, so did our ML engines -- constantly learning from real-world threats and our research.

When I joined Proofpoint a year ago, I learned that AI-generated phishing emails, created using modern generative AI tools and fueled by its widespread availability, are quickly emerging in the threat landscape. Leveraging AI to defend against AI used by malicious actors became a key focus for us.

I am proud of the outcome our talented, multi-disciplinary team dedicated to AI innovation has achieved. Over the past 12 months, we have advanced the development of our language models to detect nuanced intent to mitigate the social engineering that powers incessant phishing attacks, email fraud, malware infiltration, cloud account takeovers, and data exfiltration. By introducing new language models into our detection ensemble, we are detecting more sophisticated threats, increasing our leading detection rate by a further 10%.

Additionally, we acquired and integrated technologies that can analyze communication patterns, relationships, and content to prevent people from inadvertently sending critical information to the wrong recipients -- a problem we can all relate to yet causes more compliance violations and loss of intellectual property than any other type of cyber incident.

All of these models and advanced AI technologies are part of Proofpoint Nexus, the intelligence powering our human-centric security platform. Nexus protects against socially engineered threats targeting people and prevents accidental or malicious data exfiltration.

I feel good about the progress we have made in 2024; but our journey is far from complete. Our AI team has the space needed to experiment and test. They are driving innovation while upholding robust data governance principles and practices that strengthen Proofpoint's foundation.

Democratizing AI Across Enterprises of the World

AI can be a game-changer for businesses, but its widespread adoption faces challenges: cost, complexity, and data security. The industry is evolving rapidly to make it easier to build new AI applications with a plethora of models that are more affordable to operate. In addition, organizations worry about where their data is stored, how that data is protected, and the kinds of risks they are exposed to. Within the cybersecurity industry, I believe we have the responsibility to ensure organizations can embrace AI with confidence, knowing that their data will remain secure.

This is a major area of focus for Proofpoint, as we see it as a core component of human-centric security. Within enterprises, humans often unintentionally expose overprivileged data. The new era of generative AI applications further exacerbates this issue, turning it into a critical challenge.

To address this, we invested in and acquired Normalyze, a leader in the data security space. With their award-winning Data Security Posture Management technology, we aim to empower organizations to maintain control over the data their users put into AI tools, whether those are LLMs, copilots, or agents. Our platform provides security teams with the ability to find, classify, and protect the data they value most, regardless of location -- be it in the cloud or a data center -- and who (or what) has access to it.

With these controls, we believe our customers can confidently pursue their AI efforts in a democratized fashion, allowing organizations to enable their applications while ensuring all data remains protected from unauthorized access.

AI Brings Our Human-Centric Security Platform Together

Our focus remains on offering a comprehensive human-centric security platform designed to mitigate human-centric risks. We are using AI to help organizations protect their people and guide users toward making informed security decisions. In the past, this has been challenging, as disparate security tools often protected users and data across various environments, including email clients, web browsers, cloud applications, and data stores.

With our human-centric platform approach, our strategy is to deliver a unified set of control points -- spanning email, web, cloud, and data store -- along with a comprehensive set of advanced AI models for threats, data classification, insider risk, and user behavior. We believe that the power of these new models, combined with a unified set of controls, enables us to address human-centric cybersecurity problems more effectively, efficiently, and comprehensively than our prior models.

Leading a cybersecurity company this past year has been an exciting journey of continuous learning and innovating. We are living in the age of AI, which demands that we remain nimble and adaptable to stay ahead of emerging threats. Our mission is simple: provide our customers with a sense of calm, or Zen, amid the ever-changing cyber risk landscape.

I remain optimistic and energized by the opportunities that lie before us with the intersection of AI and human-centric security.