Q1. Cyber threats are increasingly targeting the human layer via tactics like phishing and social engineering. How should organizations be evolving their strategy to better secure the human element and not just infrastructure?
Threat actors are sophisticated – they use the latest tools at their disposal and refine their approach day after day. Today that can take the form of a highly convincing deepfake, a personalized note leveraging an employee’s real job responsibilities or phishing threats backed by AI – making them more powerful, prolific, and unfortunately, successful.
Because of this, it’s no longer enough for organizations to focus solely on securing their infrastructure. We’ve reached a critical point in time where protecting people must be the central part of any cybersecurity strategy. The cybersecurity landscape is always unpredictable, but to be a resilient organization, engraining a 24/7 human-centric approach is key.
This starts by creating an ongoing process for adaptive security awareness training that reflects real-world attack techniques. These types of trainings need to be engaging and continuous and not just a “once-a-year” checkbox situation. It’s important to empower and educate employees with the right tools in real time. This means having email and collaboration security platforms that deliver intelligent threat detection and contextual guidance directly within the tools employees use every day. By having this process in place, it allows for better and safer decision making without disrupting employee productivity.
Organizations should continue to have a sharp eye on behavioral insights and leverage threat intelligence to help identify risk patterns. Consider this: just 8% of employees account for 80% of incidents. When a company is equipped with the skills to identify which individuals or departments are most likely to be targeted, they can take a more robust and personalized approach to defense.
Historically, cybersecurity has been categorized strictly as an IT-only responsibility, but today, it needs to become an organizational mindset. Securing the human element means integrating education, technology and intelligence into a single, cohesive strategy that protects every employee as effectively as it protects infrastructure.
Q2. As someone with experience building platforms that analyze digital behavior, how do you see AI being used to not just also detect threats, but to also understand user intent and context?
Having built platforms that analyze digital behavior at scale, there’s huge potential in using AI not just for threat detection, but also to interpret user intent and context in real time. This is important to understand because not all anomalous behavior is malicious, and without understanding the ‘why’ behind the ‘what,’ we risk either overreacting or missing real threats.
The real challenge lies in attackers increasingly exploiting trusted services, making it harder than ever for security controls to distinguish between authorized and unauthorized activity. For example, malicious AI-powered tools like WormGPT and FraudGPT, which are rogue versions of legitimate GenAI models, are being used to craft highly convincing phishing emails, generate more efficient malware and automate cyberattacks at scale.
Mimecast’s detection engine has learned to identify specific characteristics that distinguish human-written emails from AI-generated ones. By analyzing tens of thousands of emails, along with synthetic data generated by models like the newly introduced GPT-5, we found that certain phrases, like “delve deeper into this” or overly casual greetings like “hello!” from senders who don’t typically use such language, often signal a phishing attempt.
GPT-5, which was just announced, now has ‘PhD level’ of intelligence. We knew this was coming, but that doesn’t lessen the astonishment of its power. We are in an AI arms race, and models will only get smarter. It’s essential that good AI is up to the task to defend against bad AI. At Mimecast, we are very much up to this challenge and look forward to harnessing the power of AI for good and deploying models in an ethical and fair way that secure our global customer base.
Q3. How did Mimecast engage with customers, partners, and the broader security community at Black Hat USA 2025? What key themes or technologies did the company focus on at the event?
Black Hat was a major success for us this year. We brought Human Risk to life at the Mimecast booth and found that our story resonated well with attendees.
Our Human Risk Command Center was on full display. We announced key enhancements and showed hundreds of security professionals why increased visibility and individual risk scoring is a game changer.
To that, we also allowed visitors to take a rapid human risk survey, a live diagnostic that instantly profiled their organization's exposure across key attack vectors. Based on the results, our team gave them a demo showing how the Mimecast platform mitigates the risk.
Another big focus was our expanding ecosystem of strategic integrations. With a wide array of technology partners and more than 150 prebuilt integrations, we’re enabling threat intelligence sharing and coordinated response across tools like SentinelOne, Zscaler, Netskope, and Arctic Wolf. These four partners also joined our booth for joint sessions that showed viewers how ‘the power of together’ in cybersecurity makes the entire community safer.
Through these integrations, we’re helping customers strengthen protection across email, web, and collaboration environments. At the end of the day, our message was simple: security is strongest when it’s connected, adaptive, and centered around people – and that’s exactly what we’re building.