What is the humans-agents-data triangle that Mimecast is focusing on?

It's the convergence of human behavior, AI agents (both LLMs and autonomous agents), and data as the most critical and vulnerable layer in cybersecurity. After securing networks, endpoints, and applications, this represents the unsecured top of the stack where most breaches now originate.

How is AI changing the attack surface for enterprises?

AI is expanding the attack surface in three ways: making attackers more capable, enabling employees to create vulnerable applications outside IT oversight, and creating data risks as employees move sensitive information into unsanctioned AI systems or unsanctioned data into sanctioned AI.

Securing Humans, AI Agents & Data in the Agentic Age

Name: Securing Humans, AI Agents & Data in the Agentic Age
Uploaded: 2026-04-28T17:54:01-04:00
Duration: 5 min 42 s
Description: TL;DR Cybersecurity is shifting focus to the humans-agents-data triangle as the unsecured top layer of the stack, with AI making mediocre attackers expert-level while creating new risks through autonomous agents and LLMs. Mimecast evolved from email se...

Mimecast

04/28/2026

0 (0%)

Report Like Favorite

TL;DR

Cybersecurity is shifting focus to the "humans-agents-data triangle" as the unsecured top layer of the stack, with AI making mediocre attackers expert-level while creating new risks through autonomous agents and LLMs.
Mimecast evolved from email security to human risk management after recognizing that 80% of breaches originate from email attacks that succeed due to human behavior, not just technical vulnerabilities.
The biggest emerging attack surface is data exfiltration to unsanctioned AI, as employees create applications outside IT directories and move sensitive data into unauthorized systems, creating unprecedented sprawl and vulnerability.

Summary

In this NYSE Floor Talk interview from RSAC 2026, Mimecast CEO Marc van Zadelhoff outlines a fundamental shift in cybersecurity focus toward what he calls the "humans-agents-data triangle." After two decades of securing networks, endpoints, and applications, the industry is now confronting the unsecured top layer of the stack: human behavior and AI agents. Van Zadelhoff explains how AI is simultaneously empowering attackers—turning mediocre threats into expert-level adversaries—while creating productivity gains for defenders and introducing entirely new risk vectors through autonomous agents and LLMs. He describes Mimecast's evolution from email security to a comprehensive human risk management platform, emphasizing that 80% of breaches originate from email attacks that succeed due to human behavior. The company's approach combines visibility through user risk scoring, empowerment through awareness training, and control mechanisms that block risky behaviors across email, SaaS applications, browsers, and endpoints. Van Zadelhoff highlights data exfiltration to unsanctioned AI as the most critical emerging attack surface, noting that employees creating applications and moving data into unauthorized systems represent unprecedented sprawl and vulnerability in the agentic age.

Chapters

0:00 - Introduction and Market Landscape
0:29 - Rising Up the Security Stack
0:56 - AI's Impact on Attackers and Defenders
1:37 - The Humans-Agents-Data Triangle
2:27 - Expanding Attack Surface in Agentic Age
3:08 - Evolution to Human Risk Platform
4:20 - Managing Cyber Risk: Visibility, Empowerment, Control

Key Quotes

0:00 "Yeah, I think it all comes down to humans and agents on data. That's kind of the triangle that I'm seeing in the marketplace right now."
1:02 "I mean, listen, I think it's a better attacker, right? So a mediocre attacker becomes expert attacker."
2:06 "They have IDs, they have behavior, they are usually tethered to humans as much as we love talking about autonomous agents. Most of them, I say, are like dogs on a leash and the leash is still the human and they're prompting and telling them what to do."
3:21 "I think 80% of all breaches are caused by, are initiated by an email attack."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/12/2026

11:30 PM

05/12/2026

Implementing Effective Strategies for Active Directory Security and Data Protection

https://www.truthinit.com/index.php/channel/1888/implementing-effective-strategies-for-active-directory-security-and-data-protection/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Reveal Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-reveal-hidden-threats-and-ai-risks-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Deployment Phases

https://www.truthinit.com/index.php/channel/1936/establishing-a-robust-ai-governance-framework-for-genai-throughout-deployment-phases/
05/20/2026

08:00 AM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1937/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

10:00 PM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1953/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/27/2026

10:00 AM

05/27/2026

Harnessing AI: Transitioning from Illusion to Purposeful Mastery

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transitioning-from-illusion-to-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

Harnessing AI for Smaller Teams: Strategies for Secure Implementation

https://www.truthinit.com/index.php/channel/1951/harnessing-ai-for-smaller-teams-strategies-for-secure-implementation/
06/02/2026

01:00 PM

06/02/2026

Spring of Satori: Delving into Recent Findings and the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-delving-into-recent-findings-and-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/
06/16/2026

07:00 AM

06/16/2026

Transforming Data Risk into Actionable Priorities: Essential Fixes First

https://www.truthinit.com/index.php/channel/1952/transforming-data-risk-into-actionable-priorities-essential-fixes-first/