Cybersecurity company Mimecast has rolled out its Human Risk Management (HRM) platform, giving organisations an effective means of mitigating risk caused by employee and user mistakes.
Mimecast says its platform will provide unprecedented visibility into an organisation’s risk profile, scoring users by risk and allowing security teams to educate and protect the riskiest part of their employee base.
Key benefits of the Human Risk Management platform include:
-
Visibility: The comprehensive human risk dashboard spans the collaborative landscape, ensuring organisations can keep up with and stay ahead of evolving threats;
-
Insight: The HRM platform helps align cyber and human risk for more detailed and actionable insights. CISOs and security analysts can take these insights, make proper decisions, and deploy the right tactics to keep the organisation secure; and
- Action: The platform is engineered to detect threats promptly, allowing for swift elimination,and precise and proactive decision-making.
Mimecast says a small number of users cause most security issues. But, to date, organisations have invested in disconnected security point products, resulting in security professionals who cannot differentiate risk across employees, and frustrated end users who ignore continuous security warnings and bypass disparate controls. This ultimately increases both human and organisational risk.
The HRM platform, which is built on a central risk engine, is designed to prevent the evolving and sophisticated threats targeting human error within organisations. The platform offers preventative controls and direct actions that will mitigate the risk associated with human behaviour, such as an errant click of a link, or the opening of a malicious attachment, or inadvertently sharing a document.
Many employees have access to many collaboration tools and unlimited access to organisational data, making them prime targets for complex attacks such as business email compromise and phishing. They are also more prone to errors as they constantly multitask and have multiple tools open simultaneously. Traditional security measures often fall short in addressing these human-centric risks, leading to significant vulnerabilities.
“Our platform is centred around protecting organisations from employee mistakes and user error, aligning key defence and data controls to offer one of the most comprehensive approaches to human risk management,” said Mimecast CEO, Marc van Zadelhoff. “We provide a single solution that brings together multiple technologies, from Mimecast and dozens of partners, to help organisations protect collaboration and engage employees in risk mitigation.”
The HRM platform is engineered to include a human risk dashboard, providing security teams with company-wide human risk scoring and visibility based on event data from both native Mimecast metrics as well as data from current and future integrations with third-party tools. In addition to increased visibility at the organisation-wide, group, and individual levels, this dashboard is designed to quantify attack factors measuring the frequency and severity of inbound threats, with plans to analyse inbound phishing attempts, blocked malware, malicious web content loaded by visited websites, and more. With full visibility into this data, organisations can tailor security strategies specifically, including awareness initiatives that provide more training to those who need it and less to those who don’t.
A key pillar to the platform is the company’s new human risk awareness training offering, Mimecast Engage, which is built to redefine how security leaders can manage human risk. Traditional security awareness programs take a standardised approach, rendering IT leaders unable to identify high-risk employees or effectively mitigate risky behaviour. Mimecast Engage technology, the result of the integration of Elevate Security technology acquired in December 2023 with Mimecast’s awareness training product, combines to eliminate blind spots by offering extensive visibility into employees’ risky behaviours powered by the human risk dashboard and adapting interventions to each individual’s unique risk profile. This approach also helps increase productivity as the lower-risk employees are interrupted far less with training tasks, enabling them to focus on more critical business activities.
“Mimecast Engage awareness and training empowers security teams to identify and reduce risky behaviour with smarter, more targeted training,” said van Zadelhoff. “It leverages risk insights from the Mimecast ecosystem and beyond to deliver contextual interventions at the point of risk, helping to ensure a more secure worksurface.”