Nisos — World-class Managed Intelligence Company

As technology grows to new levels, data will become much more valuable. This could bring about more sophisticated attacks, which are harder to tackle. Just building better firewalls won't help much; instead, companies need to focus on faster turnaround times and remediate a threat in real-time. Nisos, which is a Managed Intelligence company, leverages a world-class intelligence capability to provide smarter defense and more effective response against advanced cyberattacks, disinformation, and abuse of digital platforms. We interviewed the founders of Nisos to know more about the company and the services it offers. Here are a few excerpts from the interview:

Q. CIO Bulletin: What motivated you to reinvent enterprise security and intelligence services?

Justin Zeefe: We started Nisos with three objectives. First and most important, we thought, "if the private sector put the same technical and analytical discipline in defending themselves as we do to combat our enemies, organizations would be compromised much less frequently." We wanted to take the most brilliant technical and analytical minds from the United States Government and private sector and become an intelligence company that provided services to address any threat in the cyberspace.

Second, we saw the time and energy it took the government and big companies to be adaptive and fast while countering adversaries. We wanted to empower digital intelligence disciplines between teammates and also transfer our knowledge to our clients and partners in a way that enabled them to solve critical business problems. Threats around fraud, platforms, trust, safety, cybersecurity, third party diligence, executive protection, and reputation were common problems medium and large enterprises faced on a regular basis. Yet, most intelligence and investigations companies only addressed a fraction of these threats.

And third, we saw enormous amounts of money being spent on network defense technologies and intelligence feeds that were not giving security teams what they needed to properly analyze massive amounts of data and get timely and actionable results. We wanted to give security teams the answers they needed to reduce risk and eliminate problems.

Q. CB: Where do you think the modern enterprise security system is lacking, and how is your company filling the void?

Landon Winkelvoss: Modern enterprise security systems are not built with security intelligence in mind. A big focus of the industry over the last ten years has been preventing the breach. But, despite billions of dollars invested in security technology, attacks are on the rise. Organizations that focus on a "defense in depth" approach through redundancy in security technology will still lose. There is little an that organization can do to prevent a threat from a sophisticated adversary. Rather than building the defense walls higher, enterprises must focus on reducing the time to alert, respond, and remediate threats. One way to do this is to have experts constantly collecting and analyzing threats external to an organization's perimeter and use the actionable intelligence collected to stop the adversaries. Nisos' Managed intelligence^TM provides these advanced capabilities as a service to enterprise organizations.

Q. CB: Modern cyberattacks are more and more automated. How do you help organizations  fight fire with fire?

Landon Winkelvoss: Information is not intelligence. Automated "Intelligence feeds" often contain very meaningful and relevant information but are not yet curated intelligence. Intelligence must be relevant, timely, and actionable. A Managed Intelligence capability combines intelligence feeds and curation (information), exploitation and analysis (automation, data scientists, investigators, technical operators), and dissemination (tailored intelligence reports with mitigation steps and recommendations).

Building and establishing a security team covering the whole range of threats facing companies today is particularly challenging. It requires not only identifying the right intelligence feeds and vendors, personnel skill sets and talent, and professional development programs but also coordinating many internal stakeholders. Managed Intelligence focuses on delivering the highest quality intelligence reports and continually vetting and curating the best data sources. Fighting fire with fire outside the firewall takes expertise in open source intelligence and research, technical signature analysis, and direct threat actor engagement.

Q. CB: Perception and reality must coincide in the field of security and intelligence. How do you know if a breach is probable?

Landon Winkelvoss: With regard to cybersecurity, critical metrics that need to augment governance, risk, and compliance are mean time to alert, respond, and remediate. Organizations need to assume that attackers are already inside their networks and exploiting their company's assets. The difference between an incident and a breach is that a breach is confirmed to have caused problems. You need to prevent incidents from becoming breaches.

A broader definition of a "breach" would extend to platform companies facing constant attackers using its platform to scam users. These broader security events involving fraud and abuse also require digital intelligence, investigations, and experts to defeat them.

Q. CB: There are other reputed companies in the market. How are you a better service provider?

Justin Zeefe: There are plenty of companies in the market. Incident response companies are best when there has been a breach and data is publicly disclosed. They are focused on forensics and do not cover broad external investigations involving many kinds of online crime such as fraud, e-crime, disinformation, and abuse. Threat intelligence companies usually provide information but not actionable intelligence. Rarely do they provide the analysis that allows their clients to be more cyber-secure. Managed Intelligence is the intersection of critical data and human analysis to deliver information in a meaningful manner. Threat Intelligence is critical for any security team, but you need the right mix of skills, experience, automation, and analytic expertise to manage the influx of this complicated information. We do that. 

Q. CB: Do you help your clients patch their internal operations?

Justin Zeefe: We partner with our clients and extend their teams. We provide recommendations to remediate risk, and we respond to requests for information. We can handle an investigation on our own if resources or expertise do not exist for our clients. We also act as tier 3 intelligence analysts and manage our client's intelligence. And we offer managed services to monitor the threats outside their firewalls.

Q. CB: How efficient is your security and intelligence expertise, and how do you keep your service standards up and running?

Landon Winkelvoss: We build sophisticated tools to make our analysts more efficient. This happens in four primary areas:

• Collection and analysis of open-source breach data sets
• Social media collection and analysis through automated aged persona development and maintenance
• Integration and automation of technical data sets
• Automation allowing us to monitor an organization's external internet-facing presence to determine malicious traffic flows, vulnerabilities, shadow IT, or malicious command and control

Q. CB: What does the future look like for Nisos?

Justin Zeefe: We are determined to be a platform company that integrates and automates all valuable externally available data for our clients and makes that data actionable with expert insight across risk areas, including fraud, platforms, cybersecurity, executive protection, reputation, and third parties.

Meet the founders

Landon Winkelvoss

Landon is the Co-Founder and current VP of Content for Nisos. Prior to Nisos, he was a technical targeting officer within the U.S. intelligence community conducting analysis of computer network exploitation operations against terrorists and hard targets. He was also a former intelligence officer within the Defense Intelligence Agency and a criminal analyst for the Diplomatic Security Service of the U.S. Department of State.

Justin Zeefe

Justin is Co-Founder of Nisos, and prior to its formation in 2015, he spent a decade in the intelligence community collecting on-the-ground information against state-and non-state cyber actors and advanced threat capabilities/plans & intentions. Prior to government service, Justin practiced corporate litigation.

"Nisos was formed to support intelligence professionals who needed unmatched actionable multi-source intelligence that disrupts adversarial operations."

"We fuse robust data collection with a deep understanding of the adversarial mindset – delivering smarter defense and more effective response against advanced cyberattacks, disinformation, and abuse of digital platforms."