Thank you to everyone who joined our latest Maximizing Mimecast session, where we took a deep dive into one of today’s toughest cybersecurity challenges: human risk. This conversation, led by Mimecast’s CMO, Adenike (Nikki) Cosgrove, and CPO, Rob Juncker, was fast‑paced, interactive, and packed with practical insights on how to protect your organization from everyday risky behaviors.
Today’s Risky Workplace
We opened the session by exploring why human risk is so difficult to “patch.” As Nikki shared, the biggest vulnerability in your security stack is the person behind the keyboard, switching constantly between dozens of apps, making rapid decisions under pressure, and relying more on AI tools to speed up work. Rob noted that today’s workforce interacts with far more tools than ever before, creating countless micro‑decisions that increase opportunities for mistakes or risky shortcuts.
Human Risk in the Real World
We also discussed how attackers are evolving. Malicious, AI-powered tools like FraudGPT and PhishGPT enable threat actors to mine data on individuals and craft hyper‑targeted campaigns at scale. Nikki highlighted two compelling insider threat stories, including a Tesla engineer who exfiltrated 100GB of data under the belief they were acting altruistically, and a more recent case involving IP theft within the AI industry. These examples underscore just how complex human motives can be—and why we need a view of risk that considers the core components of human risk:
- Actions - risky clicks, unsafe data handling, shadow AI use
- Access - permissions to sensitive data and systems
- Attacks - how frequently and aggressively users are targeted
Human Risk Command Center and Watchlist Manager
Rob then walked through how organizations can operationalize human risk management efforts, blending technical controls with behavior-awareness and real-time interventions. We took a live look at Mimecast’s Human Risk Command Center, which centralizes all of these risk signals, across email, collaboration tools, endpoint security, identity systems, and more, to produce a unified, dynamic risk score for every user in your organization.
This included a look at our new Watchlist Manager, which enables security teams to automatically apply targeted controls to specific users or departments based on their unique risk profiles. For example, finance teams frequently targeted by BEC attacks can now be safeguarded by stricter controls and additional training when risk scores spike, all without manual SOC intervention.
A Human Risk Maturity Framework
Finally, we explored the path to maturity, moving from fragmented, noisy controls to a fully integrated, adaptive security posture where human risk is continuously measured, contextualized, and remediated. As many attendees noted in the chat, the ability to course-correct risky behavior in real time through nudges, guardrails, and automated policy changes is a game‑changer for reducing workload, strengthening culture, and improving long-term outcomes.
If you missed the live conversation, or want to see the full demos and examples, we’ve made the session available on demand.
Watch the on-demand session here.
This webinar is part of the ongoing 2026 Maximizing Mimecast series, where we help you get more value from your Mimecast investment through expert insights, roadmap previews, and live walkthroughs of new capabilities.
Next Up
Next up in the series is a can’t-miss session on: Insider Risk Management & Data Protection, February 19th
You’ll learn how Mimecast Incydr helps you detect, prioritize, and respond to insider-driven data leakage, whether intentional, accidental, or driven by risky AI usage.
Make sure you have your seat for the Insider Risk webinar.
Thanks again to everyone who joined us live. The questions, chat engagement, and real-world stories made this one of the most dynamic sessions yet. We look forward to seeing you at the next event in the series!
