Analyst(s): Fernando Montenegro
Publication Date: March 16, 2026
Cohesity and Cyera launched Cohesity Data Security Posture Management (DSPM), powered by Cyera, as an integrated offering within the Cohesity platform. The move matters because it positions DSPM as an operational bridge between data visibility and cyber resilience outcomes, including protection and recovery.
What is Covered in This Article:
- Cohesity DSPM launch with Cyera
- Connecting discovery to recovery readiness
- Agentic AI-driven data risk expansion
- Competitive pressure across data security, including recent acquisitions
- Alignment with top organizational security initiatives
The News: Cohesity and Cyera announced the launch of Cohesity Data Security Posture Management (DSPM), powered by Cyera, on March 10, 2026. The companies positioned the offering as a unified solution that connects the discovery and classification of sensitive data with data protection and recovery, aiming to reduce AI-related data risk and improve cyber resilience. Cohesity said the integrated DSPM continuously discovers, classifies, and monitors sensitive data across structured and unstructured data stores using agentless scanning and AI-powered classification, and it provides a centralized view of risk to help prioritize remediation. The companies framed the offering as addressing sensitive data spread across the cloud, software-as-a-service (SaaS), and AI workflows, including new exposure paths introduced by AI agents. Sanjay Poonen, CEO and President of Cohesity, said, “By expanding our partnership with Cyera and launching Cohesity DSPM, powered by Cyera, we are bringing best-in-class, AI-native data security posture management into our cyber resilience platform.”
Cohesity’s DSPM Bet Blurs the Line Between Visibility and Recovery
Analyst Take: Cohesity’s DSPM launch is best understood as a platform move that reframes data security posture management from a discovery-and-classification capability into a workflow that directly supports cyber resilience outcomes. It is an interesting and necessary move by Cohesity, as it aims to accelerate the evolution of data security platforms that must now extend far beyond traditional data protection.
Part of a Broader AI Security Play
This announcement does not exist in a vacuum; it is part of Cohesity’s broader play for AI Security and Enterprise AI Resilience. Alongside the DSPM launch, Cohesity is expanding its ecosystem through strategic partnerships with ServiceNow, Datadog, and others. This highlights that Cohesity views AI data risk as a systemic challenge that requires integrations across IT service management, observability, and data protection to properly govern AI initiatives.
DSPM Is Being Positioned as a Closed-Loop Control Plane
Cohesity and Cyera are framing DSPM as a loop that begins with discovery and classification and ends with protection and recovery readiness rather than stopping at visibility. This integration highlights Cyera’s pivotal role in DSPM, solidifying its position as a key vendor in this space. The companies are effectively arguing that visibility without a pathway to action and recoverability is an incomplete posture story. The takeaway is that Cohesity is using DSPM and Cyera’s specialized capabilities to redefine the unit of value as outcomes across the attack lifecycle, not just better data mapping.
Aligning with Top Enterprise Initiatives
The focus on data security posture and AI workflow protection aligns perfectly with current enterprise priorities. According to recent Futurum research datapoints tracking organizational priorities, securing data sprawl and addressing the risks associated with AI adoption consistently rank among the top initiatives for IT and security leaders this year. Cohesity is directly targeting this buyer anxiety, positioning persistent visibility as foundational to resilience.
Competitive Convergence Is Pulling Many Vendors Into DSPM
Make no mistake: this DSPM support is primarily a competitive response to intense pressure from peers who are aggressively blurring the lines between backup and data security. Major vendors from both data protection and broader cybersecurity backgrounds have recently added data security capabilities through targeted acquisitions in DSPM and DLP. Selected transactions include:
As shown in the list above, competition is heavy from both pure-play and broad security vendors that offer data security solutions. As more vendors pair data intelligence with protection and recovery, differentiation shifts toward how tightly the workflows connect. Cohesity’s choice to expand with Cyera indicates a preference to accelerate its DSPM capability through a partnership rather than building from scratch or navigating a complex acquisition integration.
What to Watch:
- Will customers follow this trend into RFPs? While vendors are quick to merge data protection and security, these areas have traditionally been separate.
- How broadly does DSPM cover the necessary datasets? To do AI governance properly, organizations must ensure they cover not just cloud and SaaS, but also any other data used for AI.
- How quickly can Cohesity reach the new stakeholders with the right message? For vendors traditionally focused solely on data protection, selling data security requires reaching new stakeholders with messaging that resonates with them.
- Is a partnership enough? Traditional competitors such as Commvault and Veeam have made acquisitions in this space rather than pursue partnerships, trading slightly longer time-to-market for greater control over the evolution of data security features.
See the full press release on Cohesity’s DSPM launch announcement on the company website.
Declaration of generative AI and AI-assisted technologies in the writing process: This content has been generated with the support of artificial intelligence technologies. Due to the fast pace of content creation and the continuous evolution of data and information, The Futurum Group and its analysts strive to ensure the accuracy and factual integrity of the information presented. However, the opinions and interpretations expressed in this content reflect those of the individual author/analyst. The Futurum Group makes no guarantees regarding the completeness, accuracy, or reliability of any information contained herein. Readers are encouraged to verify facts independently and consult relevant sources for further clarification.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Other Insights from Futurum:
New Futurum Data Reveals the Fragmented Reality of DSPM Adoption
Veeam Makes Bigger Data Security Play with Acquisition of Securiti
Commvault Cloud Unity: Redefining Resilience
At Wizdom 2025, Wiz Presents a Broader Vision of Cloud Security
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity & Resilience at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
