Forcepoint has announced the expansion of its Self-Aware Data Security platform to protect enterprise databases and structured data sources. With this launch, Forcepoint is the first to extend AI Mesh Data Classification technology across both structured and unstructured data throughout the hybrid enterprise, delivering unified Data Security Posture Management (DSPM) and adaptive data loss prevention in a single platform.
As enterprises accelerate SaaS, cloud and AI adoption, structured data remains a critical blind spot. Databases and data lakes house customer records, financial assets and intellectual property but have lacked consistent visibility and policy enforcement alongside files, emails and SaaS apps. By extending AI Mesh Data Classification to structured sources, Forcepoint enables organizations to discover, classify and remediate risks in real time with a single-policy framework.
With Forcepoint DSPM, enterprises and government agencies can discover and classify regulated and proprietary information across databases, data lakes and files, track its movement and apply safeguards in real time, without manual queries or fragmented tools. This automation is enabled by Forcepoint’s AI-native approach to Self-Aware Data Security, which unifies visibility and enforcement in a continuous loop, making security responsive and adaptive, not static.
A Self-Aware Approach to Data Security
Self-Aware Data Security is Forcepoint’s AI-native strategy that turns risk visibility into protection. Rather than separating discovery from enforcement, it creates a continuous, adaptive loop, analyzing context, posture and intent, while discovering sensitive data, classifying it, prioritizing risks, remediating exposures, and protecting information across all environments, everywhere people work today. The result is security that knows, adapts and protects automatically as data moves — for example, coaching users in real-time, adjusting access or blocking attempts to share sensitive data externally.
Powered by AI Mesh, Forcepoint delivers precise, explainable and customizable data discovery and classification, while a single-policy framework applies consistent prioritization, remediation and protection. In this self-aware architecture, data is governed consistently at rest, in use, and in motion, closing gaps legacy tools leave behind.
With the Forcepoint DSPM expansion, organizations can simplify security, reduce risk and cost, and accelerate AI and cloud initiatives with confidence. Leaders gain insight into where data resides, how it’s accessed and what risks it carries, all in a single, unified system. Compliance teams benefit from nearly 2,000 policy templates, automated reporting and explainable, auditable AI, making it easier to keep pace with complex regulations. Employees work without disruption, knowing sensitive information is protected wherever it moves.
How Forcepoint DSPM Closes Gaps in Controlling AI and Data Risk:
- Structured Data Discovery and Classification. Extends Forcepoint’s industry-leading discovery and classification to Microsoft SQL, Oracle, MySQL and other enterprise databases and data lakes like Databricks and Snowflake, unifying risk management across structured and unstructured data.
- Precise Enforcement and Remediation at Scale. Beyond visibility, admins can adjust file permissions, prevent oversharing, move sensitive files to secure repositories, or clean up redundant, outdated or trivial (ROT) data. Integration with a single-policy framework applies controls across SaaS, email, websites, networks, endpoints, clouds and AI workflows.
- Enterprise-Ready Compliance. AI Mesh delivers more accurate, customizable and explainable classification than generic LLM tools. Integration between policy templates, automated reporting and transparent AI logic streamlines compliance and audit readiness while reducing false positives.
- Executive Risk Visibility. Dashboards surface high-level trends in regulated data exposure, helping leaders prioritize mitigation with less overhead.
- Financial-Impact Estimates. An industry-first capability estimates breach or compliance costs, helping leaders prioritize remediation and data access governance.
Forcepoint AWARE 2025, Oct. 7-8
Forcepoint’s premier AI data security user conference is a two-day virtual summit providing actionable strategies to safely adopt AI innovations. With high-profile speakers, a dynamic agenda and tailored breakout sessions, attendees will explore how to control AI workflows, simplify compliance, and transform security into a competitive advantage. Register today to attend live or access content on-demand.
To learn more about Forcepoint DSPM, visit the product page, data risk assessment page, or read the blog Forcepoint DSPM Adds Structured Data Support.
SimonMed Imaging Pwned By Medusa
Posted in Commentary with tags Hacked on October 13, 2025 by itnerdComparitech has reported SimonMed Imaging over the weekend confirmed 1,275,669 people had been affected in its January 2025 data breach, which was claimed by ransomware gang Medusa with a $1 million ransom demand.
Rebecca Moody, Head of Data Research at Comparitech has this comment:
“This attack on SimonMed Imaging becomes the second-largest data breach on a healthcare company this year (via ransomware). Overall, we’ve noted 96 attacks on healthcare providers (worldwide) this year with over 8.7 million records breached across these attacks. The average ransom across these attacks has been $660,000, putting Medusa’s demand of $1 million from SimonMed well above average.
The attack also highlights our recent findings that healthcare providers are facing an increased threat of attacks via the third parties they use to carry out certain services. In the case of SimonMed Imaging, it appears that this attack was successful due to a breach of one of its vendors. With such highly sensitive data on offer, healthcare organizations remain a key target for hackers and even those with the most robust of cybersecurity practices can still find themselves at the center of devastating breaches due to attacks via the third parties they use.”
Ensar Seker, CISO at SOCRadar follows with this comment:
“The SimonMed breach illustrates the perfect storm we often fear in healthcare cybersecurity: a long dwell time, a wide scope of compromised data, and a ransomware group bold enough to publicize both the theft and ransom demand. Attacks like this are not just about health records they compromise full digital identities, from SSNs to login credentials, and create cascading risks of identity theft, insurance fraud, and even social engineering attacks on hospitals or insurers.
What’s especially troubling here is the theft of authentication credentials, which could be weaponized for secondary attacks or network persistence.
This attack isn’t a good one. And I have the feeling that this one will have far reaching effects for some time to come. By that I mean months or even years.
Healthcare organizations remain attractive targets because of their sensitive datasets, complex third-party ecosystems, and historically underfunded cybersecurity operations. Ransomware gangs like Medusa don’t just want to encrypt but they want to extract maximum leverage by exfiltrating and publishing stolen data. This reinforces the urgent need for real-time anomaly detection, segmented architectures, and a zero-trust posture across healthcare networks. It’s also a wake-up call that disclosure timelines must improve; weeks of unauthorized access is far too long in any sector, but in healthcare, it’s catastrophic.”
Leave a comment »