The pixel

Cyera is the first Data Security Posture Management (DSPM) platform to secure cloud data across SaaS, PaaS, and IaaS

Tamar Bar-Ilan
Feb 1, 2023

Data breaches continue to increase in frequency and impact. The number of accounts impacted by data breaches increased 70% in Q3 2022, due in large part to siloed visibility and an inconsistent data security posture across cloud environments. The average enterprise managing data in the cloud has an average of 157,000 sensitive records exposed to everyone on the internet by SaaS app sharing features, representing $28 million in data-breach risk. To avoid and eliminate the visibility and control silos that create this risk, Cyera now secures all cloud data, including in SaaS environments.

From our inception, Cyera has been engaging CISOs and their teams to understand their biggest data security challenges. The first significant pain points we addressed were visibility and context. Security teams in every industry struggle to understand what data they have, where it is stored, and whether it’s secure. For heavily regulated industries, answering those questions is an imperative. But once they have those answers, prioritizing what actions to take, and then accelerating the mean time to resolution are equally important. So context-based risk assessments and automated remediation workflows quickly followed suit, focused on databases (structured data) and files (unstructured data) in IaaS and PaaS environments.

Since the global pandemic accelerated the move to remote work, SaaS collaboration tools have become the way companies do business. More than that, SaaS has become a way of life for businesses and consumers across the globe. Extending our automated discovery, classification, and automated remediation workflows to SaaS environments is a natural evolution of our DSPM solution, and the first of its kind in the industry. 

It is projected that 85% of the software that organizations use will be SaaS-based by 2025. Cyera works with customers in heavily regulated industries, including financial services and healthcare, that collect massive amounts of personal information. So it was no surprise when they began engaging us to extend our DSPM capabilities from IaaS and PaaS environments to encompass their sprawling SaaS landscape. 

In a recent customer engagement with a large bank, Cyera was connected to the customer’s AWS, GCP, and Microsoft 365 environments. In just 24 hours Cyera had analyzed over one petabyte of data, created a data store inventory, classified their sensitive data, and highlighted significant risks from publicly exposed sensitive data. Cyera was 172% more accurate in classifying the customer’s data than a competitive data security solution - due in large part to how we learned the customer’s unique data classes. 

Data classification is a challenge for many organizations. Many tools offer a means of classifying data, but in most cases, IT, governance and security teams spend significant amounts of effort tuning regular expressions and manually classifying their data. As a result, data is often not classified, or classified incorrectly, which makes applying security controls or governance policies difficult, if not impossible.

Cyera’s data classification engine learns the unique data in each customer’s environment. The more data our classification is connected to, the more accurate it becomes, because it applies context from the environments as well as from the data itself. By combining data context from SaaS environments to the structured and unstructured data in IaaS and PaaS environments, Cyera establishes a multi-dimensional view of data patterns that not only improves the accuracy of data classification, but also makes the risks we highlight more relevant and actionable.

Cyera is building the industry’s most comprehensive data security platform, taking a cloud-first approach. CISOs and their teams have told us that the challenges in the highly-permissive, sprawling cloud landscape are a major threat to their security and compliance efforts. With this advancement, Cyera now provides unified visibility and a consistent data security control plane across SaaS, PaaS, and IaaS - all cloud data. This allows security teams to:

  • Understand the data they manage and what’s at risk
  • Protect their businesses from breaches and data leaks
  • Detect threats and respond to attacks faster
  • Prioritize remediation efforts based on business risk
  • Simplify incident triage and audits 
  • Empower their teams to leverage data securely

Cyera’s platform supports the major cloud hyperscalers (AWS, Azure and GCP), data platforms including Snowflake, Databricks, and MongoDB Atlas, and recently added support for Microsoft 365 and Google Workspace. The company is working with design partners to expand its support for other SaaS platforms, including Salesforce, Confluence, and Box, with additional collaboration tools coming soon.

To learn more about this capability, schedule a demo, or request a data risk assessment. We look forward to working with you!

Company
News
Product
Engineering

What to read next