Mimecast, a global cybersecurity pioneer, has unveiled its Human Risk Management (HRM) platform, marking an important and eagerly anticipated milestone in advancing toward the next generation of cybersecurity.
HRM platform
In response to customer and market demand for a more effective means of mitigating risk brought on by employee mistakes and user errors, Mimecast has charted a new path forward by developing a connected HRM platform.
The platform will provide unprecedented visibility into an organisation’s risk profile, scoring users by risk and allowing security teams to educate and protect the riskiest part of their employee base.
A comprehensive solution to a complex problem
Professionals cannot differentiate risk across employees, and frustrated end users who ignore warnings
A small number of users tend to cause the majority of security issues.
But, to date, organisations have invested in disconnected security point products, resulting in security professionals who cannot differentiate risk across employees, and frustrated end users who ignore continuous security warnings and bypass disparate controls, all of which ultimately increase both human and organisational risk.
Preventative controls
Mimecast's connected HRM platform, which is built on a central risk engine, is designed to prevent evolving and sophisticated threats targeting human error within organisations.
The new platform will offer preventative controls and direct actions that will mitigate the risk associated with human behaviour such as an errant click of a link, the opening of a malicious attachment or inadvertently sharing a document.
Challenges with human-centric risks
Employees have access to a myriad of collaboration tools and unlimited access to organisational data
In an increasingly connected world, employees have access to a myriad of collaboration tools and unlimited access to organisational data, making them prime targets for complex attacks such as business email compromise (BEC) and phishing, but also makes them more prone to errors as they are constantly multi-tasking and have multiple tools open at the same time.
Traditional security measures often fall short of addressing these human-centric risks, leading to significant vulnerabilities.
Risk mitigation
"Our platform is centred around protecting organisations from employee mistakes and user error, aligning key defence and data controls to offer one of the most comprehensive approaches to human risk management," said Mimecast CEO, Marc van Zadelhoff.
We provide a single solution that brings together multiple technologies – from Mimecast and dozens of partners – to help organisations protect collaboration and engage employees in risk mitigation."
Human risk dashboard with unparalleled visibility
The HRM platform is engineered to include a unique human risk dashboard, providing security teams with company-wide human risk scoring and visibility based on event data from both native Mimecast metrics as well as data from current and future integrations with third-party tools.
Organisations can tailor security strategies specifically, including awareness initiatives that provide more training
In addition to increased visibility at the organisation-wide, group, and individual levels, this dashboard is designed to also quantify attack factors measuring the frequency and severity of inbound threats, with plans to analyse inbound phishing attempts, blocked malware, malicious web content loaded by visited websites, and more. With full visibility into this data, organisations can tailor security strategies specifically, including awareness initiatives that provide more training to those who need it and less to those who don’t.
Mimecast Engage® transforming security awareness
A key pillar of the platform is the company’s new human risk awareness training offering, Mimecast Engage®, which is built to redefine how security leaders can manage human risk.
Traditional security awareness programs take a standardised approach, rendering IT leaders unable to identify high-risk employees or effectively mitigate risky behaviour.
Increasing productivity
Mimecast Engage technology, the result of the integration of Elevate Security technology
Mimecast Engage technology, the result of the integration of Elevate Security technology acquired in December 2023 with Mimecast’s awareness training product, combines to eliminate blind spots by offering extensive visibility into employees' risky behaviours powered by the human risk dashboard and adapting interventions to each individual's unique risk profile.
This approach also helps increase productivity as the lower-risk employees are interrupted far less with training tasks, enabling them to focus on more critical business activities.
Awareness and training
"Mimecast Engage awareness and training empowers security teams to identify and reduce risky behaviour with smarter, more targeted training," said van Zadelhoff.
"It leverages risk insights from the Mimecast ecosystem and beyond to deliver contextual interventions at the point of risk, helping to ensure a more secure work surface."
Key benefits of the HRM platform
- Visibility: The comprehensive human risk dashboard spans the collaborative landscape, ensuring organisations can keep up with and stay ahead of evolving threats.
- Insight: Leveraging two decades of focused cybersecurity expertise, Mimecast’s HRM platform helps align cyber and human risk for more detailed and actionable insights. CISOs and security analysts can take these insights make proper decisions and deploy the right tactics to keep the organisation secure.
- Action: The unified, AI-powered platform is engineered to ensure that threats can be detected and eliminated promptly, allowing for precise and proactive decision-making.
New business standards
Mimecast is pioneering human risk management. The HRM platform and Mimecast Engage technology are the latest innovations in its mission to advance security and transform the way organisations manage and mitigate risk.
By integrating security into the very fabric of human interaction, the organisation is setting a new standard for protecting businesses in an increasingly complex digital world.