Enterprise Account Manager

Proofpoint expands security for the agentic workspace. Proofpoint introduced new email and data security capabilities designed for workplaces where humans and Artificial Intelligence agents interact across communication and data environments. The updates combine email protection models, add data access governance for human and non-human identities, and extend data security posture management into on-premises systems. Proofpoint unveiled new capabilities across its collaboration security and data security portfolios aimed at securing the agentic workspace, where people and Artificial Intelligence agents operate across email, cloud, and data environments. The company said enterprise risk is changing as organisations deploy assistants and autonomous agents that draft communications, access sensitive data, and take action at machine speed. In this environment, static access controls and identity checks alone are no longer enough, increasing the need for behavioural insight across communication and data activity. A central part of the update is a unified email security architecture that combines Secure Email Gateway and API-based protection. Proofpoint said the integrated model links perimeter protection for north-south traffic with defence for east-west internal email activity, allowing threat intelligence and behavioural signals to flow across pre-delivery and post-delivery controls. The company said this gives customers a single workbench to manage inbound, outbound, and internal email protection, while improving visibility into compromised accounts, automated agents, internal-to-internal compromise, and direct send vulnerabilities. Proofpoint said the approach reduces console switching, simplifies policy management, and eases investigation and response workflows. The company said the platform delivers 99.999% detection efficacy. Proofpoint also introduced Artificial Intelligence data access governance capabilities that provide visibility into access to sensitive data across SaaS, cloud, and on-prem environments. The scope includes human users, service accounts, and Artificial Intelligence agents. Security teams can identify stale entitlements, orphaned accounts, and over-permissioned access, while automated remediation workflows are designed to reduce exposure without manual, ticket-driven processes. By correlating identity activity, data sensitivity, access patterns, data loss prevention signals, and other risk indicators within the Data Security Graph, the platform is intended to support continuous risk reduction based on behavioural context and inferred intent. The company is also extending its Artificial Intelligence-native data security posture management capabilities to on-premises environments, adding intelligent data discovery and classification across hybrid and cloud systems as well as legacy infrastructure. Proofpoint said this broader coverage gives organisations more consistent visibility into sensitive data regardless of where it resides, helps prioritise risk more accurately, and reduces exposure caused by fragmented tooling across cloud and on-prem systems. These capabilities are expected to become available in Q2 2026, with timing subject to standard product rollout considerations and regional availability. 52. Impact score. March 30, 2026 Mistral has expanded its Voxtral family with a text-to-speech system aimed at enterprise voice applications. The company is positioning the open-weights model as a flexible alternative for organizations that want more control over deployment, cost and customization. March 30, 2026 A UK Parliament committee is examining how Artificial Intelligence is changing business and work, with a focus on both economic opportunity and labour disruption. The inquiry is seeking evidence on government priorities as adoption expands across the economy. March 30, 2026 Microsoft is changing Windows 11 kernel policy so new drivers must be signed through the Windows Hardware Compatibility Program. Older trusted drivers will still be allowed in some cases to preserve compatibility during the transition. March 30, 2026 Generative Artificial Intelligence is becoming a mainstream consumer and marketing tool in the US, reshaping targeting, creative production, measurement, and search visibility. Growing adoption is paired with persistent concerns around trust, accuracy, and governance. March 30, 2026 The Universities of Wisconsin list a broad mix of Artificial Intelligence courses, certificates, webinars, forums, and training programs for non-degree learners. Offerings span business, education, government, healthcare, agriculture, engineering, and technical development across multiple campuses.

AI agents carry the same insider risk profile as human employees. Your governance program was not built for that. At RSAC Conference 2026 - the annual gathering where the security industry's most consequential product and strategy conversations happen - Sumit Dhawan, CEO of Proofpoint, made a statement that cuts directly across the AI governance category. He said AI agents behave like humans and carry the same risk profile. They operate non-deterministically. They can be manipulated through prompt engineering. They require what he called "a purpose-built integrity framework" - an AI behavior safeguard layer - that must be coded into the technology itself rather than applied as a policy or a governance document afterward. This is not a vendor press release or a marketing claim. This is an observation delivered to a security practitioner audience at the industry's most scrutinized stage. Traditional insider risk programs were built around one core detection mechanism - behavioral deviation. When a human employee's behavior diverges from their established pattern, the system escalates. Access to unusual systems, data exfiltration outside normal hours, communication with unknown external parties. The program works because human behavior is mostly predictable, deviations are detectable, and the human is accountable to a code of conduct. Dhawan's point is that AI agents satisfy none of those preconditions. They have no code of conduct. Their behavior is non-deterministic by design. They can be manipulated into taking unintended actions through inputs that look legitimate. They operate at machine speed across multiple connected systems simultaneously. The insider risk model was built for human actors with predictable behavioral patterns. AI agents are internal actors that can cause the same category of damage but through a fundamentally different mechanism - one the model was never designed to detect. The security industry is adapting its frameworks to cover AI agents because the threat model requires it. The governance industry has not yet made the equivalent adaptation. Most AI governance programs were built around the assumption that the systems being governed produce outputs that humans then interpret and act on. AI agents take action autonomously, which means the governance framework built around human interpretation of outputs does not reach the layer where agent behavior actually occurs. The governance question centers on what the agent did, why it did it, what systems it accessed, and what happened as a result. That is a behavioral governance problem. What makes AI agent risk structurally different. The non-determinism problem is central. Traditional security controls were designed for Boolean pattern-based logic. An action either matches a known pattern or it does not. AI agents do not operate this way. Their outputs are probabilistic. The same input can produce different outputs at different times depending on context, model state, and the chain of tools and systems the agent is interacting with. This means behavioral baseline approaches - the foundation of insider risk detection - are significantly harder to establish and significantly easier for an adversary to operate below. An agent that has been manipulated through prompt engineering may produce outputs that look normal in isolation while the cumulative pattern of its actions represents a significant deviation that only becomes visible after the damage has occurred. The accountability gap is equally important. When a human insider causes harm, there is a clear accountability chain. The person made a decision. There is a record of their access. There is a supervisor and a reporting structure. When an AI agent causes harm, the accountability chain is much less clear. Who authorized the agent to access those systems? What credential was it operating under? Who was the named human supervisor responsible for reviewing its behavior? What was the approval scope for the actions it took? In most current enterprise deployments the answers to those questions either do not exist or require significant forensic reconstruction after the fact. Dhawan's point is that this gap must be closed at the technology layer - coded into the system as an integrity framework - rather than addressed through policy documents that do not connect to what the agent actually does. What a purpose-built integrity framework actually means. Dhawan's specific language is important. He said AI agents require "a technology layer which is an AI behavior safeguard layer." That is a governance architecture description. What he is describing is a layer that sits between an AI agent and the systems it can access, observes the agent's behavior continuously, applies defined integrity constraints, and generates an audit trail from what the agent actually did rather than from what was approved before it was deployed. This is identical in function to what continuous production monitoring delivers in the AI governance context - a system that observes behavior as it happens rather than reviewing documentation after the fact. In the agentic AI context the stakes are higher because agents act autonomously and at speed, which means the gap between what was approved and what actually happened can grow very large in a very short window. The CISO bifurcation Dhawan named is also analytically useful. He said CISOs are splitting into two camps on AI safeguard implementation - proactive and wait-and-see. The proactive CISOs are building the behavioral governance layer now because they understand that the agent deployment surface is expanding faster than any reactive governance program can track. The wait-and-see CISOs are treating AI agent governance the same way they treated early cloud security - as something that can be addressed after the deployment has already scaled. The history of cloud security suggests that position creates a significant remediation problem when the regulatory or incident pressure arrives. What enterprise teams should be doing right now. Before deploying any AI agent into a production environment, three things need to exist. An authorization register - a written document specifying exactly what actions the agent is permitted to take, under what credentials, and who the named human supervisor is. A behavioral baseline - an established record of what the agent's normal output and action patterns look like so deviations can be detected rather than guessed at. And an audit trail mechanism - a technical system that records what the agent actually did, which systems it accessed, and what data it touched, automatically and continuously rather than reconstructed from logs after an incident. If none of those three things exist before an agent is deployed, the governance program has a gap regardless of how complete the pre-deployment approval process was. The moment this gap becomes a problem is when an agent takes an unauthorized action and no one can reconstruct the exact sequence that led to it. Its take. Dhawan's framing at RSAC is significant not because Proofpoint is building a governance platform - they are building a security product - but because the Proofpoint CEO is describing a governance requirement in a security context at the industry's most visible annual event. When security leaders at that level start defining AI agent behavioral integrity as a governance problem that requires a dedicated technology layer, it means the security market is arriving at the same conclusion that the governance market has been slow to reach. The two conversations - AI governance and AI security - are converging on the same operational problem. Enterprises need a layer that observes what AI agents actually do in production and enforces behavioral constraints as the agent runs, not after it has already acted. This aligns directly with the NIST AI RMF GOVERN function, which explicitly requires accountability across system components, including agentic behaviors, throughout the full system lifecycle. What remains unresolved is that the insider risk model for AI agents does not yet have the equivalent of 20 years of enterprise insider risk program development behind it. The behavioral baseline problem for non-deterministic systems is genuinely hard. The credential and identity framework for AI agents is still being built across the identity governance market. If your organization is deploying AI agents without an authorization register, a behavioral baseline, and a continuous audit trail mechanism, the GAIG marketplace is where to evaluate the platforms building that layer. Enterprise teams can compare solutions in the AI Security and AI Monitoring categories that are specifically designed for production agent behavior rather than pre-deployment documentation. Follow GetAIGovernance on LinkedIn

Technology intelligence: March 2026. Executive-level intelligence on the trends, people, and deals shaping the technology sector in March 2026 News and exec appointments. Google completed its $32bn all-cash acquisition of Israeli cloud security company Wiz, the largest deal in Google's history. AI security software company Darktrace has appointed Ed Jennings as its new CEO, who joins from Quickbase, where he served as CEO. Jennings is the former COO of Mimecast. OpenAI has acquired Promptfoo, a startup focused on securing LLMs and AI agents, with the technology set to be integrated into OpenAI Frontier. Meta acquired Moltbook, the AI-agent social network, with founders Matt Schlicht and Ben Parr joining Meta Superintelligence Labs. Deal terms were not disclosed. Matt Brittin, the former EMEA President for Business and Operations for Google has been appointed as Director-General of the BBC. Apple acquired MotionVFX, a developer of plug-ins and templates for Final Cut Pro. Financial terms were not disclosed. Lovable said it crossed $400m ARR in February after adding $100m in revenue in a single month, with just 146 employees. Cursor, an AI-native code editor, reportedly surpassed $2bn in annualized revenue, with enterprise customers now accounting for about 60% of revenue. Atlassian cut 10% of its workforce, around 1,600 roles, as it redirects more investment toward AI and enterprise sales. New Relic, the observability software company, appointed Michael Frendo as CTO, with the former Proofpoint engineering executive tasked with helping drive the company's AI-led observability strategy. SAP appointed Thomas Saueressig as Chief Customer Officer, expanding his remit to lead the new Customer Value Group across customer success, services and delivery. Wise appointed former Intercontinental Exchange CFO Scott Hill to its board as an independent non-executive director. Trustpilot appointed Marcus Roy, currently CFO of The Economist Group, as its new CFO, succeeding Hanno Damm later this year. The Trade Desk, a programmatic advertising technology company, appointed Reddit CFO Drew Vollero to its board of directors. FactSet, a financial data and analytics company, appointed Kate Stepp as Chief AI Officer and former Citi and JPMorgan executive Bob Stolte as Chief Technology Officer, as it steps up its enterprise AI push. Contentsquare, a digital experience analytics company, added three senior leaders: Costa Harbilas as President, Go-to-Market, Patrice Attia as Chief Revenue Officer, and Rachel Obstler as Chief Product Officer. Harbilas joins from Intapp, where he was CRO, while Attia and Obstler were promoted internally from SVP EMEA/APJ and SVP Product, respectively. Spendesk appointed Alan Wright as Chief Technical Officer, as the company said it had reached profitability. Wright previously served as VP of Engineering at Signal AI. Bluesky CEO Jay Graber stepped down and moved into a Chief Innovation Officer role, with Toni Schneider named interim CEO. Bluesky is a decentralised social network built on the open-source AT Protocol Fundraising. Nscale, the British AI infrastructure company, hit a $14.6bn valuation after a $2bn Series C. Harvey, a Legal AI company, confirmed a $200m raise at an $11bn valuation, with GIC and Sequoia co-leading the round. Quince, a direct-to-consumer retail brand, raised a $500m Series E at a $10.1bn valuation, led by Iconiq. Replit, an AI software development platform, raised a $400m Series D at a $9bn valuation, just six months after reaching $3bn. Legora, a Stockholm-based legal AI company, raised a $550m Series D at a $5.55bn valuation as the AI legal tech boom continues. French health insurance startup Alan reached a €5bn valuation. AMI Labs, co-founded by Yann LeCun, raised $1.03bn at a $3.5bn pre-money valuation to build "world models." Cloaked, a privacy and identity protection company, secured $375m in Series B and growth financing as it expands from consumer privacy tools into enterprise. Armadin, Kevin Mandia's new AI-native cybersecurity startup, raised $189.9m in combined seed and Series A funding. Eridu, an AI networking infrastructure startup, emerged from stealth with a $200m Series A. Israeli AI agent startup Wonderful raised a $150m Series B at a $2bn valuation. Granola, a London-based AI meeting notes platform, raised $125m at a $1.5bn valuation as it expands from meeting notes into broader enterprise AI workflows. Rox AI, a sales automation startup, reportedly hit a $1.2bn valuation in a new funding round led by General Catalyst. Mirage, the company behind the AI video editor Captions, raised $75m in growth financing and is positioning itself more clearly as an AI lab. Hiring trends. Whilst embracing AI is now an obvious strategic priority, the harder challenge is cultural. For some employees, AI is a force multiplier. For others, it threatens to commoditise their craft. In time, the best technology companies may operate with smaller engineering teams, heavily augmented by AI agents. But today's reality is more nuanced. Most AI coding tools remain immature, and teams are still learning how to use them effectively. Faster prototyping is often offset by slower debugging - particularly when dealing with AI-generated code. No Latency. No Latency provides long form analysis of the systems and strategies underpinning the technology ecosystem; About Neon River Neon River is a boutique executive search firm that helps technology and digital companies hire exceptional leadership talent. We work across VC-backed scaleups, PE-owned businesses, and global tech companies, bringing deep sector expertise, high-touch service, and a track record of delivering outstanding candidates quickly and effectively.