Human error in cybersecurity continues to be one of the most significant factors behind data breaches. Mimecast, a global leader in cybersecurity, is addressing this ongoing challenge with the launch of its Human Risk Command Center, a tool designed to provide organisations with real-time visibility into employee behaviour and the risks associated with human error. This innovative approach helps businesses detect and mitigate threats before they evolve into major security incidents.
It sounds slightly Orwellian. But the company insists the intent is less about surveillance and more about support.
“We’re not watching employees to punish them,” said Marc van Zadelhoff, Mimecast’s CEO. “We’re trying to give security teams better visibility — so they can intervene before a mistake becomes a breach.”
The Command Center is the latest addition to Mimecast’s Human Risk Management (HRM) platform, and it reflects a growing trend in cybersecurity: moving from technical defences to behavioural ones.
A new layer of cyber intelligence
In practice, the new system assigns each employee a risk score, based on how they interact with company systems, emails, and even messaging platforms like Slack. If someone clicks on a phishing link or regularly bypasses security warnings, that score goes up.
Security teams can then use that data to tailor interventions — including real-time nudges, personalised alerts, and in some cases, direct communication through internal tools — before those risky behaviours escalate into breaches.
It’s part of a broader push to turn employees from liabilities into assets. The platform’s adaptive training module, Mimecast Engage, aims to make cybersecurity part of a company’s daily rhythm rather than a once-a-year compliance exercise.
The tools are also built to plug into a much wider network. Mimecast says it now processes more than 1.3 billion API calls per month and integrates with over 300 third-party apps — part of what it calls its Technology Alliance Programme.
Human mistakes, big costs
The stakes are high. According to IBM’s 2024 Cost of a Data Breach Report, human error accounted for 24% of data breach root causes, down from 33% in 2023. In South Africa, phishing remains the most common attack method, and incidents involving compromised employee credentials are steadily rising.
“It’s often not malicious behaviour,” said Van Zadelhoff. “It’s just distraction, or lack of awareness — and attackers are getting better at exploiting that.”
The Human Risk Command Center will also help organisations monitor data-sharing in collaboration tools, a growing blind spot as remote and hybrid work become permanent features of corporate life. A future update will integrate with platforms like Microsoft Teams and Slack to detect potential data leaks or compliance issues in real time.
As more businesses lean into AI-driven tools to anticipate and respond to threats, experts caution that privacy can’t be an afterthought. A recent feature by Reframed, “Building a privacy-first organisation in the age of AI,” explores the growing tension between automation and accountability — particularly when employee behaviour is being analysed, scored, and acted upon in real time.
More than a buzzword?
At the upcoming RSA Conference in San Francisco, Mimecast will demo the Command Center and host a session on AI-generated email threats — a topic growing in urgency as generative AI tools make phishing campaigns faster and harder to detect.
The company has also been collecting accolades. It was recently named a “Leader” in Gartner’s 2025 Magic Quadrant for Digital Communications Governance and received a “Strong Performer” ranking in the Forrester Wave for Human Risk Management Solutions.
Yet despite the accolades, some analysts urge caution. While behavioural scoring may help prevent breaches, it also raises privacy questions, particularly in jurisdictions with strict data protection laws.
“Employers need to tread carefully when it comes to monitoring employee behaviour,” said an independent cybersecurity consultant who asked not to be named. “Transparency, consent, and purpose limitation will be critical.”
Mimecast’s response? It believes the alternative — inaction — is riskier.
“In cybersecurity,” said Van Zadelhoff, “the enemy isn’t always some faceless hacker. Sometimes, it’s an employee having a bad day.”