A trend accelerated by the mass move to digital during the pandemic, enterprises are having to handle an increasing amount of proprietary data. According to one survey, the average company deals with 63% growth in data volume per month, with 12% of respondents reporting a whopping 100% growth.
As the amount of data grows, it becomes tougher for organizations to keep track of it — and ensure that it remains secure. Seeking to protect it, Yotam Segev and Tamar Bar-Ilan, who met several years ago in the Israel Defense Forces, co-founded Cyera, a platform intended to provide companies greater visibility over their sensitive data.
Demonstrating the enthusiasm around such solutions, Cyera today closed a $100 million Series B funding round led by Accel, with participation from Sequoia, Cyberstarts and Redpoint Ventures. The round brings Cyera’s total raised to $160 million, which Segev, who serves as Cyera’s CEO, says will be put toward investing in engineering talent and R&D.
The funding is all the more impressive in the context of the broader cybersecurity landscape, which — once bright — has been dimming slightly, at least in terms of the VC investments floating around. Funding for cybersecurity startups dropped 58% in Q1 2023 compared to Q1 2022, with deal flow dipping to 149 deals — the lowest in years and down 45% year-over-year, according to CrunchBase.
“The move to distributed work and software-as-a-service (SaaS) collaboration platforms during the pandemic has accelerated the need for effective data security, and highlighted the shortcomings of legacy solutions to keep pace with data creation, sprawl and evolution in the cloud era,” Segev told TechCrunch in an email interview. “By providing that deep context and understanding of the data a company manages, and providing detailed insight and remediations for security, privacy and compliance exposures, Cyera is revolutionizing data security.”
Cyera falls into the category of platforms known as data security posture management (DSPM), which attempt to abstract away and automate common data detection and protection practices — particularly in the cloud. The past several years have seen a fair number of DSPM startups emerge from stealth, like Laminar Security, Dig Security, Sentra, BigID and Varonis.
The rise has coincided not only with the growth in data under enterprise management, but with the climbing adoption of the cloud and cloud technologies. According to a recent O’Reilly poll, 90% of organizations reported using cloud computing in 2021 — an increase from 88% in 2020. Gartner predicts, meanwhile, that by 2027, more than 50% of enterprises will adopt industry cloud platforms — platforms with features and services tailored to industries such as healthcare, logistics and retail — to accelerate their business initiatives.
Cyera’s security platform, which highlights potential security issues relating to a company’s data, including exposure to potentially malicious outside sources. Image Credits: Cyera
So what makes Cyera stand apart from the sea of DSPM vendors out there? Segev asserts that the platform has a wider — and more holistic — focus than most.
“DSPM startups … have limited capabilities,” Segev said. “Legacy vendors attempting to ‘bolt on’ DSPM capability are architecturally flawed and can’t scale the way Cyera does. Cyera has differentiated itself from the slew of DSPM vendors in the space by focusing on an AI-powered data security platform to protect all of a company’s data, everywhere.”
To that end, Cyera leverages an OpenAI large language model (via OpenAI’s API) to deliver context around the data that a company manages. (In recent weeks, Microsoft and Google have similarly launched products that tap language models to help contextualize security issues.) The model can discover, classify and identify different types of data, providing an understanding of what a company’s data represents (e.g. the role is serves and the region where it’s from).
At a higher level, Cyera spotlights exposures, posture issues and risks associated with overly permissive access to data.
A recent addition to the suite, Cyera offers a browser extension that anonymizes sensitive data typed into OpenAI’s AI-powered chatbot, ChatGPT — timely in light of company bans of ChatGPT over privacy concerns. SafeType attempts to automatically detect sensitive data in prompts, stopping it (at least in theory) from being sent to ChatGPT.
“We provide complete cloud data security coverage across software-as-a-service, platform-as-a-service and infrastructure-as-a-service environments, with on-prem support coming in 2024,” Segev added. “The result is cloud data security that enables businesses to be more agile and innovative while mitigating risk to reputation, customer loyalty and compliance stemming from data theft.”
Impressively, despite its relatively small (100-person) team, Cyera claims that it’s managed to gain “strong traction” among the S&P 500 in the two years since it launched. Cyera secured “double digit” new customers in Q4 2022 alone and an astounding 800% in revenue growth in 2022.
By the end of the year, Segev expects that the staff will grow to 150 people.
“Cyera’s agentless technology and novel technical innovations to streamline and accelerate data store inventory creation and data classification ensure that businesses will have the confidence that they always know what data they have, where it is located and what it represents,” Segev said. “Because Cyera’s process is automatic and continuous, security teams are empowered with up-to-date context and understanding of sensitive data exposure, as well as insight into how to best partner with the business to address and remediate risk.”