Notifications
Clear all
Topic starter
08/06/2026 5:08 pm
TL;DR: AI adoption is pushing data security and governance closer together, and blind spots around sensitive data now carry identity and access consequences as well as data risk, according to Cyera, which says it raised $540 million in Series E funding, lifted total funding above $1.3 billion, and reached a $6 billion valuation in six months, while also reporting 353% year-over-year growth among F500 customers and operations in 10 countries.
NHIMG editorial — based on content published by Cyera: Cyera doubles customer base in six months, reaching a $6 billion valuation
By the numbers:
- Cyera says it raised $540 million in Series E funding, bringing total funding to over $1.3 billion and valuation to $6 billion.
- Cyera reports 353% year-over-year growth among F500 customers over the past 18 months.
- Cyera says it expanded operations to 10 countries and has nearly 800 employees worldwide.
Questions worth separating out
Q: How should security teams govern sensitive data used by AI systems?
A: Security teams should connect data classification, identity visibility, and entitlement review before data enters AI workflows.
Q: Why do AI projects increase the importance of NHI governance?
A: AI projects often rely on service accounts, API keys, and delegated application access to move data into tools and models.
Q: What breaks when data classification does not follow the workflow?
A: When classification stops at the repository, security teams lose track of how sensitive data is transformed, copied, and reused in SaaS or AI systems.
Practitioner guidance
- Map AI data paths to identity paths Inventory which human users, service accounts, API keys, and application tokens can reach sensitive datasets before they enter AI workflows.
- Prioritise identity-aware DLP policy Configure data loss prevention controls to evaluate requester context, application context, and data sensitivity together.
- Reconcile classification with access certification Use classification results to drive access reviews for workloads and humans, especially where AI systems consume or redistribute regulated information.
What's in the full analysis
Cyera's full article covers the operational detail this post intentionally leaves for the source:
- The funding and valuation context behind Cyera’s growth, including investor participation and timing
- Cyera’s product scope across discovery, classification, DLP, and AI-adjacent data protection
- The company’s own explanation of why enterprises need AI-native data security at scale
- The expansion and hiring details that explain how the platform is being positioned operationally
👉 Read Cyera's funding announcement and AI-native data security outlook →
AI-native data security funding: what it means for IAM teams?
Explore further
08/06/2026 7:10 pm
AI data security is becoming a control-plane issue, not just a content-scanning issue. The article shows how buyer demand is shifting toward platforms that can discover, classify, and protect data across clouds, SaaS, and AI systems. That matters because the governance problem is now about controlling data pathways as much as identifying sensitive content. For practitioners, the right question is whether identity, entitlements, and data context are being governed together.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Our research also found that 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, with 38% reporting no or low visibility and 47% only partial visibility.
A question worth separating out:
Q: Should organisations re-evaluate DSPM before scaling generative AI?
A: Yes. Generative AI changes the value of DSPM because the question is no longer only where data sits, but who and what can move it into prompts, copilots, and downstream workflows. Organisations should verify that classification, access policies, and monitoring still hold when sensitive data leaves its original system of record.
👉 Read our full editorial: Cyera’s funding signals rising pressure on data security for AI
