Cyera raised $100 million for data security for AI-driven enterprises

6 min read
Cyera raised $100 million for data security for AI-driven enterprises

Head over to our on-demand library to view sessions from VB Transform 2023. Register Here

Cyera, a data security company, announced that it has secured a $100 million series B investment led by Accel, with participation from existing investors Sequoia and CyberstartsRedpoint Ventures also joined as an investor. 

With this latest funding round, Cyera has raised a total of $160 million since emerging from stealth in March 2022. The company claims that its revenue has grown 800% over the past year as security teams prioritize data security across hybrid cloud environments, particularly among S&P 500 enterprises.

“Securing $100 million in the current economic climate, where there have been many reports and analyses highlighting the dearth of funding, down-rounds and early exits, validates our vision and relentless execution to redefine data security for the enterprise,” Yotam Segev, co-founder and CEO of Cyera, told VentureBeat.

Segev said he noted a trend over the past year where legacy companies have attempted to adopt data security and posture management (DSPM) capabilities, despite facing significant limitations due to outdated architectures. In contrast, Cyera made strategic investments to expand its AI-powered data security platform, focusing on enterprise-level data discovery, classification and security.


VB Transform 2023 On-Demand

Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.


Register Now

“That’s how we raised over $160 million to date,” he said. “The fundamental difference with Cyera is a focus on truly knowing what data represents. Our platform was purpose-built to leverage cloud-scale AI and machine learning to dynamically discover, classify and understand an enterprise’s unique data.”

According to Segev, Cyera’s security platform sets itself apart by going beyond analyzing data through plain pattern recognition or threat signature detection. Instead, it actively and consistently identifies and draws inferences from the customer’s data environment.

He said this approach enables customers to gain a comprehensive understanding of their data, including its nature, significance and the underlying value it represents.

Segev emphasized that this capability enhances security, streamlines compliance efforts and empowers organizations to embrace a data-driven approach. By leveraging their data effectively, businesses can expedite their operational processes and foster innovation.

Furthermore, the platform automates remediation workflows to minimize the attack surface and ensure operational resilience at the speed and scale of the cloud.

“Our process is fully automated, continuous, and can be scripted like any other modern development (continuous integration / continuous deployment) process operates. Legacy providers require manual efforts, and newer cloud infrastructure and SaaS application vendors are all narrowly focused and create more silos in the enterprise,” Segev told VentureBeat. “Cyera is designed and architected to discover, classify, evaluate and secure all of an enterprise’s data, everywhere.”

Leveraging LLMs to aid enterprise data security 

Cyera’s platform uses large language models (LLMs) to automatically discover, classify and secure sensitive data from various sources. A unified policy engine actively detects misconfigurations, suggests specific access controls and generates new security policies to ensure compliance and govern access to sensitive data.

“The Azure OpenAI integration builds on Cyera’s use of machine learning and large language models. Our LLMs can automatically differentiate between roles (like customers and employees), understand the data’s origin and purpose, and learn when data can be used to identify an individual,” added Segev. “The platform then applies the correct security, privacy and compliance policies to uncover and remediate exposures to structured and unstructured data wherever it is being managed.”

Segev said that the integration of OpenAI’s LLMs will allow security practitioners to use natural language to align data stores, data classes, and issues with the specific technical or business problem they aim to address.

For instance, by employing semantic search, one can instantly identify the issues that increase an organization’s risk of a breach, such as accessibility of protected healthcare information (PHI) by unauthorized users.

Cyera stated that its unified policy engine can also detect misconfigurations, provide tailored access control recommendations and generate new policies to govern data access.

“Cyera can answer fundamental questions around what data an enterprise has, where it is, who can access and is using it, what exposes it to security, privacy and compliance risk, and how to remediate those risks, all from a single platform,” explained Segev. “That is unique because it provides a foundational and centralized location for every function in an enterprise to understand [whether] appropriate controls around storage, management and use are being applied.”

Prioritizing data in the cloud

With the newly acquired funding, the company aims to accelerate the development of its cloud-native platform. Cyera said this initiative will empower security teams to handle data security incidents effectively, manage policies and controls, and streamline workflows across their entire data landscape.

“Beyond the deep knowledge of data, and cloud-native architecture, we are also focusing on static posture improvements (what DSPM represents), real-time detection and response to changes (Data Detection and Response, or DDR), achieving least privileged access to data and recognizing misuse and anomalies in access (a.k.a. Data Access Governance or DAG), and data privacy,” said Segev. 

Segev asserts that adopting this approach allows enterprises to prioritize data in their security strategy, streamline compliance audits and information requests (such as the right to be forgotten or records of processing activity), and ultimately embrace a data-driven approach to address daily challenges and seize growth opportunities.

“When implementing Cyera, we immediately got a full picture of our cloud data landscape,” said Erik Bataller, VP of security at ACV Auctions, in a written statement. “The platform showed us that we had a lot of ghost data that was not being accessed or used. Eliminating it will save us over $50,000 per year in cloud storage costs.”

To secure the use of generative AI, the company has introduced SafeType, a browser extension designed to anonymize sensitive data entered into ChatGPT. SafeType proactively detects sensitive information and prevents it from being transmitted to the gen AI platform.

When a user inputs sensitive data into ChatGPT, SafeType promptly recognizes it and educates the user on why sharing such information is discouraged. It also offers options to anonymize the data or delete it from the session. The SafeType extension is available for the Google Chrome and Microsoft Edge browsers and on Cyera’s website.

“The software uses the permissive Apache 2.0 license, making it easy for developers to contribute to the project or use the code in their applications,” Segev told VentureBeat. “It is released under community preview, and is not connected to Cyera’s data security platform, does not share code with the platform, and does not interact with Cyera in any way.”

What’s next for Cyera? 

Segev emphasized that Cyera aims to enable businesses to fully harness the power of their data through AI. He said that the recent investment confirms Cyera’s dedication to assisting chief information security officers (CISOs) in addressing their paramount challenge of securing data in the cloud era.

Segev highlighted that the additional funding will also expedite the development of Cyera’s data security platform and support the expansion of its global go-to-market initiatives.

“We would not have been able to secure a $100 million round in this economic and funding environment without having a transformational impact on our customers’ data security programs. We aim to further solve critical problems for CISOs, holistically across their entire SaaS, PaaS and IaaS infrastructures,” said Segev. “This funding enables us to accelerate product development, hire the best engineering talent and expand our go-to-market initiatives. Our team is incredibly passionate about solving CISOs’ most pressing security challenges.”

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.

Source link