A New Day for Data Protection: Our Investment in Cyberhaven

By: Satish Dharmaraj and Jordan Segall

Data Loss Prevention — also commonly referred to as DLP — refers to the suite of practices and tools to prevent sensitive data from being leaked, misused, or accessed by unauthorized individuals. While one of the most important attack vectors to protect against, traditional DLP solutions have failed to keep up with the needs of security teams, and have historically led to frustrating experiences involving numerous false positives and the need to implement policy templates and rules through painstaking manual processes.

Meanwhile, the DLP market has grown exponentially over the past several years as millions of sensitive documents, files, and other data are stolen or misused every day. Insider threat attacks have increased significantly as the shift to cloud and hybrid work has resulted in many new risks to protect against. With the proliferation of SaaS applications, the attack vector and susceptibility toward such attacks has also grown. In June 2021, Verizon published its 2021 Data Breach Investigations Report, citing a 47% increase in the frequency of incidents involving Insider Threats, with 22% of security incidents involving insiders. Tessian also published a report citing 43% of security incidents from 3/20 to 7/20 were caused by malicious insiders, with 98% of orgs citing some degree of vulnerability to insider threats. This increase coincides with ransomware 2.0, more sophisticated attacks that will result in a record $20B in damages in 2021.

That’s why today we are excited to announce that Redpoint is leading the $33M Series B funding round in Cyberhaven. Cyberhaven’s Data Detection and Response Platform (DDR) reimagines DLP with a fundamentally new approach by using data lineage to automatically find and protect sensitive data of any type, anywhere in the enterprise. Cyberhaven DDR eliminates manual data tagging and classification by automatically discovering and classifying any data type based on its origin, creator, and content, and assesses every user action in the enterprise to determine risk prior to a breach. The platform also provides full-context data tracing for any piece of data for auditing and incident response, and educates employees and reinforces security practices in the context of a user workflow (e.g., blocking a user from uploading a document to their personal drive).

Cyberhaven’s fully managed SaaS product requires zero infrastructure to deploy and enables workflows to move to the cloud without enterprises losing visibility and control of the data. Security teams finally have more control over how any of their data moves with the ability to block, alert, or coach users in real-time.

One of the reasons we’re most excited about the opportunity to partner is due to Cyberhaven’s extraordinary team led by Howard Ting, Dr. Volodymyr (Vova) Kuznetsov, Dr. Cristian Zamfir, and Dr. Radu Banabic. Not only do they have exceptional technical chops as security researchers from UC Berkeley and EPFL in Switzerland, they also have backgrounds serving as leaders at some of the largest security companies such as Palo Alto Networks and Zscaler.

To date, Cyberhaven has raised $52M and we’re thrilled to be leading this next chapter of their exciting journey and joining on this adventure with Wing VC, Forgepoint Capital, Vertex Ventures US, Costanoa, and Crane.

Lots more to come and we couldn’t be more excited! Check out open roles here!