Okay. Well, let's get started. Good afternoon, everyone. My name is Chris Scully. I have the privilege of being your host today. Thank you for joining our latest Innerworks webinar series. We're featuring one of our great security partners. We have the privilege of working with, Mimecast. So, very honored to have Ben here today, and, we're gonna be exploring Mimecast's groundbreaking approach to human risk management and its transformative impact on modern cybersecurity. So thank you all for joining. Thanks for making the time. We really appreciate it. Just a couple of notes, housekeeping notes here. So please utilize the q and a feature of Zoom, as we go through. So Ben will talk, and then at the very end, I will lead a kind of a q and a, with the time that we have left for Ben. And so if you've got questions for him as we go through, please use that feature. Also, we have the chat feature. We'd love to to hear from where you're signing in today and where you're joining us from. So, please do that as well. And then a quick reminder, if you were one of the first twenty five people to sign up with a business email, if you stick around for the whole webinar and you fill out our post event survey, you're gonna get a fifty dollar gift card as a thank you. So, again, we really appreciate everybody coming today. I'm gonna do just a couple of quick slides, introduction to Innerworks if you haven't met us before. So, a little bit about Innerworks. We're a people focused tech consultancy. We deliver premier services and expertise, really end to end strategic partners from an IT need. So, I won't read you the slide. You guys can see that there, but we really do a little bit of everything. And, we would love to hear from you, see how we can help you. You're gonna see my contact info as well as Ben's at the end of the day. But we've been doing these webinar series this year just bringing in some of our best partners, some of the best solutions that we work with on a day to day basis, and we'd love to talk more about it, as we go through. This slide, you can see a little bit of all the things that we do. So, IT solutions, data and analytics, experience consultancy. We talk we can help you through platforms and enablement, just about anything that anyone could utilize. So, again, we'd love to talk to you. If you're in need of a partner, we are always welcome, for those conversations. So, you'll see my contact at the end, and we will talk more to you then. But let me transition quickly to why you're here. I'm gonna do a quick introduction of our speaker, and then we will jump right into Mimecast. So, we're really lucky today to have Ben, Darceny join us today. He is the, SMB regional sales manager for Mimecast. Ben leads one of Mimecast's s SMB sales teams. He's responsible for eight thousand plus customers in the central region. Ben has experience and expertise from fourteen years of account management in the cybersecurity industry, including a collective ten years at Mimecast, both as an individual contributor and on the enterprise account management team. In addition to his time in the email and collaboration security space, Ben has also supported customers at organizations in the endpoint and identity and access management industries. This diverse background has given him a broad range of cybersecurity knowledge and a deep understanding of customers' strategic objectives, challenges, and processes as they work through to secure their people, products, and their sensitive information from emerging threats. So as you can tell, we have one of the best from Mimecast with us today, and we really appreciate appreciate, Ben, you joining us today, and thank you for your time in advance. So, again, as we kick off, folks, if you got questions, please throw them in the q and a. We'll keep track of them, and I will be back at the end after Ben's talked, and we will have that session. So thank you, Ben. Appreciate it, and I'll turn it over to you. Yeah. Thank you. That was a great intro. You almost made me sound like I know what I'm talking about. Hopefully, that translates to some good insights for everybody today, some new information, new ideas about how, you all can secure your environments, your people, most importantly, because that's really what we'll be talking about today. So, real quick off the top, I wanna throw that nice intro right back at Chris and say that InterWorks is just an excellent partner of ours. Absolutely fantastic. They are are one of the closest to us in the sense that they work with us both as a reseller and a managed service provider. So a ton of expertise when it comes to Mimecast and actually deploying our solutions, managing our solutions, but, really, across the board, they do that with all the solutions that they offer and manage. So, really, just an excellent partner. They were out here a couple weeks ago. We worked very closely, and, they're also spearheading an effort on our part to get our professional services out to our resellers and allow them to do that as well. So you cannot do better than InterWorks from a a reseller or managed service provider perspective. So let's get into really what we're here to talk about today, and that is, a number of things, but, really, it's about how we're securing the human element in our organizations, the people now that really work has fundamentally changed over the last five years or so with COVID, the transition to hybrid remote work model, and all of that has come with a lot lot of differences. And that has not stopped, with your workforce. It is true of Mimecast as well. If you've heard about Mimecast in the last eighteen to twenty four months, it probably is related to one of the several strategic acquisitions we've made in that time. Those have included, Elevate Security, which is actually a second awareness training and risk management platform for us. We'll talk a bit about why we made that additional acquisition in just a minute. And then we had Code42, and their, tool insider is gonna be a main point of the conversation today. That's an insider risk management platform specifically geared towards monitoring sensitive data in your environment, where it's going, and if it's going to places you want it to go. And then finally, Aware, which is an AI data AI driven, excuse me, data governance and compliance platform, marries very well with our enterprise email archiving solution because it does the very similar thing, but with that AI capability built in for the collaboration platforms that we're all using today, Slack, Teams, Zoom, Webex, etcetera. So you may be wondering why we made all these acquisitions. That's a lot to do in eighteen to twenty four months. It it changes what we do in our platform quite a bit. And the answer to that is that work itself has really fundamentally changed with the transition to a hybrid work environment, with new collaboration tools like Slack, Teams, SharePoint, Zoom, etcetera. These have all become central to really how we communicate and share data on a day to day basis. And, unfortunately, that also comes with new risks, new entry points that we need to be aware of and we need to protect. And, really, when we think about how we used to work, just to put it in context and give you some concrete examples of this, it formerly was email as the primary method of communication, files shared over USB drives or network file shares, fairly straightforward. But like I mentioned, today, we're all over the place. Slack messages, team chats, live documents in SharePoint and OneDrive. Zoom meetings like this, we're probably all over the country, but we're talking together here this afternoon. And not only that, but a lot of these new avenues of communication have a different context than email. I don't know about you all, but my Slack messages don't really read like my email messages. They have slang, emojis, reactions in there, which are great for communication, for collaboration, but also represent new avenues for compromise and and a area where people maybe let their guard down a little bit more than they do with email. And, really, what that comes down to is that at the end of the day, people are still people. Right? They are vulnerable to making mistakes. They are, of course, targeted by attackers, and, unfortunately, they even sometimes act maliciously on purpose. And all of that is really why we've expanded our platform to address all these different areas. We we wanna address the source of this, and that is the human layer as we call it. It's the people in your organization. So what really does that human layer look like when it comes to cybersecurity? And we get the slide to move along with us here, then we can speak about that directly. But what it comes down to, as I mentioned, is that people are vulnerable. Right? They will accidentally share information, like PII or PHI PHI. Excuse me. They are targeted by attackers who will exploit their trust. They'll trick them into clicking malicious links, sharing login credentials far more easily than we would like. And sometimes, like I said, people will intentionally, transition sensitive data out of an organization, whether that's out of dissatisfaction with their job, financial motivation, or some kind of desire for recognition, perhaps. Hard to say, but it does happen. And all of these vulnerabilities make people the weakest link in cybersecurity. And, of course, attackers know this, and they will exploit it to, unfortunately, great success. The other thing that they know is that you all are investing heavily in very sophisticated defenses for your networks, your devices, your applications, But they also know that no matter how advanced that technology is, it really only takes one person to make a mistake in order for them to be successful. And that's why they focus on people. They know that if they can bypass those defenses then and reach those employees, then they eventually will be successful. And that success is extremely painful for all of us. Really, the numbers speak for themselves. Sixty eight percent of breaches involve a nonmalicious human element. We call that over here human error. We're gonna talk about our awareness training in a bit, and we have a character human error who features heavily there. It's really the source of all these issues. And the cost associated with it is honestly staggering. Over the past decade, fifty five billion dollars has been lost to business email compromise attacks. That's five and a half billion a year with some quick math to just one type of phishing attack, never mind all of the others. And then if you're looking at insider risk, the average cost there is anywhere from fifteen to sixteen million dollars per incident. All it takes is one for it to be extremely damaging to all of your organizations because, really, regardless of how large or successful your organization is, that kind of impact is not one anyone can swallow. And that raises the question, how do you identify, quantify, and address the human risk in your organization? It's not easy, unfortunately. In fact, it's much easier to protect networks and devices and the nonhuman element in your environment. And despite the fact that sixty eight percent of breaches involve human error, over eighty percent of security spending is focused on protecting those devices, networks, and applications and not the people. That disconnect is really what leaves organizations vulnerable. So I'm sure many of you have invested in solutions like the one shown here. In fact, I know that you all have invested in these or, other solutions that fall in these categories. They're critical still for protecting your networks, devices, and applications, and they've been engineered by experts to provide the best possible defense against very specific types of risk. But the problem is that no matter how sophisticated these tools are, they're very brittle. One human mistake can render them entirely ineffective. And a single error, like, clicking on a phishing link or sharing sensor data can initiate a ransomware attack, lead to a data breach, cause a system outage, or any number of really terrible outcomes. So with that in mind, I wanna get a sense from you all what you feel the biggest impact on improve would it what would have the biggest impact on improving your overall security posture? Would that be better visibility into human risk and user behavior, faster deployment and user management of security tools, more effective training and awareness programs for employees, or stronger protection for collaboration tools and cloud platforms? And, of course, if you have another answer, we'd love to hear that as well in the chat. I'll give you all a minute to to get this out here. These are the one this one actually is the one that probably have the least sense for where we're gonna land. The other two questions we have planned here, I have a guess for where we'll end up, but this one is a little more open ended. Alright. We're doing pretty good. We got twelve, thirteen in here. We got one or two more, fourteen. Pretty good distribution overall. Stronger protection for collaboration tools and cloud platforms catching up, but I'll end it there with better visibility into human risk and user behavior. Well, if I had asked for one that fit with the talk track today, I probably would've landed on that one. So I'm glad that we're in an area that, is relevant to you all and seems to be, in line with what you feel is needed for your organization. That's excellent. And that's exactly what we're gonna continue talking about here. So let me, move ahead and really appreciate the participation. That was great. It's it's excellent to get a temperature check on where you all are in your, thought process around these things. So I think you probably all noticed that to a certain extent, every one of those options was related to people. I said you guys picked the one best fit for the talk track today. They were all pretty good. I think we coulda got to where we needed to go with all of them. But the fact is the human layer was in all of those because it is central as, I'm gonna get into a bit more in a moment. So, really, everything that happens in your organization from a cybersecurity perspective. But all this raises the question, who is securing this human layer? I might be leading you towards a certain answer. We'll get there in a second. But, looking back, the tools that we've relied on for years, like annual compliance training, for instance, really aren't enough anymore. They don't address the way that attacks happen today, and they don't equip employees to recognize and respond to threats in real time. That's where we come in, as you might have guessed. Mimecast is securing that human layer. In fact, we've reengineered our platform to focus on it entirely. Our goal is to help you and organizations like yours address human risk by providing visibility into risky behaviors, empowering employees to make better decisions, and protecting your organization from breaches caused by human error. So to really get a sense for the difference between a traditional security approach and the human risk focused approach we're providing, let's think a little bit about what most organizations have visibility into today. You know the devices on your network, the applications installed, the sites visited. But when it comes to people, your biggest attack surface, like we were just talking about, what do you see? Most organizations don't know which employees are being targeted, which behaviors are risky, or where sensitive data is being shared. You might know off the top of your head who your problem users are. You could probably name them right now, but that's not being tracked in a quantifiable or actionable way and not being integrated into your security environment. That's the visibility gap that we have in security today. But what if you could see that human risk in your environment? What if you could measure it on an individual level based on real actions and real world attacks? That would be a little different. Right? With that, we'd have human risk secured, and that's what we're going for here at Mimecast. We're at the forefront of mitigating the risks that matter most, attacks targeting people and breaches caused by human error. Across the work surface, you all, organizations in general, face a variety of risks. You have external risks, like phishing attempts delivered through email or collaboration tools. You have insider risks, like data theft or exfiltration by departing the employees, and you have internal risks, like compliance violations or data retention issues. But what all these have in common? People, Exactly like we've been saying. And to address these risks, we need to help users understand that their role in security is vital and how they can use corporate systems appropriately. Mimecast delivers three pillars of value to our customers to address all of these needs. We measure human cyber risk to give you visibility into risky behaviors and targeted attacks. We empower people by providing real time training and feedback to help users make better decisions, and we protect what matters most with adaptive policies and advanced detection to prevent breaches before they happen. This comprehensive approach ensures that you're not just reacting to incidents, but proactively mitigating your risks. Of course, this all still starts with protecting your organization. The risk landscape is broad. It's constantly evolving, and that means that having solutions that can protect your organization from both external and internal risks is still the number one priority. The threats that we face today are more sophisticated than ever, and they're targeting every layer of your organization. From phishing emails to insider threats, the risks really are everywhere these days. But with the right tools and strategies, we can help you stay ahead of these challenges and ensure that the organization stays protected. As many of you know, hopefully, we're doing our job, and marketing in particular is doing their job. Mimecast has a rich history in email security. It's where we started twenty two, twenty three years ago and remains a top priority for us to deliver world class email security to our customers. And that's really what sets us apart. It's the rare advantage that we have with over twenty years of evolution behind our detection capabilities, but that doesn't mean that we stop innovating. Today, we're leveraging advanced AI technologies like natural language processing to identify suspicious characteristics in emails, even when there's no obvious malicious content like a link or an attachment. And even then, we're not just looking for keywords or phrases anymore. We're analyzing the actual sentiment behind messages, identifying subtle indicators of risk, and providing actionable insights to you. What's more, we're building these models on an individual user level so that they're learning from each user's behavior and sending patterns in order to make the right decisions about with which messages should be held and which should be allowed through. This approach is also protection and education rolled into one. With banner notifications and real time alerts, we're equipping your users with the information they need to make the right choice at that crucial moment of decision. We need to help them when it matters, not after the fact as we'll talk a bit more about in just a moment. But it's also not just about email anymore. Right? Like, we started off talking about, the way we work has changed. Attacks and data exfiltration are now happening across collaboration tools like Slack, Teams, and Zoom. That's why we've extended our industry leading protection beyond email into these platforms. We're detecting malicious content, identifying sensitive data that violates policy, and even evaluating sentiment to provide your security teams with comprehensive visibility into the risks inherent to users collaborating at work. These tools are essential for productivity today, but they also introduce new vulnerabilities. With Mimecast, you can ensure that your collaboration tools are as secure as your email. Now let's talk a little bit about insider threats, a topic that we're gonna spend quite a bit more time on in a few minutes. That's an area I wanna dive in a bit more deeply with you. But for now, I just wanna give you a quick primer on it. Insider threats are a growing concern for every organization. While external threats are the ones that typically grab the headlines, it's just as critical to protect your most essential corporate data from accidental or intentional exfiltration. Our insider risk management solution, which came over with code forty two, which is called insider, spelled a little funky as you guys will see in a minute. It sees and stops data loss across both known and unknown nest destinations. Whether that's generative AI tools, external file shares, or other risky endpoints, we provide the visibility and control you need to protect your most essential data. Like I said, we'll explore this in more depth shortly, but for now, just know that insider threats are a key focus of our human risk management platform. Finally, let's not forget about data governance and compliance. As collaboration continues to evolve, so too must your ability to manage and secure the data that flows through it. We make it easy to get that visibility into your email and collaboration data regardless of the platform. Whether you need to retain data, search it, or report on it, our tools are designed to simplify these processes. That's why we're consolidating the traditional Mimecast email archive with the Wares collaboration platform archive to deliver a unified compliance and governance tool. This solution, which is also gonna include built in AI query capabilities, so think about talking to your archive like you talk to chat GPT, is gonna be available as a joint offering by the end of the year. So one unified place to review all of your compliance data, anything archived for sensitive information, for ediscovery uses, whatever it might be, all be in that one place with those AI capabilities. We have all this capability today just in those two separate platforms. And by bringing it together, we'll make it that much simpler for you all to manage this. So that's how we're protecting your work surface and your users from risks. But as we talked about a bit earlier, it's critical that your users are part of the solution as well. We wanna empower and enable your workforce, helping them understand that the appropriate use of corporate systems recognize suspicious and risky activity and cultivate a security first culture. To do this, we take a little bit of a different approach, and some of you may already be familiar with it with that different approach to user education that we have. What we do is we aim for short, engaging content that people actually enjoy so that they retain the relevant security information almost by accident. We've now taken this a step further by helping organizations adapt training and interventions for the employees who need it the most. We're doing that with hundreds of TV quality microlearning videos as we call them. We call them that because they're shorter than our already short training videos. Think, like, ten seconds for the microtraining and two minutes for the regular scheduled training. And we're delivering these with what we call behavioral nudges. What they do is they deliver these micro training videos with the right content at the right time, engaging users when risky actions are actually taking place rather than weeks later during a scheduled training session. These are fully automated based on what users are actually doing. So it's consistent education perfectly tailored to their own behavior. Additionally, we're delivering personalized risk scorecards to users to give them visibility into how their actions are impacting the organization as a whole. This empowers them to take some ownership of their role in keeping the organization safe and drive more of that security first culture that we talked about. Finally, we're combining all these insights that we gather from the protect and empower layers to bring everything together for you. By measuring human risk, we give you a crystal clear picture of your users and the risks they represent to your organization. This holistic view allows you to make more informed decisions and take targeted actions to mitigate risk. One too far. Sorry about that. Don't wanna skip this one because I think it's the best one. At the core of Mimecast human risk management platform is what we call the human risk command center. This is a consolidated view of all the risk signals we're gathering from our tools and the other cybersecurity tools in your environment. It's a bit small, but you may see on the screen here, there's a section there in the middle called malware. Mimecast doesn't have any endpoint or malware tools dedicated to that. We're pulling signals from other tools like CrowdStrike, SentinelOne, Microsoft Defender to populate that area and provide detailed risk scoring just on that subset of the cybersecurity environment. Then, of course, that all gets rolled into the overall risk score. We're providing this visibility at every level from individual users to departments, locations, and then, of course, the entire organization. This human risk intelligence gives you unprecedented visibility into your vulnerabilities, allowing you to mitigate human risk at scale. By accurately identifying the sources of risk, you can take proactive steps to protect your organization rather than reactive ones after the fact. And all of that data is really just the starting point. The goal of aggregating and surfacing this information is to help you understand where risk lies and target your efforts where they're needed the most. With this visibility, you can make more informed decisions about the access and layers of protection provided to each of your users. And informed decisions lead to appropriate actions. Now that we know where human risk lives, we can begin to address it with targeted training and interventions. Back to those behavioral nudges delivering feedback to users at the right time through the tools they use every day. This ensures that the training stays relevant, timely, and impactful. But what really sets us apart is our comprehensive coverage of the work surface. Through both our internal solutions and over three hundred third party integrations, which are in addition to those ones that feed into the human risk command center, we're providing visibility and protection across all the tools your organization relies on. As the work service continues to expand, Mimecast is uniquely positioned to help you secure every channel and mitigate human risk at scale. Zooming out a little bit, let's take a look at how we bring all these different pieces together. The Mimecast human risk management platform works by ingesting data from both Mimecast products and third party security tools By analyzing user actions, the attacks targeting them, and the access they have, we build individualized risk profiles for each user. This means that with Mimecast, you can measure human risk, empower your users through targeted interventions, and provide adaptive protection that adjusts based on each individual user's risk profile. Slight slightly more detail on that, what we mean by those adaptive policies is think of having a group within, your organization that is your high risk user group. People move in and out of this dynamically based on their personal risk score and have policies applied based on the fact that they're in that group. No intervention required by any of you. Simply the actions that users are taking are dictating how they're treated by your different security tools. Very powerful and very low touch for you all. This is how we're getting that human risk secured scenario that we're all driving towards. So with all that, I'd now like to switch gears a bit and dive deeper into one of the ways we're addressing human risk, our insider data leak prevention solution. So with this, I just wanna get a sense for how confident you all are in your ability to handle insider risk and sensitive data. I hope I hope that the options here are self explanatory, pretty standard scale we're working with. I, I'm not gonna influence how people are responding. I have a guess for the range that we're gonna land in here, but I'm curious how you all are feeling about this. I love that we we have a solid number of answers up near the high end of the spectrum. That's great. We typically see when we're talking in a one on one scenario, kind of the middle range here from not very confident to somewhat confident, and, of course, some neutrality in there as well. But I love that we're skewing to the high end of this, and we're gonna talk through the different ways that Mimecast can help, solve the insider risk problem, help give you a bit more confidence. And I'll be curious as we get to the end of that here if any of the answers here change with a little broader understanding of some of the ways that data can leave your organizations. And we landed on somewhat confident as the leader. I like it. An optimistic group. So like I said, I'll be curious to see if you all still feel that way when we talk about some of the, some of the ways that data can get out of your organization. Now I'm guessing that a number of you are at least passingly familiar with the whole data leak prevention segment of cybersecurity. We're a little bit different. I'm gonna talk about that in a moment. So if you are familiar with these other tools, Microsoft Purview probably being the best known one since a lot of you probably have it in your Microsoft licensing, I want you to forget what you know a little bit about those tools for a moment or at least put insider in a different box, for the time being until I get a chance to explain a bit about what how our approach varies from most of what you're familiar with. And the reason for that is most of those tools have earned a reputation, very well earned reputation, for being overly complex, resource intensive, and frankly, just not worth the effort of getting in place. The reason for that is that they often require significant time and resources to deploy, and, therefore, the return on the investment can feel very underwhelming. Insider, though, was designed from the ground up to address these challenges and make data leak prevention accessible and effective for organizations of all sizes, not just your large enterprise organizations with thirty person security teams. With Insider, we're reimagining DLP by delivering high visibility, fast deployment, and actionable insights without the overhead of a traditional solution. And how are we doing that? Well, Insider helps you stop data loss from the inside without slowing down your teams or overburdening your security staff. I mean, I think the DLP thing is a problem none of us really wanna have to deal with. That's probably true of most of our problems. But this one in particular, because the sheer volume of data moving across endpoints, browsers, email, cloud applications, etcetera, makes it incredibly difficult to track and manage in any sort of reasonable way. And like we were just saying, traditional do tools available to solve this problem generally aren't worth the effort. We're gonna talk a bit more about what is required to make them even passingly functional, but what makes Insider a little bit different in that sense is that we're monitoring all file movements across your entire organization. All those places I just mentioned and any other ones you can think of as well. And then we're prioritizing high risk movements for review or automated action. So, for example, it can monitor sensitive data like source code, customer intelligence, or proprietary formulas or designs regardless of the application or process that they live in or are a part of. This allows you to tailor your response to a specific offender or offense, making it a highly versatile tool, and we'll talk a bit more about what some of those response options are. The best part of all this is that Insider doesn't require you to create complex policies upfront. It can be deployed in a matter of hours providing immediate visibility and coverage. This is a game changer compared to those other solutions, which often take months to deploy and require significant ongoing maintenance. A lot of that deployment time is around defining policies, basically pointing it at what it should be looking at, and we'll talk a bit more in a moment about why that's a problem. First, though, just wanna make it clear that this is a problem that we need to solve one way or another. Data loss is one of the top risks facing modern organizations. Whether it's source code, CRM information, those biopharmaceutical formula formulas or design documents I mentioned, sensitive data is constantly at risk. In fact, sixty percent of employees in mid sized companies admit to moving files to personal accounts, and those are just the ones who admit to doing it. So you can imagine how many people are actually doing it. I mentioned this before, but the average insider incident costs anywhere from fifteen to sixteen million dollars. These are very high stakes, and the consequences of leaving this threat vector unaddressed can be extremely problematic as we can see here. Despite all that, though, we mostly see people, if they're tackling this problem at all, doing it with the legacy DLP tool, maybe a solution. UABA is in there as well, layering sometimes two, three solutions in place in order to get any kind of visibility into the environment at all. That really limits the their ability to detect subtle or evolving risks because all of these solutions are built on what you already know about your environment. To give you some perspective, Insider collects around a hundred and eighty billion data points every ninety days, providing a comprehensive view of the data protection landscape and emerging risks. Data exfiltration methods are evolving constantly. It's no longer just about USB drives. Today, we're seeing data move through tools like AirDrop, GitHub, Salesforce, and, of course, generative AI platforms as well. This rise of hybrid work that we started the conversation with and the introduction of so many different collaboration tools has only expanded the avenues for data exfiltration. Again, traditional tools are making you or forcing you, excuse me, to make assumptions about your data and defining these perfect policies upfront. And when we hear organizations talk about their experiences tackling this problem, we find that they're often left with just an unending number of false positives that end up disrupting their employee productivity so much, they're forced to use these tools in a monitor only mode and then take manual action after the fact. With Insider's approach to complete visibility out of the box with no preset policies or at least minimal preset policies, we're tailoring the right response for each type of activity and reducing false positives with minimum disruption to your users. I know it's not you news to you all that both known and unknown risks are rampant, unfortunately, in your organization and that they fall on a spectrum of low to critical severity. We keep coming back to this issue of the known versus unknown with the traditional DLP tools. So I'll just say that Insider takes a two pronged approach that accounts for both the known risks and the unknown risks in your organization. Talking about known risks, let's just say that you're concerned about protecting your source code. With just a few clicks, you can create a rule in Insider to flag any files containing source code being sent to unauthorized destinations. But what about the ones you don't know about? Our prioritization model uses scenario based analysis to identify hidden risks and service them in a way that's transparent and actionable. So think about the fact that we're watching every file movement in in the entire environment. Right? That's where we're applying those scenario that scenario based analysis because we know everything that's happening and we have an understanding of what what places in the organization are sanctioned versus unsanctioned and what a, risky scenario versus a non risky scenario looks like, we can make very educated guesses backed by AI, of course, about what's going on and what should be going on and then surface those alerts appropriately for your action. And when it comes to those actions, we find that kind of the default position for security teams attempting to get a handle on this problem is to block first and ask questions later. That sounds effective on the surface. It actually often creates more problems than it solves. Blocking users too aggressively can lead to frustration, which leads to workarounds, which leads to even more risk. And it can also disrupt legitimate workflows, creating unnecessary friction between security teams and employees and really undermining that approach to security first culture that we're trying to drive. With insider, though, you can respond appropriately to every type of event from minor mistakes to serious threats. And let's look at maybe what a range of those kinds of responses would would be. So with low risk incidents, you can use micro training videos to educate users and correct behavior. All of that on a, again, on an automated basis so that those aren't even hitting your security team. Then for moderate risk incidents, you can document and investigate the activity, and we provide you with a ton of information around all that file movement so you can do some in-depth analysis and make an educated decision about how to handle the situation. And then finally, for high risk incidents, we can take immediate action, such as blocking data transfers or revoking access, and be blocked first, but only in those high risk scenarios where it's appropriate. To dig a little deeper, in that first section, the low risk, incidents there, Insider includes over a hundred insider risk specific micro training videos. So we talked about those micro training videos that we have kind of broadly for every scenario. We have lots of those. And then we have a hundred or so specifically for insider risk that are tied directly into the controls and identification processes of insider so that we're hitting those specifically for you. One of our customers, a little known company called CrowdStrike, saw a thirteen percent drop in personal Google Drive usage and a thirty six percent reduction in low to moderate risk within just three months of using these insider, micro training videos. Again, all hands off by their team. And then for high and critical risks, insider provides real time alerts enabling you to take swift action. For example, departing employee attempts to download sensitive data to an unmonitored device. Insider can flag the activity and allow you to quarantine their endpoint or revoke access to critical applications. Now I got one more question for you, because before I move on to take a look at how Insider integrates with your environment and reports on risks, I wanna get a sense for which of these, exfiltration avenues, I guess you would call them, are you all most, concerned about. Departing employees, taking customer records, malicious extraction of essential proprietary data like source code, unsanctioned use of generative AI, or accidental exposure, for personal device usage. This one could go any direction. I, I have a guess, but I'm not sure where you all are gonna land. Very even distribution so far. I all these are definitely things to be concerned about, so not surprised, that we have a good distribution of it here. I'll give it just a couple more seconds. Yeah. We no clear leader, but a lot of good answers. So appreciate it. I'll end the poll there, share the results, everybody. Winner was accidental exposure due to use of employees' personal accounts and devices. I think that, my guess is gonna be that or generative AI, the hottest topic out there in cybersecurity and everywhere else. That's a big one for sure. I thought I did think it'd be one of those two because those are pretty broadly impactful. Right? Whereas the other ones are maybe a bit more specific depending on your your the area, of business that you operate in. But, yes, this is actually an interesting scenario that I wasn't aware of at all before Insider came to Mimecast was people getting on to, business applications on their personal Mac devices with iCloud iCloud backup enabled. Guess where all of the data that they're accessing is going? To their iCloud account. Yeah. Great. Right? Not so much. But, that is absolutely something we can help with as are all of these, of course. So moving forward here, I promise I'm not gonna spend too much time on, kind of the the technical details of Insider here, but I do wanna give you a quick overview of Insider's architecture so that you can see how it would fit into your environment. Insider is a a SaaS based solution, of course, with really three main components. First are the endpoint agent and browser extension, and these provide visibility into web activity as well as supporting the real time blocking of uploads that we were talking about. Then we have our cloud exfiltration detectors, which monitor corporate cloud, email, and business apps like Salesforce, OneDrive, and Gmail. And then we have all of our third party integrations with over three hundred tools that we can connect to, including SOAR, SIM, PAM, EDR, HR, ticketing systems, just to name a handful. Little more detail on the, endpoint agent because people get a little worried to put things on on devices like that. Very, very lightweight. Of course, supports Mac, Windows, and and Linux. Uses less than one percent CPU. All investigations are conducted in the cloud against an index, so very quick to query data and get results. Not not a lot of lag time there at all. And I do wanna touch on just in slightly more detail the increasingly common use case of preventing the sharing of corporate data with unsanctioned AI tools. It's insider's browser extension that that enables that. It can block both text and file uploads to those platforms, any that you wanna stop, ensuring that sensitive data stays secure and out of those models. Because once it's in there, it's never coming out. And this is particularly important because what we will typically see is people shutting down access to those tools entirely in order to protect sensitive data. And that's really unfortunate because, here at Mimecast, we are heavy users of AI internally, and the positive impact it can have on efficiency is just not to be underestimated. So while, yeah, shutting down access to all of those tools does keep your data secure, it can be a competitive disadvantage if you're not able to take advantage of that that capability. So with Insider, you can get the best of both worlds and continue to use those tools to drive, efficiency as well as ensuring that they're not taking in data that's gonna put your organization at risk. So wrapping up on Insider, just wanna give a quick recap of, what really sets it apart from the other DLP tools that you might be familiar with. Those are having the fastest time to value a deployment in just three to four weeks, comprehensive coverage of endpoint browser and cloud in one solution. We're nondisruptive to users with minimal friction unless you would like us to create friction, which we can absolutely do. We're giving you actional visibility with by surfacing unknown risks without requiring perfect policies, driving behavioral change within the organization by helping users make better decisions with micro training, and then finally, flexible response options that are tailored to actions of every severity level. And bringing this back to the bigger picture, Insider, again, is a key part of Mimecast human risk management platform. As work has evolved, so has Mimecast. Today, your users spend only about twenty per eight percent, excuse me, of their workday and email. The rest of their time is spent in other applications, collaborating, sharing, innovating. And to truly secure your organization, you need to protect those other applications with the same level of scrutiny that you protect email. To close things out, I wanna leave you with this visual. I I do really think it perfectly encapsulates the insight, integration, and innovation that Mimecast human risk management platform delivers. With it, you can turn targeted users into proactive defenders. You can turn accidental users into safe operators, and you can turn malicious insiders into secured insiders for the very limited time that they have left with you. Mimecast empowers organizations to protect the human layer, detect insider risks, simplify compliance, and empower users, all while reducing risk and improving security outcomes. We'd love to have you join the tens of thousands of organizations that trust Mimecast to secure human risk. Whether you need help protecting collaboration, detecting insider risks, or empowering your users, we have a solution for you. I really appreciate the opportunity to get in front of you all today and share some of this with you. I hope you found it helpful and valuable. And, yeah, we'd be happy to answer any questions that have come in over the course of the presentation or that people would like to drop in now. Outstanding, Ben. Thank you so much. Great job. Looks like we do have some time for a few, and I did get a few, sent over. So let me let me tee a couple up to you. So you mentioned, no surprise, people are often the weakest link in cybersecurity. Yeah. So what are some of the common, maybe lesser known mistakes employees make that will lead to security breaches, and how do you address them? Yeah. Absolutely. That's a great question. So I actually, one of the examples that I used earlier, I think, is just, perfect for this because that whole situation with the iCloud backups, like, that was totally unknown to me. It's not intentional at all. Like, nobody is is actively choosing to turn that on and move it over there. It's purely accidental because they're trying to be productive when they're not in the office or when they don't have access to their, normal work device. Same is true operating on a cell phone, for instance. Right? An iPhone. So there are situations like that where there's just no malicious intent behind that at all, but that doesn't mean that there isn't a security risk there. So you don't wanna have to lock people out of their applications unless they're on a work device, or you don't wanna have to roll back your BYOD policy because that's gonna create friction with your users and might impact efficiency or efficacy if they can't work in places other than the office or other than the corporate device that they have. But at the same time, like, it's that fine line that we're always walking between, security and, and user sentiment or the ability to just get the job done. So that is specifically the area where I think a tool like Insider, it just makes a world of difference because it lets you walk that line with a level of comfort that you just don't have otherwise. By being able to see when those things happen and stop them because they are only accidental, then you get, the ability to, you know, hey. Let people know that this is going on, but you don't have to lock them out of using those devices. Outstanding. Let's see. You touched on this a little bit, but let's let's, go back. So with the rise of AI and some of the other new technologies Mhmm. How do you see the cybersecurity landscape evolving? What should organizations be doing to prepare for it now? Yeah. Another really great question. So we this has already started. Right? I think as long as I've been in the cybersecurity industry, everyone's already always joked about, like, the cybersecurity arms race. Right? Attackers start doing something. We learn how to protect it. They start doing something else, and it just escalates and escalates. And we're seeing this happening happening on an accelerated scale with AI because you have, you know, the use of generative AI exploding and it being immediately linked to all sorts of fishing kits and things like that and really just the same way it drives efficiency for us, drives efficiency for attackers as well. And then we start incorporating AI into our protections, and it just takes off. So, like, we I talked a little bit about the natural language processing that we use that is entirely AI backed, social graphing that we do, and we talked about how we're learning about user sending patterns. All of that has been incorporated in Mimecast, for a bit now. We're actually looking at using AI as a way to, rather than kinda sequential, analysis of emails as they come to us, do cross platform analysis with AI being the the central point that's deciding which filters to use and when in order to get a both quicker and more effective analysis of security tools. So we're taking those steps as we see attackers continue to take, the steps that they take. And and this is across the board as well. It's it's, really built into things like, identity also, and deep fakes, and those kinds of things make it very difficult. The time I spent at an identity security company was just when all this was taking off. And that was the biggest concern there was, you know, multifactor authentication, you know, face ID, all of that. Like, can this be taken advantage of? So I think the most important step for organizations is to be actively looking for AI in the solutions that you're implementing because we know attackers are using it. If the protections that you have are not using it, of course, make sure they're using it in, like, a real tangible effective way, and then they don't just stamp AI on it. If we're not using it to defend ourselves, we're gonna be at a disadvantage. So understanding how, AI is being used in the tools that you have and its level of efficacy is extremely important. Outstanding. Well, Ben, thank you so much. We we wanna be respectful of everybody's time, assuming some folks have, meetings coming up at the top of the hour. So we're gonna wrap it up here. You can see on your screen a couple of contacts. You can see mine, Permiter Works. If you need, consultation or discussion, with a new partner, we would be we'd be really glad to have that conversation, whether that's Mimecast or anything else. And then specific to Ben's presentation today, you can see his email there as well. Here in a couple of days, one to two, you guys will all be receiving a replay of the video. So you'll get an email from us with that. And, again, would love to follow-up with you if you have more questions. So, thank you guys all for joining. We really appreciate you making time. Again, if you were one of those first twenty five folks to sign up and participated today all the way through, you'll be hearing from us with a gift card, a token of our appreciation. And, Ben, once again, we really appreciate it. Thank thankful to partner with Mimecast. Thanks for all your help, and, appreciate you making effort today. Yeah. Absolutely. And I, I, of course, wanna be respectful of people's time, but I I did notice there are a couple questions in the q and a as well. I'm happy to answer those if people wanna hang out. I have five. So and I don't mind addressing these directly at all. So Sure. First one was, how do you compare to know before? Is there any kind of gamification or risk scores done through Mimecast? Yes. Absolutely. Hopefully, you saw in the middle of the presentation there that risk scoring is, like, fundamentally what Mimecast is doing now with our human risk management platform and the human risk command center. So happy to explain more about that if you missed it during the presentation. And then, as as for comparing to KnowBe4. So KnowBe4 started as an awareness training platform. They, to be honest, freak, recently acquired, some email security solution, that I wasn't familiar with before they acquired it, but, they do a little bit of those things. They they don't do anything else as far as security goes. So collaboration platforms, data leak prevention, none of those things. Risk scoring to a certain extent, I believe they do, and, of course, the awareness training and all of that. But that said, we don't need you to move off KnowBe4 if you don't want to. We're actually going to have an API integration for KnowBe4 into the human risk command center in the next couple of months. So if you wanna keep KnowBe4 because you like their training, but you'd like that data of around how users interact with KnowBe4 training to be part of their risk score, we can do that for you. Of course, we do have our own training as well, like I talked through during the presentation. So if you like that better, feel free to use that too. And then, the other question here was, what's wrong with using Google Drive? And the answer is nothing at all unless it's not allowed, in which case everything is wrong with it. You, may not want your users taking things to their personal Google Drive, which is I which is the focus here. Like, if you're using Google Drive as your corporate, instance instead of a SharePoint or a OneDrive, by all means, of course, things should be going there. It's really the unsanctioned use of Google Drive for personal use, or we'll see, very common use case of a, person in a customer facing organization taking customer data out of a CRM like Salesforce, moving it to their Google Drive. Or we find that people who, participate in the creation of materials, slide decks, marketing material, code, whatever it might be, they feel like they have some ownership to that even if they sign something when they were hired that says they don't. So they will sometimes drop that stuff in their Google Drive, in their personal Google Drive so that they have access to it outside the corporate environment just in case. Those are the kinds of things we're trying to stop. And, other of course, any sort of sanction used to of Google Drive is totally fine. We just wanna make sure that you know all of the usage of Google Drive that's going on. And if some of it is going on that you don't like, you have ways to identify and stop that. So, hopefully, that answered those questions. Those were the only two I saw on there, but didn't want anybody to feel like we were ignoring them. Oh, great job, Ben. Well, we appreciate it, and thanks again for your time. Appreciate everybody, attendance. Have a great rest of your day, and let us know if we can help you. Thank you very much. Thanks, everyone.