Mimecast Expands Incydr Offering, Strengthening Data Security for Human and AI Agents
Mimecast has announced a significant enhancement to its Incydr offering, introducing advanced data security capabilities tailored for the evolving landscape of artificial intelligence (AI). This expansion aims to provide runtime data security, a comprehensive strategy designed to detect, govern, and remediate data exposure in real-time, regardless of whether the action originates from an employee or an AI agent acting on their behalf.
The Growing AI Landscape and Security Challenges
As AI continues to permeate business operations, a staggering 80% of Fortune 500 companies are now utilizing active AI agents. However, only 14% of these organizations have secured full security approval for their use. This discrepancy highlights a critical vulnerability; enterprise data loss is no longer solely a human issue. The introduction of AI agents has created a new attack surface, with these agents accessing and disseminating sensitive information through channels that traditional security tools were never designed to monitor. These include workflows connected to Managed Cloud Platforms (MCP), commercial agents, user-created automations, and shadow AI tools.
Rob Juncker, Chief Product Officer at Mimecast, emphasizes the need for a nuanced approach to security. “Intent-based detection treats all agents equally. We don’t, because the human behind the agent is the signal that changes everything,” he stated. He elaborated on the importance of understanding who deployed the agent, the existing knowledge about them, and how data traverses various platforms, including email, collaboration tools, and AI-driven workflows. This complexity presents a runtime data security challenge that requires immediate attention.
Adaptive Data Security for a New Era
Mimecast’s Incydr technology has long been instrumental in preventing insider-driven data loss, offering out-of-the-box visibility and intelligent detection through its PRISM risk engine, which utilizes over 250 risk indicators. The newly introduced capabilities extend Incydr’s focus from insider-led data security to a broader runtime data security framework that addresses risks stemming from both human and AI-driven actions.
This strategic expansion integrates endpoint and browser intelligence with Mimecast’s existing email and collaboration security solutions. The result is a comprehensive view of data movement across various channels, including endpoints, browsers, SaaS applications, AI tools, MCP connections, and email.
New Capabilities and Features
The enhancements to the Incydr offering are designed to provide organizations with a more robust security posture. Key features include:
-
Unified Human and Agent Visibility: This feature offers a consolidated view of data loss risks across both employees and autonomous agents, encompassing endpoints, cloud and SaaS applications, email, browser activity, and user-developed agents.
-
Shadow AI and Unsanctioned Agent Detection: This capability focuses on identifying unsanctioned AI usage, out-of-policy commercial agents, and unauthorized MCP connections to critical databases and SaaS platforms.
-
Adaptive Risk Scoring for People and AI Agents: The Incydr risk engine continuously evaluates both human users and AI agents based on behavioral anomalies, policy violations, and exposure to sensitive systems and data sources, such as Snowflake, Stripe, and AWS.
-
Granular Data-to-Agent Access Mapping: This feature provides clarity on which agents and tools access specific categories of sensitive data, enabling security teams to manage the potential impact of data exposure effectively.
-
Policy-Driven Governance: A comprehensive governance framework allows organizations to classify and enforce policies across all AI tools, commercial agents, and user-developed agents, ensuring compliance and security.
The Introduction of the Mimecast Agent Risk Center
In today’s complex security environment, a single data loss investigation may involve multiple elements, such as an employee sharing files through unsanctioned tools like ChatGPT or a user-built agent accessing a production database. These disparate events often manifest in different systems, each requiring unique detection logic and response strategies.
To address this fragmentation, Mimecast has introduced the Agent Risk Center, designed to streamline the investigation process. This center consolidates findings into a unified experience, enabling organizations to act swiftly and effectively. The built-in workflows automate the response chain, notifying users, escalating issues to managers, enforcing controls, and generating compliance reports.
Features of the Agent Risk Center
The Agent Risk Center is engineered to include several capabilities aimed at enhancing security operations:
-
Anomaly Detection Engine for Risky Agent Behavior: This engine identifies high-risk patterns, such as unsanctioned tools accessing production databases and executives with overly broad MCP configurations.
-
Governance Scorecards: These scorecards provide ongoing assessments of organizational posture across multiple dimensions, including policy coverage and compliance, offering Chief Information Security Officers (CISOs) a clear measure of governance maturity.
-
Department-Level Risk Heatmaps: Visual analytics display risk distribution and exposure at the departmental level, enabling targeted interventions rather than blanket policies.
-
Integrated Remediation Workflows: Each risk finding is directly linked to actionable responses, such as blocking access, notifying users, and generating compliance reports, all within a unified interface.
Mimecast’s expansion of its Incydr offering and the introduction of the Agent Risk Center represent significant advancements in addressing the complexities of data security in an era increasingly influenced by AI. These developments underscore the necessity for organizations to adapt their security strategies to encompass both human and AI-driven risks, ensuring comprehensive protection against evolving threats.
According to publicly available securitymea.com reporting, the integration of these capabilities positions Mimecast as a leader in the cybersecurity landscape, equipping organizations with the tools necessary to navigate the challenges posed by the modern digital environment.
For the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East: Middle East
