Brian Jackson - stock.adobe.com

Mimecast to buy insider threat specialist Code42

Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms

Human-centred risk management experts Mimecast and Code42 are to come together as a single business in an acquisition that builds on a previously established tech partnership, with Mimecast set to add Code42’s product suite into its platform to enhance its insider threat detection and response capabilities.

Mimecast, which bills itself as a provider of “AI-powered, API-enabled connected human risk management platforms” but is, at heart, an email security specialist, said the deal would mark a “critical step” in its strategy to change how businesses manage and mitigate human-centred risk – enabling users to benefit from comprehensive visibility and strategic insight across their attack surfaces.

“Mimecast’s platform stands out in our crowded industry by focusing specifically on the critical moment of risk – a person opening their laptop,” said Mimecast CEO Marc van Zadelhoff.

“Unlike fragmented point solutions, Mimecast provides a connected approach that is engineered to offer complete visibility and strategic insight across customers’ ecosystems, enabling intervention that helps them prevent costly incidents caused by insider risk and data exfiltration,” he added. “Integrating leading solutions like Code42 broadens and deepens our proven security and human risk management capabilities.” 

Code42’s stock in trade is cloud-native insider threat and data leak protection, which it says enables its customers to “seamlessly protect critical data from exposure, loss, leak and theft, while accelerating incident response times”.

“Employee collaboration is at the heart of successful organisations today,” said Code42 president and CEO Joe Payne. “Protecting organisations from data exfiltration requires enhanced visibility into risky user activities across email, collaboration platforms, web, cloud, and more.

“By joining forces with Mimecast, we can help customers quickly detect and respond to threats across their expansive digital environments,” he said.

Code42 customers

As a jumping-off point, Mimecast plans to continue to maintain and support the existing Code42 customer base, and will be making Code42’s Incydr data loss prevention product line available to its customers immediately, with more capabilities to be integrated into its platform in the coming months.

By joining forces with Mimecast, we can help customers quickly detect and respond to threats across their expansive digital environments
Joe Payne, Code42

It hopes this will reinforce its strategy of solving for human risk management through an all-encompassing platform, and its own Engage human risk awareness and training offering, brought in through the earlier purchase of Elevate Security.

Founded just after the turn of the century, Minnesota-based Code42 has built up a strong customer base, with many of its customers, including CrowdStrike, Okta and Ping Identity, cyber firms themselves. Other prominent tech sector customers include Lyft, Rakuten, Sumo Logic and Snowflake.

Its data protection suite is configured for UK and EU General Data Protection Regulation (GDPR), as well as other compliance frameworks such as PCI and HIPAA in the US.

Financial terms of the deal were not disclosed.

Read more about insider threat management

  • Although insider threat breach rates were on the decline in past years, Verizon has recently observed a resurgence in the healthcare sector.
  • Stopping malicious insider threats is just as important as preventing external ones. Uncover what to look for and strategies to prevent insider threats before they cause damage.
  • A thorough insider threat programme includes plan preparation, threat assessment, and plan review and renewal. Learn how to implement this three-step model to protect your company.

Read more on Security policy and user awareness