Mimecast Joins Human Risk Management Fray With Code42 Deal

Email security providers are increasingly adding human risk management (HRM) tools to their portfolios to broaden their data loss prevention (DLP) capabilities. The latest to sharpen its focus on HRM is Mimecast, which acquired insider risk tool provider Code42 for undisclosed terms this week.

The deal marks Mimecast's second acquisition of an HRM company this year. In January, it made its foray into human risk management with the acquisition of Elevate Security, which resulted in last week's release of Mimecast's Engage risk management platform.

Omdia senior principal analyst Fernando Montenegro says Mimecast's competitors, such as Proofpoint, Sophos, ESET, OpenText (Webroot), and Barracuda Networks, have made similar moves into HRM.

"We have seen similar packaging of messaging security with user training and human factors in many vendors," Montenegro says. "This makes sense as we think there is a long-standing evolutionary pattern to cybersecurity to be better aligned to business outcomes and concerns, and this fits well into this narrative."

Mimecast is playing catch-up to Proofpoint, its most formidable competitor, which released its Proofpoint Nexus People Risk Explorer in 2021. Earlier, Proofpoint made its foray into insider threat management by acquiring ObserveIT, known for its insider threat management platform.

Insider Risk Tied to Data Breaches

According to Verizon's "2024 Data Breach Investigations Report" (DBIR), insiders were involved in 68% of all breaches in 2023. Forrester Research forecasts that figure could rise to 90% in 2024, according to its "Predictions 2024" report.

"HRM solutions and programs have surfaced to help CISOs evaluate their firm's human risk, determine whether they are getting a return on their training investment, whether their training is really changing anyone's behavior and improving the firm's cybersecurity posture, and determine what to manage human risk in addition to training people," the report's authors noted.

Weeks after closing the Elevate acquisition in January, Marc van Zadelhoff was tapped as Mimecast's new CEO, replacing co-founder Peter Bauer. Tasked with expanding Mimecast's emerging HRM portfolio, Zadelhoff inked a partnership with Code42 to integrate Code42 Incydr with the Mimecast platform.

By integrating Code42 Incydr's Watchlists for employees with a history of engaging in risky behavior (such as those who frequently fall for phishing attempts) with Mimecast's Profile Groups, organizations can automate the formation, management and policy enforcement among user groups. Likewise, Incydr can be used to manage Mimecast Profile Groups. The integration also lets Mimecast administrators detect and manage exfiltration activity.

Mimecast CEO Marc van Zadelhoff tells Dark Reading that the plan was to leverage that capability to emphasize Mimecast's human risk detection and management capabilities.

"We had been talking to Code42 for a while, and we did the partnership," van Zadelhoff says. "One thing led to another in terms of strengthening it."

Van Zadelhoff says the two acquisitions mark the company's entry into HRM.

"The partnership exposed to us that we had a lot of joint customer interest," he says. "In fact, during that time, we saw an increasing number of our customers adopt Code42 in a fairly short amount of time. As we started leveraging the human risk dashboard and the human risk platform, we started to see that when you add Code42 into the score, it really adds a lot of value on identifying the riskiest segment of the population out there.

Product Portfolios to Remain Intact With Common Dashboard

According to van Zadelhoff, there is no overlap between the products Mimecast now offers and Code42's portfolio.

"We tested the product around scalability and how it would work with our technology stack," he says. "It is incredibly compatible. There's zero overlap."

Further, van Zadelhoff insists no products from either company will be deprecated in the wake of the acquisition; the Code42 products will be rebranded Mimecast. Also, in the coming months, Mimecast will create a common human risk dashboard tied to its distinct offerings.

At next month's Black Hat USA Conference in Las Vegas, the company will demonstrate and roll out new artificial intelligence (AI) tools to detect exfiltration risk when employees upload files into generative AI platforms, such as Chat GPT.

"What we're really focused on is understanding when someone takes data from their corporate organizations or from a key repository and exfiltrates that to a public generative AI location," says Rob Juncker, Code42's CTO. "AI is something that we all have to deal with now. So it will be in our base product for all customers effective immediately."