Services

Access a world-class intelligence capability tailored to your specific needs. Control a multi-million dollar program without the time or expense and solve problems both lasting and acute.

What is Managed Intelligence?

Blog

2 min read

Three Considerations for Measuring Return on Investment from Threat Hunting

By Landon Winkelvoss on Jul 8, 2020 10:26:06 AM

Threat hunting often has ill-defined metrics for organizations attempting to measure “return on investment.” If an analyst isn’t finding bad actors in the environment, leadership may question the value they are bringing. If they are finding a lot of actors, leadership may question how effective they are at their job if incident response is constantly being called for false alarms. Furthermore, questions will arise, depending on how long the actors were present in the network, the severity of the breach and if disclosures need to occur.

Continue Reading
1 min read

Two Considerations for Building a Security Program Grounded in Diversity and Inclusion

By Landon Winkelvoss on Jul 6, 2020 10:32:14 AM

Corporate security programs for major organizations deal with a variety of threats at a staggering global scale and there are playbooks to deal with many of these issues. Above all else, though, the most important task is building trust with the workforce according to recent remarks made by Uber’s Global Head of Security Resilience and Partnerships Dan Williams. 

Continue Reading
2 min read

Reflections on Duty and Service

By Justin Zeefe on Jul 2, 2020 3:02:28 PM

The approach of the fourth of July holiday typically marks a moment in time when we as a country take stock of a summer day, look around at family, friends and neighbors and appreciate what we have, where we live, and our freedoms.  However, this year will pose some challenges - both logistical and philosophical.

Continue Reading
2 min read

Three Considerations for Getting Early Wins from an Insider Threat Program

By Landon Winkelvoss on Jun 29, 2020 11:20:47 AM

Building an insider threat program can be a cultural shift for an organization that values transparency and openness with its workforce. Below are some considerations for demonstrating results with limited resources and showing value to executive leadership without disgruntling the workforce, as discussed with Charles Finfrock from Tesla.

Continue Reading
3 min read

Unexpected Benefits of Third Party Risk Management

By Mike Davis on Jun 24, 2020 10:56:47 AM

One of the most interesting engagements we’ve seen at Nisos, and there have been many, is straight out of a binge-worthy Netflix drama. A publicly-traded company enters a new business partnership with a seemingly innocuous third party, only to have the FBI at its door several months later asking real questions about international organized crime syndicates and money laundering.

Continue Reading
3 min read

Considerations for Securing Container Environments

By Landon Winkelvoss on Jun 22, 2020 11:58:07 AM

Containers are popular because they are a cost-effective way to build, package, and promote an application or service, and all its dependencies, throughout its entire lifecycle and across different on-prem, cloud, or hybrid environments. However, major security risks emerge in downstream repositories and subsequent logging of ephemeral objects that naturally disappear. 

Alan Orlikoski of Square shared his insights on how to mitigate some of these risks and conduct proper vulnerability management and incident response with regard to container environments.

Continue Reading
1 min read

Considerations for Security Controls in Containerized and Virtual Environments

By Landon Winkelvoss on Jun 15, 2020 12:04:34 PM

Current security controls will need to be re-defined based on how we protect the enterprise with two primary considerations: containerized and virtualized environments according to CIO and CISO of Risk Management Solutions (RMS) Dave Ruedger.

Continue Reading
5 min read

The Nisos Dogpile

By Landon Winkelvoss & Justin Zeefe on Jun 10, 2020 9:55:21 AM

As co-founders, Justin and I have had thousands of conversations about Nisos with prospects, clients, investors, and peers in the cybersecurity and investigations industry. The question always comes up, “How are you different?” One of the challenges with differentiation, especially as a services business, is so much of what we deliver is tied to intangibles like talent and process in people. “You know how many times vendors walk into my office and say they were former members of the US Intelligence Community?” was a popular response from prospective clients in the early days.

Continue Reading
2 min read

Threat Intelligence Through the Eyes of Adversaries

By Landon Winkelvoss & Tyler Robinson on Jun 8, 2020 12:12:28 PM

Any adversary conducts reconnaissance on a potential target with one question in mind: is the time and resources for research, development, and exploitation, going to be worth the gain? Below are four insights on threat intelligence from the eyes of adversaries.

Continue Reading
2 min read

How to Use Context to Secure Your Platforms

By Mike Davis on Jun 3, 2020 8:40:44 AM

Attribution often gets a bad name in the cybersecurity industry. Attribution can be challenging and may not lead to a direct business outcome is a common refrain. Companies that operate digital platforms have a unique advantage when it comes to attribution, however.

Continue Reading

Featured