Cyera has raised $600 million at a $12 billion valuation, marking one of the largest funding rounds in the cybersecurity space this year. The company, which specializes in protecting sensitive data from AI-driven threats, is using the capital to accelerate its development of autonomous, agentic security capabilities.
The platform focuses on identifying an organization’s most critical data — what it calls “crown jewel” assets — and applying real-time controls that can restrict access or even delete data if it is shared inappropriately by either humans or AI agents. This approach is designed to address the growing risk of data exposure in environments where autonomous AI systems are increasingly common.
“Only machines will be able to protect machines.”
He also described Anthropic’s recent release of Mythos as the beginning of a new era
“I view Mythos as the first chapter in a book that might be called ‘How A.I. Transformed Cybersecurity.’”
Yotam Segev
CEO Cyera
The funding round, led by Evolution Equity Partners with participation from Cyberstarts and Temasek, comes just six months after Cyera’s previous $400 million raise at a $9 billion valuation. It reflects strong investor conviction in the need for security tools built specifically for the age of AI agents and autonomous threats.
Conditions Driving the Change
The rapid adoption of autonomous AI agents across enterprises has created new attack surfaces that traditional cybersecurity tools were never designed to handle, as these agents can independently access, process, and share sensitive data at machine speed.
Both attackers and defenders are increasingly using AI, creating an arms race where human-scale security processes are too slow to keep up with AI-driven threats that can discover vulnerabilities and execute attacks in minutes rather than months.
Organizations are struggling to maintain visibility and control over their most sensitive “crown jewel” data as AI agents proliferate across SaaS platforms, internal tools, and automated workflows, often without clear ownership or oversight.
Data exposure risks have grown significantly because AI agents can be tricked, misconfigured, or compromised, leading to large-scale leaks that traditional access controls and monitoring tools are not equipped to prevent in real time.
Security teams are facing mounting pressure from boards, regulators, and customers to demonstrate that they can protect data not just from human insiders and external hackers, but also from the autonomous AI systems now operating inside their own environments.
The rise of powerful AI models capable of sophisticated cyber operations, such as Anthropic’s Mythos, has made it clear that future threats will be increasingly automated, requiring security solutions that can respond at the same speed and level of autonomy.
Most existing data security and governance tools still rely on static policies and manual reviews, which cannot scale effectively as the volume and speed of AI-driven data interactions continue to grow exponentially.
Investor and market attention has shifted toward companies building “agentic” security platforms that can autonomously discover, classify, and protect data while also taking real-time action when risks are detected.
Procurement and compliance requirements are becoming stricter, with organizations now expected to prove they have controls in place specifically for AI agents, creating demand for solutions that can deliver verifiable, automated data protection at scale.
What AI Security Looked Like Before
Before the current wave of agentic cybersecurity funding and product development, AI security was largely treated as an extension of traditional data protection and threat detection. Most organizations relied on a combination of data classification tools, access controls, and monitoring platforms that were built for human users and conventional applications.
These systems typically focused on logging activity after it occurred and applying static policies that required manual updates. When AI agents began appearing in enterprise environments, they were often treated like any other automated process or service account. Security teams had limited ability to understand what data these agents were accessing or how their behavior might change over time.
Protection of sensitive data was mostly reactive. Tools could flag unusual access patterns or large data transfers, but they rarely had the capability to take autonomous action in the moment. Policy enforcement depended heavily on human review, which created delays and left gaps when agents operated independently or at high speed.
Visibility into AI-driven risks was also limited. Most security stacks did not have native capabilities to detect when an AI agent had been tricked, misconfigured, or compromised, nor could they automatically restrict or delete access to critical data in real time. As a result, many organizations operated with significant blind spots as they began scaling AI usage.
What AI Security Looks Like Now
With the influx of capital into companies like Cyera, AI security is shifting toward autonomous, agentic platforms that can operate at the same speed as the threats they are designed to counter. The $600 million raised by Cyera will primarily be used to scale its core capabilities in real-time data discovery, autonomous policy enforcement, and agent-aware protection.
A major focus of the funding will be expanding the platform’s ability to identify and continuously monitor an organization’s most sensitive “crown jewel” data across increasingly complex AI-driven environments. This includes deeper integration with the growing number of AI platforms and agent frameworks that enterprises are now deploying.
The capital will also support further development of autonomous response features. Rather than only alerting when data is at risk, the platform is being enhanced to take immediate action — such as restricting access or deleting data — when an employee or AI agent attempts to share sensitive information inappropriately.
Another key area of investment is improving detection and protection against AI-specific threats, including prompt injection, agent manipulation, and autonomous attacks. The funding will help Cyera build more advanced models and capabilities to counter tools like Anthropic’s Mythos and other frontier AI systems that are being used for offensive cybersecurity purposes.
Overall, the funding positions Cyera to move from reactive data security to proactive, machine-speed protection that can keep pace with both the volume of AI agents and the sophistication of AI-driven attacks. This shift is expected to give organizations stronger, more automated control over their most critical data in an environment where traditional human-centric security approaches are no longer sufficient.
Our Take
AI Security Take
Cyera’s $600 million raise at a $12 billion valuation is a clear signal that the market is moving from traditional data security tools toward truly agentic cybersecurity platforms. The funding will be used to scale real-time discovery of sensitive data, expand autonomous enforcement capabilities, and build stronger defenses specifically designed to counter AI-driven threats and autonomous agents.
This matters because most organizations are still trying to secure AI-era risks with tools built for human users and conventional applications. That approach is too slow and too manual. As AI agents gain more access and autonomy inside enterprise environments, the window for damage shrinks dramatically. Waiting for alerts or relying on periodic reviews is no longer enough.
Security teams should treat this moment as a forcing function. The companies that will stay ahead are those that prioritize platforms capable of identifying crown jewel data in real time, enforcing policy before an agent can act, and automatically restricting or deleting access when risk is detected. This is no longer a nice-to-have feature — it is becoming table stakes for any organization serious about scaling AI responsibly.
The capital flowing into companies like Cyera also highlights a broader shift: AI security is no longer just about detection and response. It is increasingly about building autonomous systems that can protect other autonomous systems. Organizations that continue investing only in visibility and monitoring without moving toward inline, machine-speed controls will find themselves increasingly exposed as agentic AI adoption accelerates.
