Nitay Milner runs a data-security company from two cities and one thesis. The thesis is that data loss prevention, the product category every enterprise buys and no security team likes, was built around the wrong abstraction. It asks whether a file matches a rule. Milner's company, ORION Security, asks whether a person is doing something a person like them normally does with data like that.
In February 2026, ORION closed a $32 million Series A led by Norwest, with IBM writing a check, plus follow-on from PICO Venture Partners and Lama Partners. The round arrived less than a year after the seed. Total raised is roughly $38 million. ORION has crossed seven-figure annual revenue and signed Fortune 500 contracts inside a window most startups would still be picking a Slack theme.
The interesting thing about Milner is not the funding. It is the sequencing. Before ORION had product, ORION had a Notion table. About forty startup ideas, put there deliberately by Milner and his co-founder Jonathan Kreiner, then pruned for weeks against feasibility, differentiation, and personal passion. The idea that survived was security, and inside security, DLP, because dozens of CISOs told Milner the same thing: they hated the tools, and they were not allowed to stop buying them.
Milner's first company was a DJ operation he started at 13 with money from his bar mitzvah. By 18 he had five employees. This is a small fact, but a load-bearing one, because it tells you something about how he thinks about companies: they are things you build early, methodically, with real customers who pay you.
He then joined the Israel Defense Forces, and instead of a technology unit he ended up in the financial-advisor unit to the Chief of Staff, working on the numbers behind tens of billions of dollars of defense budgeting. It is a good post if you would like to become comfortable, early, with the idea that decisions have consequences and that spreadsheets can absorb most of the drama.
He studied computer science at Reichman University, and then chose product management. This was, in Milner's telling, a deliberate move, not a fallback. Product is where he wanted to be. It is also, incidentally, where you learn what customers actually mean when they say they want a thing.
In 2018 he co-founded DatsMi in Tel Aviv, an AI-and-IoT platform for event media, and served as Head of Product. Then he moved to Epsagon as a senior product leader on cloud-native observability. Cisco acquired Epsagon around 2021, in a deal reported near $500 million, and Milner stayed on through the Cisco Cloud Observability years. That is the point at which most successful product operators start writing their next thing.
Sources: ORION Security, Axios Pro, Calcalist, Pulse 2.0.
Illustrative distribution based on ORION's stated approach.
ORION Security's platform learns what a company's data normally does. Which employees usually touch which systems. Which files usually leave for which vendors. Which flows are routine, and which are the small deviations that, in retrospect, were the beginning of an incident.
Milner and Kreiner built an internal model they call Indicators of Leakage, or IOL. The model considers the person taking the action, the type of data involved, where the data is coming from, and where it is going to. Those four inputs, weighed together, produce a judgment: is this reasonable for that person, or is this the shape of malicious insider activity, or human error?
ORION describes this as intent-aware data security. In practice it is closer to a shift in what you ask the alerting system for. Traditional DLP asks: is this file sensitive? ORION asks: is this movement out of character?
The pitch, as Milner has repeated in interviews and in ORION's Series A announcement, is that better policies are not the solution for DLP, and that the false-positive problem eating security teams alive is a problem of context, not rules.
The person taking the action, and their historical behavior baseline.
The kind of data, classified in context, not by regex alone.
The system of record. Where the data lived, and how it was accessed.
The destination. A vendor, a personal account, a share link with strangers.
Forty ideas. Weeks of pruning against feasibility, differentiation, and personal passion. Only one survived.
Milner ran interviews before writing product code. The refrain was consistent: everyone hated DLP, everyone still needed it.
The in-house model. Four inputs, one judgment: person, data, source, destination.
ORION operates from New York and Tel Aviv. Standard Israeli-American cybersecurity geometry, delivered with real customers already on the roster.
Seven-figure ARR arrived quickly. That is the ORION Series A story, more than the round size.
Milner is a product person first. He picked product management as a career on purpose, and it shows in how ORION frames the DLP problem.
Milner reads, in his own interviews, as methodical and customer-obsessed. He talks about DLP the way an observability person talks about a query pattern: as a distribution to be understood before it can be alerted on. The persistent theme in the ORION story is patience early, then speed once conviction arrives - forty ideas, then one; dozens of interviews, then a product; seed, then Series A ten months later.
Co-founder and CEO of ORION Security, a data-security startup based in New York and Tel Aviv.
Uses AI to model how data normally moves inside a company and flag insider-threat and exfiltration risk without relying on traditional DLP policies.
About $38 million total: a $6M seed announced in March 2025 and a $32M Series A led by Norwest in February 2026, with IBM participating.
Senior product leader at Epsagon, which Cisco acquired for a reported ~$500M, then continued at Cisco Cloud Observability. He also co-founded DatsMi in 2018.
Jonathan (Yonatan) Kreiner, ORION's CTO, previously an application-security lead at WalkMe.