Cyera Acquires Five‑Month‑Old Israeli Startup Genie Security for $50M to Seal Enterprise Endpoint Against AI‑Driven Data Leaks
Cyera, the New York‑based AI data security company valued at $9 billion following its $400 million Series F in January 2026, has acquired Israeli startup Genie Security for an estimated $50 million, according to a report first published by Calcalist. The deal is Cyera's fifth acquisition in under twelve months, continuing a rapid consolidation push that has more than tripled the company's headcount to approximately 1,500 employees across 15 countries.
Genie Security was founded just five months ago. It employs five people. That combination of youth, size, and acquisition price makes this one of the most striking early exits in Israel's cybersecurity ecosystem in recent memory.
What Genie Security Built and Why Cyera Wanted It
Genie Security built a software agent installed directly on enterprise endpoint devices, the laptops, desktops, and workstations where employees actually do their work. The agent monitors real‑time data activity and identifies attempts to leak sensitive information as they happen, whether the risk originates from deliberate human action or from the routine use of generative AI tools.
That second category is the one that has become a structural problem inside enterprises over the past two years. Employees uploading internal documents into AI tools, pasting proprietary code into chatbots, or submitting sensitive business data to consumer AI assistants often do so without any awareness that the action constitutes a potential data leakage event. In most enterprise environments, no system is watching for this at the endpoint layer in real time.
Genie's technology was designed to close exactly that gap. The agent runs locally on the device, requires no cloud routing of monitored data, and identifies the leakage signal at the point of origination rather than after the data has already moved across a network boundary.
The product had already been deployed across hundreds of endpoint devices at organizations in both Israel and the United States before the acquisition. That live production deployment, at a company founded five months ago with five employees and a $3 million seed round, reflects both the strength of the founding team and the urgency with which enterprise security buyers are looking for solutions to the generative AI data risk problem.
The Founding Team and Their Credentials
Genie Security was co‑founded by CEO Nadav Noy, 30, and CTO Noam Dotan, 31. Both backgrounds carry the kind of depth the Israeli cybersecurity ecosystem is known for producing.
Noy is a veteran of Unit 8200, the Israeli Defense Forces signals intelligence unit that has become the professional origin point for a disproportionate share of the country's most significant cybersecurity companies. During his service, he led projects that received the Israel Defense Prize. Dotan is a graduate of Matzov, the IDF's Center of Encryption and Information Security. He was also part of the founding team at Legit Security, the application security company, where he and Noy first met.
Both founders returned to their units for extended reserve duty following the October 7 attacks. They founded Genie after that period of service concluded, building the company rapidly and securing paying customers before raising meaningful external capital.
That background is consistent with the founding profiles of other companies Cyera has acquired. Unit 8200 alumni have led or co‑led several of the startups that have entered Cyera's portfolio.
Angel investors in Genie's seed round included Assaf Rappaport, co‑founder and CEO of Wiz, the cloud security company acquired by Google earlier this year for $32 billion, along with senior executives from Okta and Elastic. Mensch Capital and Dynamic Loop led the $3 million seed financing.
How This Fits Cyera's Acquisition Strategy
Cyera has been executing one of the most aggressive M&A programs in enterprise cybersecurity over the past year. The full acquisition timeline looks like this:
- Otterize — acquired to expand identity and access management within the data security platform
- Shape AI — brought in AI‑native capabilities for data classification and risk scoring
- Trail Security — acquired for $162 million, adding next‑generation data loss prevention across cloud and SaaS environments
- Ryft — acquired approximately one month ago for an estimated $100 million, focused on data lake security for agentic AI systems
- Genie Security — acquired for an estimated $50 million, adding real‑time endpoint DLP
Each acquisition targets a specific layer of the data security problem. Trail Security covered cloud and SaaS. Ryft addressed the data lake and agentic AI risk surface. Genie Security fills the endpoint gap, the layer closest to where employees and AI tools actually interact with sensitive data.
Following the acquisition, Genie's entire team, including Noy and Dotan, will join Cyera's data loss prevention division and focus specifically on expanding the platform's endpoint data security capabilities. Genie's technology will be integrated into the broader Cyera platform, which the company says is currently deployed across 20 percent of Fortune 500 companies.
The Problem Driving These Deals
Cyera's acquisition cadence reflects a real and accelerating enterprise challenge. Generative AI adoption inside organizations has been faster than most security programs were designed to accommodate. An employee who uploads a customer contract to an AI summarization tool, pastes internal financial projections into a coding assistant, or shares product roadmap details with a consumer chatbot may genuinely not know that any of those actions carries data security risk. In many environments, no technical control is in place to prevent or even detect the activity.
The endpoint layer has historically been one of the hardest surfaces to protect for data loss prevention, because the signals are generated on individual devices rather than at a network boundary where they can be aggregated and inspected centrally. Genie's approach of deploying a local agent that monitors activity at the device level, in real time, represents the architectural answer to that problem.
The broader context is significant. Global enterprise spending on data security is projected to exceed $20 billion by 2027, and the DLP segment specifically has been growing faster than the broader category as AI adoption has accelerated the volume of uncontrolled data movement inside organizations. Cyera launched its Omni DLP product earlier this year, positioning it as the first unified brain for enterprise DLP that works across existing tools, data environments, and risk signals.
Genie's endpoint technology deepens that capability by extending Cyera's visibility all the way to the device where data originates.
Cyera's Broader Position
Cyera was founded in 2021 by CEO Yotam Segev and CTO Tamar Bar‑Ilan, a Unit 8200 veteran. The company was the first to converge Data Security Posture Management, Data Loss Prevention, and identity into a single platform. Its customer base includes AT&T, Peloton, Nordstrom, and Chipotle, among others, and it surpassed $100 million in annual recurring revenue in mid‑2025.
The company's $400 million Series F, closed in January 2026 and led by Blackstone at a $9 billion valuation, was described at the time as funding for the company's expanding platform vision and its acquisition program. The round also included return participation from Accel, Coatue, Cyberstarts, Georgian, Lightspeed Venture Partners, Redpoint, Sapphire, Sequoia Capital, and Spark.
Segev has been consistent in his framing of M&A as a deliberate platform‑building strategy rather than a series of opportunistic deals. The argument is that enterprise security buyers want comprehensive platforms that address the full data risk surface, not a collection of point solutions that require separate procurement, integration, and management. Each acquisition adds a capability layer that Cyera's existing customers immediately benefit from without changing vendors.
The Genie Security acquisition extends that logic to the endpoint, completing a data security stack that now spans cloud, SaaS, data lakes, identity, and device‑level monitoring under a single platform. For enterprises trying to govern how generative AI tools interact with their most sensitive information, that unified visibility is the specific capability that is currently hardest to find elsewhere.
