As AI tools become more prevalent in the business world, corporate security teams are facing a new kind of risk: employees who unknowingly input confidential company information into artificial intelligence platforms, increasing the likelihood of significant leaks.
However, using extensive data, Cyberhaven, located in San Jose, has developed its own AI tools to monitor such irregularities. Its Linea AI and Large Lineage Model (LLiM) have absorbed hundreds of billions of previously logged dataflows across customer networks since the company’s inception nine years ago. It creates a baseline of a company’s standard data processes and identifies any potential issues, such as confidential information being shared with third-party AI models like OpenAI’s ChatGPT or the Chinese competitor DeepSeek. It can also notify IT if employees upload proprietary data to non-work-related cloud storage services or share it on social media.
“We predict the next action a user might take with specific data based on its historical patterns, their role, and similar flows,” explains Cyberhaven CEO Howard Ting. “When we observe a user engaging in an action that is very unlikely, we recognize it as a probable anomaly.” The software prioritizes any discovered anomalies according to their potential impact on the business, assessing when the most sensitive data is in jeopardy.
Cyberhaven’s approach to data security has attracted substantial investment, garnering $88 million at a $400 million valuation last year. Recently, it announced an additional funding round of $100 million, led by StepStone Group and supported by new investors Schroders and Industry Ventures, along with participation from Khosla Ventures, Adams Street Partners, and Redpoint Ventures, achieving unicorn status. With this influx of capital, Cyberhaven is now pursuing strategic acquisitions as it competes with established players in the expanding AI security market, which is projected to grow from $122 million currently to $255 million by 2027, according to McKinsey & Company. The company is focused on maintaining its independence.
“We’ve received many acquisition offers from larger cybersecurity companies, but we’re not interested,” Ting disclosed to Forbes. “We aim to establish an independent company. We believe there is a vast market opportunity and that our technology is distinctly innovative.”
Clients such as the telecom powerhouse Motorola, health insurance company Oscar Health, and law firm Cooley concur. The company anticipates surpassing $50 million in annual recurring revenue this year. Ethan Choi, a partner at Khosla Ventures, reiterated that the software safeguards a company’s most critical data—ranging from HR and client details to data center blueprints and product designs—which are increasingly at risk as they are shared and transmitted. “You can now effectively track and safeguard the Crown Jewels wherever they exist: at rest, in transit, or even when being utilized in AI models,” he noted.
Cyberhaven was founded in 2016 by a group of five PhD students, who received $1 million in funding from the Pentagon’s Defense Advanced Research Projects Agency (DARPA) to create autonomous systems for enhanced data protection. Their original proposal was to use predictive data monitoring methods to ensure that intellectual property was not leaked, either intentionally or unintentionally. However, the focus has since shifted to security powered by AI.
Seyonne Kang, a partner at StepStone who spearheaded the firm’s investment, mentioned that conventional data security solutions often struggle to differentiate sensitive business data from other data types. She believes Cyberhaven is now well-positioned to spearhead a transformation that shifts the cybersecurity sector towards an AI-centric approach. This method “offers greater accuracy with fewer false positives,” she commented.
Nick Vigier, chief information security officer at Oscar Health, perceives software like Cyberhaven’s more as a guide than a barrier. His team uses it to offer direction to employees, ensuring that AI is utilized safely. “We don’t automatically block incoming threats with AI,” he explained to Forbes. “We want to encourage curiosity without jeopardizing our data.”
Instead, Oscar employs Cyberhaven to inform employees about what information can be input into AI systems, utilizing a browser extension and an application on user computers. According to Vigier, medical or personal data cannot be entered into an AI prompt. “We’re a very AI-focused organization and have established numerous approved pathways for our employees to use AI responsibly,” he stated. “Cyberhaven has enabled us to swiftly implement policies that steer people towards those approved, optimal routes.”
While Cyberhaven primarily serves as a security solution, its capability to extract insights about data as it circulates within an organization indicates a wider potential. It could enhance efficiencies, Ting stated, and monitor team performance across various locations. “Perhaps a team in Bangalore is producing significantly more code than one in Austin, and we can deduce from the workflows why they are more productive,” he elaborated. “Data lineage is a tremendously powerful enabler for numerous applications beyond merely securing the data.”
How Cyberhaven Plans to Utilize the Funding
Cyberhaven intends to improve its detection abilities through AI and encompass additional data types as data protection transitions into a platform approach, akin to other cyber sectors, according to Ting. Specifically, Ting mentioned that the company is making substantial investments in an AI-driven large language model that uses data to anticipate user behavior and trigger alerts for unusual activities.
“Data security is poised to evolve into a platform-oriented play, similar to many other facets of cybersecurity,” Ting remarked. “We plan to expand our product offerings, capture a greater share of the market, and broaden our platform.”
The company already has the capability to issue alerts or block actions based on data movement trends, and Ting noted that Cyberhaven intends to widen its scope to include data in databases, data flowing through generative AI applications, and other generative AI tools and services. Cyberhaven aims to provide visibility throughout the entire data life cycle, from the imports by data scientists to customer service interactions, as stated by Ting.
In addition to strengthening its detection capabilities, Ting indicated that Cyberhaven plans to invest in product categories related to its core focus on data detection and response, including data security posture management, privacy, and compliance. Cyberhaven will also collaborate with other cybersecurity vendors in domains such as secure browsing, EDR, and collaboration to enhance visibility and control over data movement, Ting reported.
“We aspire to further integrate with various components of the security stack so that our distinctive insight into data movement can be leveraged to identify and reveal other types of risks to the organization,” Ting said.
Defining Success for Cyberhaven
Cyberhaven competes with data loss prevention companies like Broadcom, Trellix, Digital Guardian, and Forcepoint; infrastructure security firms such as Palo Alto Networks and Zscaler; as well as emerging startups in the data security field. The typical customer of Cyberhaven is located in the United States, has thousands or tens of thousands of users, and is focused on innovation in areas like manufacturing or healthcare.
Key metrics monitored by Cyberhaven include annual recurring revenue, cash outflow, and client retention, with an emphasis on balancing rapid growth with prudent spending, although Ting noted that profitability is at least a year away. He believes organizations should transition from infrastructure-focused to data-focused security models, as data represents the most critical asset for a business but is currently inadequately protected.
“Our investors expect us to pursue aggressive growth while also exercising restraint to avoid exorbitant spending for that growth,” Ting stated.
The latest funding round has raised Cyberhaven’s valuation to $488 million, and Ting expressed that the company aims to increase its international revenue from 20% to 30% within the next year.
“If you consider data security, the level of investment is disproportionately low given the significance of data,” Ting asserted. “Data is the only asset that every organization holds that has inherent value.”