Cybersecurity startup Orion Security Ltd. wants to help companies defend against sensitive data leaks after raising $6 million in a seed funding round announced today.

Rather than relying on manual policies and rigid rules, it uses context-aware artificial intelligence systems to identify when data is being moved by illicit actors. The startup is using AI to try to prevent a rise in so-called “data exfiltration” which refers to incidents where vital, sensitive information is leaked to malicious actors, intentionally or accidentally.

In recent years, data exfiltration has become a big concern, given the rise of state-sponsored hackers and also the widespread adoption of generative AI tools, which can inadvertently scoop up tons of sensitive and personal information if users aren’t careful.

Data exfiltration has become a profitable business for North Korean hackers in particular. Last December, the U.S. Department of Justice felt compelled to warn U.S. businesses of this growing threat, saying that the country has netted about $88 million in ill-gotten gains over the last six years by stealing sensitive corporate data.

It’s a simple scam wherein North Korean agents pose as independent contractors and attempt to secure remote jobs with American companies. Once they’re onboarded and trusted, they then swipe as much sensitive info as they can, funneling it to their masters in Pyongyang, who then attempt to make money from it. They generally target sensitive customer details that can be sold to hackers, or else proprietary source code, which they threaten to publish online if the company concerned doesn’t pay a ransom.

These malicious scams aren’t the only data exfiltration threats, though. In addition, there’s a very real risk of companies accidentally losing sensitive information, which has been heightened by the emergence of AI chatbots. A couple of years ago, Samsung Electronics Co. Ltd. felt compelled to ban its employees from using ChatGPT after it discovered that one of its workers had inadvertently sent internal source code to that chatbot.

Data exfiltration can be very expensive. The average cost associated with such data breaches amounts to almost $5 million, according to one report last year.

Traditionally, companies have relied on manual security policies and rules-based systems to prevent critical data being sent to suspect parties, but such systems are extremely inflexible and cause a lot of problems, hindering collaboration. One of the main problems with them is that they lack any kind of business context, which is essential for identifying risky activity, said Orion co-founder and Chief Executive Nitay Milner.

His company is coming to the rescue with an alternative security framework that prevents data exfiltration by inserting itself into a company’s systems to learn their normal data routines. By studying how information flows through an organization, it learns how to distinguish between legitimate business activities and potential risks, such as an independent contractor trying to send files to an unknown server.

Milner said Orion’s platform works by connecting to a company’s cloud services, web browsers and devices before creating a comprehensive map of how information flows through the organization. Armed with this knowledge, its “Indicators of Leakage” AI engine applies proprietary reasoning algorithms to analyze the movement of data as it flows across various systems and workers. At the same time, it relies on large language model-powered classification technologies to try and understand the context of that data movement.

“By using AI to map and understand an organization’s operational DNA, we’re enabling a new generation of data protection that can accurately distinguish between legitimate business workflows and potential data theft, without burdening already overstretched security teams,” Milner added.

Should the algorithm detect something unusual, it can immediately prevent sensitive information from being sent to a suspect destination, alerting human security teams who can then perform the appropriate checks. Most important, Orion stresses the accuracy of its algorithms, which it says become more effective over time, to ensure security teams aren’t overwhelmed with false alerts.

Today’s round was led by Pico Venture Partners and FXP, and it also saw the participation of Underscore VC and prominent individuals in the cybersecurity industry, such as the founders of Perimeter 81 Ltd. and the chief information security officer of Elastic NV.

Pico Venture’s Tal Yatsiv said the data protection industry urgently needs solutions that go beyond basic data lineage and develop an understanding of how businesses operate. “Nitay’s background in observability and data tracing at Epsagon gives Orion the perfect foundation to not just track data movement, but to understand its business context,” Yatsiv said.

Image: SiliconANGLE/Dreamina