The Announcement
Cyera, the data security platform vendor positioning itself squarely in the agentic AI era, has acquired Ryft, a startup specializing in automated, AI-ready data lakes. Ryft, founded in 2024 and backed by Index Ventures and Bessemer Venture Partners, had already signed on enterprise clients including Sonos, Unity, and Voodoo before this exit. The deal is the fourth acquisition Cyera has completed in five years and follows the company’s $400 million Series F round, which valued it at $9 billion, triple its valuation from just 12 months prior.
The Bigger Picture
Why Agentic AI Is Forcing a Security Architecture Rethink
This acquisition is not simply about data lake technology. It signals a deeper structural shift in enterprise security. Traditional data security models were designed around human users: defined identities, predictable access patterns, and relatively static permissions. AI agents break every one of those assumptions. An agent shifts its identity based on task context, delegates to other agents, and can traverse data stores at a speed and breadth no human user ever would.
Cyera’s CTO framed this precisely: agents create chains of delegation that make tracing and securing data access fundamentally different from anything the prior generation of data security tools was built to handle. Ryft’s data lake architecture, built specifically for AI workloads, could address the infrastructure side of that problem. Combined with Cyera’s existing data security posture management capabilities, the integrated platform begins to resemble something the market currently lacks: a purpose-built security layer that understands both the data and the autonomous systems consuming it.
ECI Research’s 2025 AI Builder Summit survey found that two-thirds of enterprise AI leaders have already implemented multi-agent collaboration, enabling agents to coordinate and delegate tasks, in live or pilot workflows. That’s not an emerging trend. That’s a present-tense deployment reality, and most organizations have arrived there without a governance architecture that can keep pace.
What This Means for ITDMs
For IT and security decision-makers, the Cyera-Ryft combination surfaces a question that many organizations are quietly deferring: who is responsible for securing the data that AI agents touch? The answer sits uncomfortably in the gap between the CISO, the data team, and whoever owns AI strategy this quarter.
The problem is compounded by the fact that public AI tool adoption remains high even in organizations that should know better. According to ECI Research’s 2025 AI Builder Summit survey, half of enterprise AI leaders say their organizations still rely primarily on public AI tools like ChatGPT or Copilot. That’s a governance exposure, not just a preference. When agents are invoking those tools on behalf of enterprise processes, the data flowing through them often carries regulatory weight: PII, financial records, health information. A platform that can trace exactly what data an agent accessed, under what identity, and what happened next is not a nice-to-have in that environment. It’s operational risk management.
The economics here are also worth noting. Cyera tripled its valuation in 12 months. The market is pricing in the assumption that agentic AI security is a durable, large category. ITDMs should expect this space to grow crowded quickly, with incumbent security vendors making their own moves to cover the agent attack surface. Choosing a platform now means evaluating not just current capability, but roadmap credibility and integration depth.
What This Means for Developers and Platform Engineers
From a technical standpoint, the Ryft acquisition is the more interesting half of this story. Ryft’s positioning as a “secure and automated data lake built for AI agents” points toward a specific architectural problem that engineering teams are wrestling with: how do you give an AI agent access to the data it needs to function, while maintaining the auditability and access controls that enterprise governance requires?
The conventional answer has been to bolt security controls onto existing data pipelines. That approach creates friction, audit gaps, and performance overhead. Ryft’s design philosophy, treating AI-ready data access as a first-class infrastructure concern rather than a retrofit, aligns with where the more forward-looking platform engineering teams are heading. Integrated into Cyera’s platform, this could offer developers a path to building agent-accessible data stores that are governed from the ground up, not locked down after the fact.
That said, there is a real tension here that developers will recognize. ECI Research’s 2025 AI Builder Summit survey found that 44% of enterprise AI leaders have only moderate confidence that AI agents can act autonomously without human intervention. That confidence gap reflects a legitimate concern about auditability and control. Platforms that can demonstrate traceable, deterministic agent data access patterns will have a material advantage in earning the trust needed to push autonomy levels higher.
Looking Ahead
The Governance Gap Will Force Procurement Decisions
The agentic AI deployment curve is outpacing enterprise governance frameworks on nearly every observable dimension. The combination of high multi-agent adoption rates and persistent confidence gaps around autonomous action creates a predictable pressure point. At some threshold, the number of agent-related data incidents will force security and governance conversations that many organizations are currently treating as future-state problems.
Cyera’s platform, if the Ryft integration delivers on its roadmap promise, positions the company to be the default answer when those conversations get urgent. The unified control plane concept, tying identity, data context, and agent traceability together, is architecturally sound. Execution is the variable. The 12-to-18-month window matters here: organizations that establish agent data governance frameworks now will have significantly less remediation work to do when regulatory pressure arrives, and regulatory pressure on AI-driven data access is not a question of if.
Integration Complexity Is the Real Test
Acquisitions in security are frequently easier to announce than to integrate. Ryft is a 2024-vintage startup, which means the technology is modern but the enterprise integration surface is relatively narrow. Cyera will need to demonstrate that Ryft’s data lake capabilities can operate across the heterogeneous data environments that large enterprises actually run, not just clean greenfield deployments. Organizations evaluating this platform should watch for integration depth with existing data catalogs, cloud storage layers, and identity providers as the proof points that distinguish a genuine architectural advance from a roadmap slide.
ServiceNow Q1 2026 Results: AI Platform Growth Accelerates
Cyera Acquires Ryft to Build Agentic AI Security Platform
Liferay CMS: Headless CMS Built for Enterprise Governance
ServiceNow Acquires Armis: AI Cyber Defense Platform Analysis
Qdrant Cloud Adds GPU Indexing, Multi-AZ, and Audit Logging
