OutThink

High-Level Overview

OutThink is an AI-native cybersecurity platform specializing in human risk management, designed to prevent human-initiated security incidents by addressing the root cause of 90% of data breaches: human behavior.[1][3] It offers adaptive security awareness training, AI-powered phishing simulations, human risk intelligence tools, and conditional access automation, serving organizations worldwide to build resilient security cultures and support data-backed decisions.[1][2][3] With headquarters in London, UK, and around 30 employees, OutThink has demonstrated growth through a $10M seed funding round in 2022 led by AlbionVC, enabling international expansion.[2]

The platform targets CISOs and security teams in enterprises, disrupting traditional awareness training with high-engagement, behaviorally informed solutions that integrate user identity, attitudes, threat intelligence, and security behaviors for personalized risk reduction.[1][3]

Origin Story

OutThink was founded in 2015 by Flavius Plesu, a former CISO in banking and financial services with expertise in global cybersecurity transformations, emerging from research at the Information Security Group (ISG) at Royal Holloway, University of London.[1][4] Plesu established the company to directly confront the human element in cybersecurity, leveraging insights from behavioral science, psychology, and data analytics.[2][4]

Key leadership includes Prof. Angela Sasse as Chief Scientific Advisor, a pioneer in human-centered security from Ruhr University Bochum and UCL; Martin Moran as Chairman with 25+ years in SaaS including early Salesforce EMEA; and Matt Slater as CTO specializing in scalable cloud architecture.[4] Early traction came from adoption by major firms via channel partners, culminating in rapid client growth and the 2022 $10M seed round from investors like AlbionVC, TriplePoint Capital, and Forward Partners.[2]

Core Differentiators

OutThink stands out in the crowded security awareness market through its AI-native, human risk management approach, combining adaptive training, phishing defense, and automated security controls.[1][3]

• AI-Powered Adaptivity: Delivers personalized training and real-time phishing simulations based on user behavior, attitudes, and threat intelligence, moving beyond generic modules to build "human firewalls."[1][3]
• Human Risk Intelligence: Provides 360-degree vulnerability insights for CISOs, enabling data-driven decisions and compliance, with highest Gartner Peer Insights ratings for three years.[3][4]
• Conditional Access Automation: Dynamically adjusts permissions based on individual risk profiles, reducing team workload while preventing incidents.[3]
• Engagement-First Design: Role-specific, interactive experiences boost retention and resilience, backed by 100+ years of collective expertise in cybersecurity and behavioral science.[3][4]
• Proven Track Record: Trusted by global enterprises, with partnerships like Zivver and recognition for innovation over competitors like KnowBe4 and CybSafe.[1]

Role in the Broader Tech Landscape

OutThink rides the human-centric cybersecurity trend, capitalizing on rising awareness that people cause most breaches amid sophisticated AI-driven attacks and remote work complexities.[1][2][3] Its timing aligns with regulatory demands for compliance (e.g., Cyber Essentials) and stretched security teams seeking automation, positioning it favorably in a market projected for growth as enterprises prioritize behavioral risk over tech-only defenses.[2][3]

By influencing the ecosystem through behavioral change tools and integrations, OutThink empowers organizations to foster security-aware cultures, reducing reliance on perimeter defenses and amplifying the impact of tools like secure email platforms.[1][3] This shifts the industry from reactive training to proactive, measurable risk management.

Quick Take & Future Outlook

OutThink is poised to scale as AI-enhanced human risk platforms become standard, with expansions in adaptive security and global partnerships driving adoption among enterprises facing evolving threats.[2][3] Trends like real-time threat intel integration and zero-trust models will shape its trajectory, potentially elevating its influence through acquisitions or deeper ecosystem embeds.

As human behavior remains the weakest link, OutThink's data-backed, engaging approach positions it to lead in transforming users into vigilant defenders, sustaining momentum from its seed-funded growth.