The threat of cyber attacks has never been more severe. PwC, the professional services firm, estimates 90% of large organizations suffer a security breach — and the number of breaches doubled in 2015. James Bourie, a cyber security entrepreneur, reckons he can help.
His company, NisosGroup, provides surveillance, rigorous stress testing of infrastructure, and human intelligence to combat the dark arts of hacking. It is part of a wave of cyber security start-ups that has emerged in recent years, such as Cloudflare, Tanium, and Zcaler, as public tensions have been stocked by high profile hacks on companies including JPMorgan Chase, retailer Target, and telecoms group TalkTalk.
CB Insights, a research group, says venture capital firms made $1.2 billion of investments in cyber security ventures globally in 2015, up from $800 million in 2010.
NisosGroup has not raised any significant venture capital and is relatively small, with only a dozen full-time employees. But the way it harnesses technology to combat cyber attacks will interest anyone trying to keep their big data secure.
“We want to become the formidable force when it comes to criminal risk,” says James, CEO, who launched the Washington, US-based business in 2013 with two co-founders, a year after getting an MBA at EDHEC Business School in Nice, France.
The co-founders draw on their backgrounds in the intelligence and military communities. James served as a US special forces officer at Fort Bragg, North Carolina. After that came management consulting and a stint as commercial director with Omnicom Group, the marketing agency, in New York.
“We’ve been dealing with threat actors from on the ground and behind a keyboard,” he says.
The MBA degree helped James bridge his military expertise with business management. “Coming out of the army I didn’t have much business knowledge,” he says.
“The MBA was very helpful,” he adds, highlighting the criminal risk program taught by Professor Bertrand Monnet as an elective in the EDHEC Global MBA — reading about the course in a newspaper was how he discovered the business school.
While the number of cyber security firms securing multi-million-dollar valuations, like Tenable Security and Palantir, has surged, James believes NisosGroup is unique.
The company offers services such as “over the horizon surveillance” in which it “infiltrates the dark web” to observe cyber criminals and learn about new vulnerabilities before hackers can exploit them.
“We realized the private security field was not necessarily dealing with the hackers themselves — they are fighting the symptoms, not the cause,” James says.
And demand for cyber security services is growing, he says. “Every day there is something new [a new attack] in the papers.” NisosGroup’s clients are mostly in the financial and critical infrastructure industries. “Their reputation is important to them,” James says, adding: “If you’re compromised it can be detrimental.”
The attack on TalkTalk cost the company up to £60 million and 101,000 customers. Both Amy Pascal, the co-chair of Sony Pictures, and Noel Biderman, chief executive of Avid Life Media, the parent company of Ashley Madison, the adultery website, stepped down after their companies suffered cyber attacks.