Security Awareness Training Has Evolved Into Human Risk Management
In March, Forrester's Human Risk Management Solution Landscape report recognized Mimecast, and now, Mimecast is listed on The Forrester Wave™: Human Risk Management Solutions, Q3 2024 as a Strong Performer
Key Points
- Forrester research from March confirmed the importance of the evolution of security awareness training into the human risk management (HRM) market.
- Mimecast was recently listed on The Forrester Wave™: Human Risk Management Solutions, Q3 2024 as a Strong Performer.
- Now is the time for security professionals to evolve their security awareness training to include HRM.
- Organizations should take advantage of the introduction of HRM to reintroduce and reinvigorate awareness training.
The Evolution of Security Awareness and Training
Forrester previously referred to the HRM market as security awareness and training, but stated in February that it believes HRM is the next evolution. This is in line with much of the cybersecurity industry, especially today.
HRM better represents what security leaders really desire, which is the ability to measure risky behavior and real risk reduction, as well as the ability to adapt training, policies, and technology to an employee’s risk profile. Earlier in the year, there were strong indicators that the security awareness training market was in a time of major transition. Today, security awareness training teams should be focused on HRM as it will no doubt continue to gain momentum with security leaders.
As such, security buyers should already be educating themselves in this new evolution. HRM may be a new name, but security professionals should use this development to further highlight the need for security awareness and HRM throughout their entire organization.
Security leaders should take advantage of the evolution of security awareness training into HRM in order to:
- Assess potential HRM investments and evolve security awareness programs.
- Re-ignite interest in security awareness training programs.
- Introduce HRM to all areas of their organization.
- Align awareness training’s capabilities to core HRM use cases.
HRM and Awareness Training Should Work Together
As security professionals evolve their security awareness training strategy to consider all aspects of human risk, it is important for them to understand that awareness training and HRM are not in opposition to each other, but instead, are better together.
HRM provides an understanding about what employees do in relation to security. It allows security teams to learn about the good and bad security decisions employees regularly make, gives them a clear vision of which users are repeat offenders, and provides insight into how frequently users are being targeted. With this understanding, security leaders can gain a picture of the distribution of risky employees across their organization.
This visibility allows for a much more precise application of security interventions like training, feedback, and nudges to the workforce allowing for the right training to be delivered to the right person at the right time.
Mimecast’s HRM platform offers security practitioners the ability to take their security awareness programs to the next level.
The Mimecast Human Risk Management Platform
In response to customer and market demand for a more effective means of mitigating risk brought on by employee mistakes and user errors, Mimecast has charted a new path forward by developing a connected HRM platform. The platform will provide unprecedented visibility into an organization’s risk profile, scoring users by risk and allowing security teams to educate and protect the riskiest part of their employee base.
The Mimecast HRM Platform has been designed by having human beings at the center of everything we do, aligning key protection and data controls to offer the most comprehensive approach to human risk management. With the Mimecast HRM Platform, organizations get a single solution that brings multiple products together to help protect collaboration, educate employees, and detect insider risk. This is the connected human risk management platform organizations need today.
Mimecast Listed as a Strong Performer for HRM
Mimecast has been listed on The Forrester Wave™: Human Risk Management Solutions, Q3 2024 as a Strong Performer, which it believes demonstrates undeniable momentum for Mimecast Engage and the Mimecast Human Risk Management Platform.
Mimecast’s rating as a Strong Performer is partially based on Forrester’s review of the acquisition of Elevate Security (and their accompanying human risk analysis and intervention capabilities) by Mimecast. The report cites Mimecast’s plans to introduce the human risk dashboard to its 45,000 customers and plans for extensive third-party integration across the security ecosystem. Forrester also notes Mimecast’s calculation of human risk as the composition of actions (behavior), attacks, and access (identity). The Forrester report recommends that organizations that have a “strong behavioral change drive” and a desire to “move beyond SA&T” should consider Mimecast.
The Bottom Line
Those wanting to learn more should download the full Forrester report.
**This blog was originally published on March 27, 2024.
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!