(Bloomberg) -- AI data-security startup Cyberhaven Inc. said it had raised $88 million in a funding round that values the company at $488 million, showing that companies benefitting from the AI boom can still pull in cash at big mark-ups to previous rounds.

The financing comes at a time when many startups are struggling to raise cash. Last quarter, venture capitalists spent just $36.56 billion to fund 2,882 deals, about half as much cash as two years earlier, and completed about one quarter fewer transactions, according to PitchBook data.

 In Cyberhaven’s case, the company taps into growing concerns around cybersecurity, exacerbated by AI-related threats. Companies want to know what data is being fed into AI models, and they want to know what kinds of information is leaving the organization more broadly—and stop it where appropriate. That could be a well-meaning employee trying to incorporate a service such as OpenAI Inc.’s Chat GPT into their workflow and carelessly giving it access to sensitive data— or an employee who deliberately extracts it.

“It’s not that I’m worried about a hacker,” said Howard Ting, chief executive officer of Cyberhaven, and formerly an executive at cloud computing company Nutanix Inc. “It’s more like the insider risk.”

One high-profile such case: former Alphabet Inc. engineer Anthony Levandowski, who pleaded guilty to stealing documents from its self-driving car unit, Waymo, before leaving and founding self-driving truck company Otto.

Approaches to stopping insider breaches typically rely on formulae that can get in the way of legitimate business, such as a blanket prohibitions on exporting files containing sensitive data, or flagging any user screenshots of some files.

“You can have tons of false positives” using that method, Ting said.

Cyberhaven’s approach relies on a model that aims to predict what users will do based on proprietary data showing how users have behaved in similar situations. For example, he said, if a chief financial officer shares a spreadsheet listing equity grants with an accountant, it’s likely the accountant would share it internally via email or on Slack. It’s unlikely the accountant would share it using an encrypted messaging service such as Signal.

This data-protection technique reflects something of a shift from recent tactics. During the move to the cloud, security companies like Palo Alto Networks Inc. focused on securing the networking parts of computing, and as workers used more devices such as phones and tablets, cyber firms like CrowdStrike Inc. focused on so-called endpoints. 

 Adams Street Partners led the round, with Khosla Ventures joining as a new investor. Ethan Choi, the Khosla partner who led the firm’s investment, said he was intrigued by Cyberhaven’s accuracy and attracted by the opportunity to invest in a new approach to security.

 His interest matches a renewed emphasis across the VC community, which is on track to spend more on the industry in 2024 after two years of declines. This year through June 6, VCs have invested $4.9 billion on 199 cybersecurity deals, according to PitchBook, compared to $6.99 billion on 424 deals in all of 2023.

©2024 Bloomberg L.P.