As insider threats grow more complex, Orion Security, a data loss prevention (DLP) startup, is stepping out of stealth with a generative AI platform designed to stop data leaks—whether accidental or malicious.
With risks ranging from employee mistakes to nation-state attackers infiltrating companies, the cybersecurity landscape is shifting fast. The rise of generative AI tools has only intensified those challenges, as workers increasingly expose sensitive information—sometimes without even realizing it.
Orion Security claims its platform can fill that gap. By connecting directly to a company’s cloud services, browsers, and devices, the system monitors activity in real-time and flags anything that looks suspicious. Using a large language model (LLM), Orion classifies behavior as either legitimate or risky, identifying potential data theft or accidental exposure before it escalates.
“Security teams are overwhelmed managing evolving policies and data flow risks,” said co-founders Nitay Milner and Yonatan Kreiner. “Our platform adapts automatically to policy updates, allowing teams to focus on bigger threats instead of daily admin work.”
The startup also raised $6 million in seed funding from Pico Partners and FXP, giving Orion a boost as it looks to tackle even broader threats. The company plans to expand its platform with ransomware detection capabilities soon.
Insider risks have always existed, but AI advancements and massive data growth have raised the stakes. What used to be accidental file mishandling is now layered with sophisticated social engineering, fake employees, and deepfake attacks.
Recent incidents reveal how real the threat is:
- Verizon suffered a breach after an employee mishandled a sensitive file containing personal data, including Social Security numbers.
- Samsung employees accidentally leaked corporate secrets by feeding data into ChatGPT.
- KnowBe4 uncovered a North Korean threat actor posing as a remote IT worker, using deepfake videos to pass interviews and then attempting to plant malware on a company-issued device.
The Department of Justice also exposed an extensive North Korean campaign where fake IT workers secured jobs inside U.S. firms to steal sensitive data and funnel money back to the DPRK regime.
“These cases highlight how attackers weaponize social engineering, AI, and insider access,” warned security experts. “Organizations must rethink their approach to insider threat detection.”
Traditionally, insider threat programs and DLP systems operated separately. But today’s data environment—driven by cloud apps, remote work, and generative AI tools—blurs those lines.
“Enterprises face new data loss vectors as they deploy generative AI applications that may handle sensitive data,” said Todd Thiemann, senior analyst at Enterprise Strategy Group. “That data risks leaking internally to people without clearance—or worse, externally to threat actors.”
Managing unstructured data, which now makes up most of what businesses generate, adds another layer of complexity. Many existing tools overwhelm security teams with constant alerts but lack the nuance to spot genuine insider risks.
Orion Security believes automation and large language models are the key to solving these challenges. Instead of flooding security teams with alerts, Orion’s AI model learns behavior patterns and adapts dynamically as policies change.
The result? Faster detection of real threats, fewer false positives, and more efficient security operations. The startup’s long-term goal is to give companies a single platform that defends against both insider threats and data loss, even as AI-driven attacks become more common.
With its fresh funding, Orion plans to push forward quickly, adding ransomware detection as the next major milestone. “The future of cybersecurity is proactive, adaptive, and AI-driven,” Milner added. “We’re building exactly that.”
