Human risk is a critical layer of any security strategy. Human risk management addresses how employee behaviorfrom accidental sharing to shadow AI usecreates organizational exposure. Discover how Mimecast, on AWS, helps identify risky behavior, protect critical data and account access, and support compliance. Real-world insights. Behavioural analytics. Adaptive controls. Measurable ROI.
What this session is about
Playbook
Editorial commentary · what to actually do about this on Monday
The concept
Human behaviour as a security layer. Behavioural analytics + adaptive controls covering accidental sharing, account compromise, and shadow AI use.
Why it matters
Most breaches start with human action. Detecting risky behaviour proactively reduces incidents.
The hard parts
Behavioural analytics tread close to surveillance. Cultural acceptance matters as much as technical capability.
Playbook moves
(1) Be transparent internally about what's monitored. (2) Tie controls to outcomes (block phishing) rather than surveillance (track who clicks). (3) Use behavioural data to drive training, not punishment.
The surprise
"Shadow AI use" — employees feeding company data into public LLMs — is the new shadow IT. It's already everywhere; your DLP probably can't see most of it. Plan for it as a category, not a one-off incident.
---
Independent editorial perspective — not an official AWS or speaker statement. Designed for executives evaluating what to brief their teams on next.
Live updates related to this session LIVE
Sourced via Parallel AI Monitor — continuous web watch on 21 topical streams. Updated .
- trussed.ai high confidence Agent governance & policy gating
The Control Plane for Production AI - Agentic Governance
TRM Labs implemented and shipped a credential broker pattern for AI agent security. By utilizing a broker (integrating with Infisical's Agent Vault and HashiCorp Vault), the system ensures AI agents never hold real API credentials, instead using placeholders that are replaced by
- hungyichen.com high confidence AI agent regulation & policy
AI Governance and Regulation 2026: A Complete Guide to Global ...
President Donald J. Trump issued National Security Presidential Memorandum/NSPM-11 on June 5, 2026, to accelerate the use of AI in the national security enterprise. Key requirements include: (1) the Secretary of War must update DOD Directive 3000.09 on Autonomy in Weapon Systems
- helpnetsecurity.com high confidence Agent identity & delegation
How to use NIST and ISO frameworks to govern AI agents - Help Net Security
Help Net Security published an article (authored by Token Security CTO Ido Shlomo) recommending application of NIST AI RMF and ISO/IEC controls to govern AI agents — treating agents as first-class identities with owners, lifecycle controls, observability, short-lived credentials,
- token.security high confidence Agent identity & delegation
The Rise Of AI Agents Is Breaking Access Governance
WorkOS has released an analysis concerning the relationship between AI agent token costs and the critical need for identity attribution.
- securityledger.com high confidence Agent governance & policy gating
AppViewX Launches Agent Identity Security to Govern Agents ...
Gravitee.io announced capabilities for its AI Gateway and Agentic Access Management to secure MCP servers in production. The solution uses MCP-aware proxies to inspect MCP methods, enforce tool-level access controls, and provide centralized governance over the agent ecosystem.
External links matched to this session via topic relevance. The KB does not endorse third-party content; verify before citing.