Mimecast Introduces Runtime Data Security for Visibility and Control of Growing AI Risk

LEXINGTON, Mass., March 24, 2026 (GLOBE NEWSWIRE) -- Mimecast, the global cybersecurity leader in securing human and AI risk, today announced a major expansion of its Incydr™ offering with data security capabilities for the AI era and also previewed the new Agent Risk Center at RSAC 2026 Conference. These new capabilities help deliver runtime data security — a unified approach to detect, govern, and remediate data exposure, in real-time, whether the action comes from an employee or an agent acting on their behalf.

Eighty percent of Fortune 500 companies now run active AI agents, yet only 14% have full security approval for them¹. Enterprise data loss is no longer just a people problem — AI agents have introduced an entirely new attack surface. Agents are accessing and sharing sensitive data through pathways which traditional security tools were never designed to monitor — MCP-connected workflows, commercial agents, user-built automations, and shadow AI tools.

"Intent-based detection treats all agents equally. We don't, because the human behind the agent is the signal that changes everything," said Rob Juncker, Chief Product Officer, Mimecast. "Who deployed the agent? What do we already know about them? How is data moving across email, collaboration tools, browsers, SaaS apps, endpoints, and AI-driven workflows — and what intervention is required right now? That's a runtime data security problem, not a model problem."

Adaptive Data Security for the Human and AI Agent Era

Mimecast’s Incydr technology has long helped organizations prevent insider-driven data loss through out-of-the-box visibility, intelligent detection via its PRISM risk engine (250+ risk indicators), and adaptive response ranging from in-context education to real-time blocking. The new capabilities extend Incydr technology from insider-led data security into broader runtime data security for both human and AI-driven risk.

This expansion takes a new approach, combining Incydr endpoint and browser intelligence with Mimecast's email and collaboration security, delivering complete ingress-to-egress data visibility — covering the full path of enterprise data movement across endpoints, browsers, SaaS applications, AI tools, MCP connections, and email.

New and expanded capabilities are engineered to include:

• Unified Human and Agent Visibility - A single view into data loss risk across employees and autonomous agents, spanning endpoints, cloud and SaaS applications, email, browser activity, commercial AI tools, MCP server connections, and user-developed agents.
• Shadow AI and Unsanctioned Agent Detection - Purpose-built detection for unsanctioned AI usage, out-of-policy commercial agents, unauthorized MCP connections to production databases and critical SaaS platforms, and user-built agents operating on unapproved LLM providers or accessing production environments without security review.
• Adaptive Risk Scoring for People and AI Agents - The Incydr risk engine now continuously scores both human users and AI agents based on behavioral anomalies, policy violations, high-risk data access, unsanctioned application usage, agent compliance posture, and exposure to critical systems and data sources (e.g., Snowflake, Stripe, PostgreSQL, AWS, Salesforce, GitHub).
• Granular Data-to-Agent Access Mapping - A clear view of which agents and tools access which categories of sensitive data — including customer PII, source code, financial records, internal communications, HR data, and infrastructure configurations — enabling security teams to understand and control the agent-to-data blast radius.
• Policy-Driven Governance - A comprehensive governance framework for classifying and enforcing policy across all AI tools, commercial agents, MCP servers, and user-developed agents — with sanctioned, unsanctioned, and uncategorized classifications, department-level enforcement, and AI acceptable use policy management.
  

Introducing the Mimecast Agent Risk Center

Today, a single data loss investigation might involve an employee sharing a file through an unsanctioned tool — such as DeepSeek, OpenClaw, Ollama, ChatGPT — a commercial AI agent, summarizing confidential records, and a user-built agent pulling from a production database it was never meant to access. These events show up in different systems, follow different detection logic, and require different response playbooks — if they show up at all.

The Mimecast Agent Risk Center is designed to consolidate that fragmented picture into one experience. Critically, the Agent Risk Center is built to connect every finding directly to action. Built-in agentic workflows automate the response chain — notifying users, escalating to managers, enforcing controls, and generating compliance reports — so teams act at machine speed, not human speed.

As engineered, the capabilities will include:

• Anomaly Detection Engine for Risky Agent Behavior - Can automatically surface high-risk patterns - unsanctioned tools with production database access, finance users connected to payment MCP servers, user-developed agents using non-sanctioned LLM providers, and executives with overly broad MCP configurations.
• Governance Scorecards - A continuous assessment of organizational posture across four dimensions: policy coverage, review currency, human-in-the-loop enforcement, and LLM compliance - giving CISOs a clear measure of their agentic governance maturity.
• Department-Level Risk Heatmaps - Visual analytics showing risk distribution, department-level exposure, risk factor breakdowns, and trend patterns - enabling targeted intervention rather than blanket policy.
• Integrated Remediation Workflows - Every risk finding connects directly to action – block access, notify users, escalate to managers, create tickets, classify uncategorized tools, schedule agent reviews, and generate compliance reports - all without leaving the unified interface.

Mimecast is previewing the Agent Risk Center at RSAC 2026, with Early Access expected in September 2026. Join Chief Product Officer, Rob Juncker, for a presentation and live demo — Mimecast booth N-5245 — at 10:30 AM on Tuesday, March 24th and Thursday, March 26th.

Organizations interested in early access are encouraged to contact their Mimecast representative to learn more.

For more information on Agentic AI risk, please visit our blog: ‘Agentic AI security: five things your strategy is probably missing.’

About Mimecast
Mimecast is a global cybersecurity and data governance leader redefining how organizations secure human and AI risk. Its AI-powered, API-enabled connected human risk platform is purpose-built to protect organizations from the spectrum of cyber threats. Integrating cutting-edge technology with human-centric pathways, our platform provides enhanced visibility and strategic insight.

By enabling decisive action and empowering businesses to protect their collaborative environments, our technology safeguards critical data and actively engages employees in reducing risk and enhancing productivity. More than 42,000 businesses worldwide trust Mimecast to help them keep ahead of the ever-evolving threat landscape.

From insider risk to external threats, customers get more with Mimecast. More visibility. More agility. More control. More security.

Mimecast, Incydr and the Mimecast logo are either registered trademarks or trademarks of Mimecast Services Limited in the United States and/or other countries. All other third-party trademarks and logos contained in this press release are the property of their respective owners.

¹ Gravitee State of AI Agent Security 2026 Report

Press Contacts
Tim Hamilton
Director, Public Relations Management
+1 603-918-6757
thamilton@mimecast.com

General inquiries
press@mimecast.com