Mimecast models human behavior to provide AI-powered protection

While emails might appear convincing and safe, Mimecast is able to identify nuanced factors that can indicate a cybersecurity challenge. To do this, it learns the characteristics of how different people communicate by training AI models on decades of email traffic data together with a multitude of different inferencing factors. Laumann explains that this builds a detailed picture of human behavior, “We know how you normally write emails, when you write them, and the tone and language you use”.

Because threat actors can create convincing and tailored communications, Mimecast can uncover insights that aren’t perceptible to the human eye. “We can detect patterns that people might not understand because it’s so complex and there are thousands of input factors—but the AI model actually understands it well,” says Laumann. As well as identifying when messages deviate from the norm, Mimecast can grasp whether they have been AI-generated with 99 percent accuracy. It then assesses these to only allow the legitimate and trusted communications to reach users.

It takes just 200 milliseconds (that’s a fifth of a second) for Mimecast to analyze an email—a pace that can’t be matched by humans. Such speed is made possible by hundreds of deep learning models operating simultaneously in Amazon SageMaker. That capability also helps Mimecast host and develop a vast range of different AI models needed to handle approximately two billion emails daily—all while maintaining a stable service for customers around the world. “Everything we do happens on top of Amazon SageMaker and it’s a massive accelerator for our development,” says Laumann.

Taking advantage of Amazon Web Services (AWS) services across the AI stack, Laumann shares that Mimecast can achieve low latency across its vast global customer base “without burning a hole in [its] pocket”. For instance, using purpose-built AWS Inferentia chips provides high performance while saving the business approximately 40 percent in costs. It also has the freedom to focus on innovation without having to take care of underlying infrastructure. “AWS provides many of our protection layers; it gives us peace of mind in terms of reliability, scale, and speed,” says Laumann.

By co-building with AWS and utilizing its services from day one, Mimecast has been able to simplify and streamline the development of its sophisticated solutions. “A lot of the headaches are just taken care of by design,” says Laumann. “AWS gives us massive leverage in developing new solutions very quickly and operating at scale without having a large infrastructure team supporting it,” he adds. What's more, the business gained expert advice on design best practices for their product and how to run their models efficiently. With the tools and support to easily scale, Mimecast can confidently meet the needs of over 26 million end users.

As well as ramping up the pace of product development, Mimecast has been able to significantly accelerate its time to market. It also benefited from strategic go-to-market support through AWS Marketplace, helping to expand its customer reach and scale growth opportunities. “The new service we spun up for social engineering attacks was launched within one year, which normally would have taken 2 to 3 years,” explains Laumann. And Mimecast customers are already seeing the benefits, with this product alone preventing approximately USD $2.5 million worth of fraudulent transfers being sent by businesses every month.

Recognizing that the cybersecurity landscape moves fast, Mimecast is exploring how it can help to protect customers across a breadth of different communications and potential entry points—from public Wi-Fi to deep fake calls. Laumann sees its collaboration with AWS as key to tackling emerging challenges: “AWS really wants to understand the problem and how to solve it with you. They go above and beyond to support us.”

With the ability to quickly access, develop, and deploy new models, Laumann is excited to test the limits of AI to neutralize human risk: “We see new models emerging almost every month. We’re really fortunate that these are readily available on Amazon Bedrock where we can stress-test LLMs to look at how they can protect our customers against fraud.” Looking ahead, he sees a time where AI-enabled solutions become so advanced at detecting signals that people are blissfully unaware of the security protecting them in the background.