Let’s be honest – when most people hear “cybersecurity,” they think firewalls, encryption, maybe some threat detection powered by AI. But ask any security leader what really keeps them up at night, and chances are, it’s not just the tools. It’s the people.
That’s where Mimecast is making a bold pivot. With its Human Risk Management (HRM) platform, Mimecast is reframing the entire narrative around human-centric security. Instead of viewing employees as the weakest link, the platform treats them as dynamic, influenceable assets—people who can be coached, nudged, and ultimately empowered to become defenders in their own right.
Mimecast Human Risk Management Platform
Angel Grant, CISSP and Senior Vice President of Security Product and Market Intelligence at Mimecast, puts it this way: “We’ve spent decades building stronger perimeters. But if we’re not addressing the human decisions that drive risk inside those perimeters, we’re leaving the front door wide open.”
What makes the platform stand out is how it blends education, telemetry, and real-time intervention. It’s not just sending out canned training videos and hoping for the best. The HRM platform listens. It watches for patterns – missed phishing simulations, suspicious sharing on collaboration platforms, behavior anomalies – and it adjusts. If someone’s engaging in risky behavior, they might get a well-timed nudge or even an interactive tip through Slack before that risky click becomes a costly incident.
And it’s not about shame or punishment. The whole experience is designed to be human-first. Subtle, supportive, and customized – because not every user is the same, and neither is their risk profile.
What’s powerful here is the idea that risk management isn’t a once-a-year training day – it’s a continuous process. Security awareness becomes part of the daily workflow. That’s what makes it stick.
In an era where cyber threats are increasingly sophisticated and exploit human vulnerabilities, Mimecast has unveiled its groundbreaking Human Risk Command Center (HRCC) at the RSA Conference 2025. This innovative platform aims to transform employees from potential liabilities into proactive defenders of organizational security.
Mimecast Departing Employee Detail
Cybersecurity has traditionally focused on technological defenses, but human error remains a significant vulnerability. Angel Grant, CISSP, Senior Vice President of Security Product and Market Intelligence at Mimecast, emphasizes, “In 2025, the email security landscape will face increasingly sophisticated AI-driven threats, including deepfake-enabled impersonations and financial fraud schemes. However, I also expect we’ll see a rise in overlooked threats like malicious QR codes – which are often exploited due to insufficient safeguards.”
Mimecast Detection Analysis
The HRCC is designed to provide organizations with unparalleled visibility into human risk factors. Key features include:
- Advanced Risk Scoring: Assigns dynamic risk scores to users based on behavior, exposure, and security telemetry, enabling prioritized responses.
- Integrated Security Intelligence: Leverages data from over 300 third-party applications and 1.3 billion API calls monthly to enrich threat analysis.
- Proactive Interventions: Utilizes adaptive nudges and educational prompts through platforms like Slack to correct risky behaviors in real-time.
- Compliance Safeguards: Monitors collaboration platforms for data leakage and policy violations, ensuring regulatory compliance.
Mimecast Business Email Compromise Detection
Marc van Zadelhoff, CEO of Mimecast, states, “Our Human Risk Command Center is a major step forward, providing the tools necessary to measure human risk, empower employees as defenders, and protect customers from sophisticated targeted attacks.”
AI plays a pivotal role in the HRCC by enabling advanced anomaly detection and behavioral analysis. Angel Grant notes, “Businesses must prioritize advanced anomaly detection and behavioral analysis tools that address human risk and allow them to adopt more holistic security strategies.”
Mimecast’s commitment to integration is evident in its extensive partner network. The HRCC’s compatibility with various third-party applications ensures a comprehensive approach to security, allowing organizations to tailor the platform to their specific needs.
Beyond technology, the HRCC focuses on educating employees to recognize and respond to threats. By delivering timely, context-aware training, organizations can foster a culture of security awareness, turning employees into active participants in defense strategies.
Mimecast’s Human Risk Command Center represents a significant advancement in cybersecurity, addressing the often-overlooked human element. By combining advanced technology with proactive education, the HRCC empowers organizations to mitigate risks effectively and build a resilient security posture in the face of evolving threats.
For more information on Mimecast’s Human Risk Command Center, visit their official press release.
About the Author
Pete Green is the CISO / CTO of Anvil Works, a ProCloud SaaS company. With over 25 years of experience in information technology and cybersecurity, Pete is a seasoned and accomplished security practitioner.
Throughout his career, he has held a wide range of technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has supported clients across numerous industries, including federal, state, and local government, as well as financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. He also holds a Master of Business Administration in Informatics.
