Product Marketing Manager

Mimecast introduces runtime Data Security for visibility and control of growing AI risk. Expanded Mimecast Incydr(TM) technology and new Agent Risk Center detects, governs, blocks, and remediates data exposure caused by employees, AI tools, and autonomous agents. LEXINGTON, Mass., March 24, 2026 (GLOBE NEWSWIRE) - Mimecast, the global cybersecurity leader in securing human and AI risk, today announced a major expansion of its Incydr(TM) offering with data security capabilities for the AI era and also previewed the new Agent Risk Center at RSAC 2026 Conference. These new capabilities help deliver runtime data security - a unified approach to detect, govern, and remediate data exposure, in real-time, whether the action comes from an employee or an agent acting on their behalf. Eighty percent of Fortune 500 companies now run active AI agents, yet only 14% have full security approval for them[1]. Enterprise data loss is no longer just a people problem - AI agents have introduced an entirely new attack surface. Agents are accessing and sharing sensitive data through pathways which traditional security tools were never designed to monitor - MCP-connected workflows, commercial agents, user-built automations, and shadow AI tools. "Intent-based detection treats all agents equally. We don't, because the human behind the agent is the signal that changes everything," said Rob Juncker, Chief Product Officer, Mimecast. "Who deployed the agent? What do we already know about them? How is data moving across email, collaboration tools, browsers, SaaS apps, endpoints, and AI-driven workflows - and what intervention is required right now? That's a runtime data security problem, not a model problem." Adaptive Data Security for the Human and AI Agent Era Mimecast's Incydr technology has long helped organizations prevent insider-driven data loss through out-of-the-box visibility, intelligent detection via its PRISM risk engine (250+ risk indicators), and adaptive response ranging from in-context education to real-time blocking. The new capabilities extend Incydr technology from insider-led data security into broader runtime data security for both human and AI-driven risk. This expansion takes a new approach, combining Incydr endpoint and browser intelligence with Mimecast's email and collaboration security, delivering complete ingress-to-egress data visibility - covering the full path of enterprise data movement across endpoints, browsers, SaaS applications, AI tools, MCP connections, and email. New and expanded capabilities are engineered to include: * Unified Human and Agent Visibility - A single view into data loss risk across employees and autonomous agents, spanning endpoints, cloud and SaaS applications, email, browser activity, commercial AI tools, MCP server connections, and user-developed agents. * Shadow AI and Unsanctioned Agent Detection - Purpose-built detection for unsanctioned AI usage, out-of-policy commercial agents, unauthorized MCP connections to production databases and critical SaaS platforms, and user-built agents operating on unapproved LLM providers or accessing production environments without security review. * Adaptive Risk Scoring for People and AI Agents - The Incydr risk engine now continuously scores both human users and AI agents based on behavioral anomalies, policy violations, high-risk data access, unsanctioned application usage, agent compliance posture, and exposure to critical systems and data sources (e.g., Snowflake, Stripe, PostgreSQL, AWS, Salesforce, GitHub). * Granular Data-to-Agent Access Mapping - A clear view of which agents and tools access which categories of sensitive data - including customer PII, source code, financial records, internal communications, HR data, and infrastructure configurations - enabling security teams to understand and control the agent-to-data blast radius. * Policy-Driven Governance - A comprehensive governance framework for classifying and enforcing policy across all AI tools, commercial agents, MCP servers, and user-developed agents - with sanctioned, unsanctioned, and uncategorized classifications, department-level enforcement, and AI acceptable use policy management. Introducing the Mimecast Agent Risk Center Today, a single data loss investigation might involve an employee sharing a file through an unsanctioned tool - such as DeepSeek, OpenClaw, Ollama, ChatGPT - a commercial AI agent, summarizing confidential records, and a user-built agent pulling from a production database it was never meant to access. These events show up in different systems, follow different detection logic, and require different response playbooks - if they show up at all. The Mimecast Agent Risk Center is designed to consolidate that fragmented picture into one experience. Critically, the Agent Risk Center is built to connect every finding directly to action. Built-in agentic workflows automate the response chain - notifying users, escalating to managers, enforcing controls, and generating compliance reports - so teams act at machine speed, not human speed. As engineered, the capabilities will include: * Anomaly Detection Engine for Risky Agent Behavior - Can automatically surface high-risk patterns - unsanctioned tools with production database access, finance users connected to payment MCP servers, user-developed agents using non-sanctioned LLM providers, and executives with overly broad MCP configurations. * Governance Scorecards - A continuous assessment of organizational posture across four dimensions: policy coverage, review currency, human-in-the-loop enforcement, and LLM compliance - giving CISOs a clear measure of their agentic governance maturity. * Department-Level Risk Heatmaps - Visual analytics showing risk distribution, department-level exposure, risk factor breakdowns, and trend patterns - enabling targeted intervention rather than blanket policy. * Integrated Remediation Workflows - Every risk finding connects directly to action - block access, notify users, escalate to managers, create tickets, classify uncategorized tools, schedule agent reviews, and generate compliance reports - all without leaving the unified interface. Mimecast is previewing the Agent Risk Center at RSAC 2026, with Early Access expected in September 2026. Join Chief Product Officer, Rob Juncker, for a presentation and live demo - Mimecast booth N-5245 - at 10:30 AM on Tuesday, March 24th and Thursday, March 26th. Organizations interested in early access are encouraged to contact their Mimecast representative to learn more. About Mimecast Mimecast is a global cybersecurity and data governance leader redefining how organizations secure human and AI risk. Its AI-powered, API-enabled connected human risk platform is purpose-built to protect organizations from the spectrum of cyber threats. Integrating cutting-edge technology with human-centric pathways, its platform provides enhanced visibility and strategic insight. By enabling decisive action and empowering businesses to protect their collaborative environments, its technology safeguards critical data and actively engages employees in reducing risk and enhancing productivity. More than 42,000 businesses worldwide trust Mimecast to help them keep ahead of the ever-evolving threat landscape. From insider risk to external threats, customers get more with Mimecast. More visibility. More agility. More control. More security. Mimecast, Incydr and the Mimecast logo are either registered trademarks or trademarks of Mimecast Services Limited in the United States and/or other countries. All other third-party trademarks and logos contained in this press release are the property of their respective owners. Press Contacts Tim Hamilton Director, Public Relations Management +1 603-918-6757 [email protected] General inquiries [email protected]

Mimecast, a cybersecurity firm, has unveiled new AI-powered capabilities designed to protect high-risk users and AI tools accessing sensitive data. The platform enhancements address growing concerns around AI agents and automated workflows, which are creating new pathways for data leakage and insider risk. According to Mimecast's research, 98% of organisations now use AI to defend against threats, yet 80% worry about sensitive data exposure through generative AI tools. The company reports that just 8% of employees account for 80% of security incidents. New features include automated adaptive security policies that adjust controls based on individual user risk levels, an AI-powered investigation agent called Mihra that accelerates incident response, and streamlined workflows delivering 78% faster resolution of reported messages. The platform aims to secure how employees and AI tools interact in real time.

Mimecast unveils adaptive Human Risk security for the AI agent era. New AI-powered capabilities are engineered to protect the highest risk users and AI tools that access sensitive data. LEXINGTON, Mass., March 12, 2026 (GLOBE NEWSWIRE) - Mimecast, a global leader in managing human and AI risk, today announced major platform capabilities designed for a new enterprise reality: AI agents and automated workflows are scaling across the business, establishing the human layer as the new control plane for security. According to Mimecast's The State of Human Risk 2026, 98% of organizations now use AI to defend against threats, yet 80% are concerned about sensitive data exposure through generative AI tools and 60% still lack strategies to address AI-driven threats. At the same time, the number of actively deployed AI agents worldwide is set to grow significantly over the coming years. The proliferation of AI across businesses is exposing new pathways for data leakage, impersonation, insider risk, and policy drift. Mimecast's latest platform enhancements help security teams meet that challenge with adaptive controls, AI-powered investigation, and open ecosystem integrations that secure how employees and AI tools interact in real time. "Every AI agent, every automated workflow ultimately depends on a human to direct it, approve its actions, and govern its behavior," said Ranjan Singh, Chief Product and Technology Officer at Mimecast. "That means the enterprise AI era will not be secured by isolated tools or static policies. It requires a connected platform that can understand behavior, detect risk, protect sensitive data, and adapt controls in real time. That is exactly where Mimecast is focused." Mimecast helps enterprises move beyond disconnected point products and protect the spectrum of human risk across email, collaboration, identity, insider activity, and generative AI usage. The following enhancements deliver on that vision with measurable improvements in detection accuracy, data protection, and policy enforcement. Investigate at Machine Speed and Respond Using AI and Adaptive Controls Mimecast data shows that just 8% of employees account for 80% of security incidents, yet only 28% of organizations coordinate security training with continuous monitoring. These capabilities ensure simplicity in the workflows that close that gap. * Automated, Adaptive Security Policies: The Mimecast platform now allows more flexibility to automatically adjust security controls based on individual user risk levels, leveraging insight from the Human Risk Command Center. High-risk users receive tighter controls instantly; low-risk users maintain productivity. Security policies evolve with behavior rather than waiting for manual intervention. * AI-Powered Investigation and Response: The new Mimecast Mihra Investigation Agent saves security teams valuable time by synthesizing events, summarizing findings, and recommending actions to resolve incidents and improve response times. It's the latest in a growing suite of Mimecast Mihra Agents designed to help customers proactively identify, assess, and prevent threats. * Streamlined Incident Response Workflows: Redesigned response capabilities deliver 78% faster resolution of reported messages through AI-powered campaign identification, simplifying incident response for organizations that outsource security operations. An Open Platform That Fits How Security Teams Actually Work Security teams do not operate in a single vendor world. They work across multiple tools, data sources and workflows, yet too many security architectures still force teams into fragmented operations and manual response. Mimecast's latest enhancements are built to fit the way security teams actually work: open, integrated, and centered on measurable user risk. * Bring Your Own AI via the Mihra MCP Gateway: Organizations can now connect Mimecast investigation workflows directly into their existing AI platforms like Claude or Gemini, accelerating threat response through familiar environments without forcing teams onto another siloed interface. * Expanded Ecosystem Intelligence Across the Human Risk Surface: The Human Risk Command Center now correlates signals across email, endpoint, identity, data, generative AI, and other third-party security tools, giving CISOs a unified view of organizational risk and enabling more coordinated action. * Modernized API-Based Deployment: Mimecast's full detection stack is now available through API-based deployment, with complete threat protection and no MX record changes required. Proven Protection Across the Platform Mimecast is delivering measurable gains in detection and protection across its platform, with new capabilities designed to address the broad spectrum of AI-driven threats, from sensitive data leaking into unsanctioned AI tools to increasingly sophisticated, AI-generated attacks. * Controls for Shadow AI and Sensitive Data Exposure: With Incydr Data Protection, organizations can better prevent sensitive data from reaching unsanctioned AI tools and help ensure that approved enterprise data is used only in compliant, authorized environments. * Multi-Vector Threat Protection: Now enhanced for all Mimecast customers, Multi-Vector Threat Protection delivers 99.998% detection accuracy by correlating signals across multiple detection mechanisms to identify sophisticated, coordinated campaigns that isolated security engines miss - while dramatically simplifying policy management. * Enhanced Business Email Compromise Protection: BEC protection now detects impersonation and social engineering attacks across 20 languages, with detection rates improving 5%+ quarterly as the system continuously learns from emerging attack patterns observed across Mimecast's global threat intelligence network of more than 1.7 billion emails inspected per day. The enhanced platform capabilities are available now to Mimecast customers across deployment options. To learn more about all of the platform enhancements announced today, visit here. About Mimecast Mimecast is a global cybersecurity leader redefining how organizations secure human risk. Its AI-powered, API-enabled connected human risk platform is purpose-built to protect organizations from the spectrum of cyber threats. Integrating cutting-edge technology with human-centric pathways, its platform provides enhanced visibility and strategic insight. By enabling decisive action and empowering businesses to protect their collaborative environments, its technology safeguards critical data and actively engages employees in reducing risk and enhancing productivity. More than 42,000 businesses worldwide trust Mimecast to help them keep ahead of the ever-evolving threat landscape. From insider risk to external threats, customers get more with Mimecast. More visibility. More agility. More control. More security. Mimecast and the Mimecast logo are either registered trademarks or trademarks of Mimecast Services Limited in the United States and/or other countries. All other third-party trademarks and logos contained in this press release are the property of their respective owners. Press Contacts Tim Hamilton Director, Public Relations Management +1 603-918-6757 [email protected] General inquiries [email protected]