vCSO.ai

Virtual Chief Security Officer

Expert Cybersecurity Strategic Consulting Services

As the Chief Security, Privacy, and Information Officer for Silicon Valley Bank, the hyper growth phase of 2007 – 2021, my mission was to defend the bank of the innovation economy. My secondary mission was to help improve our cybersecurity product companies probability of success through feedback and product advisory guidance.

Get the view from the cyber front lines

Cybersecurity Product
Strategic Advisor

Nick Shevelyov, CISSP, CIPP, EMBA

Schedule an Introduction

Client Engagements

Insights from engaging in the early days with these and many more game changing companies will differentiate you from “also ran” players.

Board of Directors

Advisory Boards

International Banking and
Global CISO Experience

Nick Shevelyov is a cybersecurity operator with 15 years of technology risk management executive experience as a Chief Security Officer (CSO), Chief Privacy Officer (CPO), Chief Information Officer (CIO) and Chief Information Security Officer (CISO).

A published author and industry keynote speaker, he brings with him a network of elite cybersecurity specialists and practitioners to complement his advisory services.

“I connected with Nick during the exciting ideation phase of our startup journey. He invested his time in regular meetings, where we discussed various pains and the ability to address them in an innovative way. With his invaluable support, as a product advisor and an investor, Kodem was marching forward. His profound expertise and extensive network have been instrumental in propelling our progress. I highly endorse his services to companies, regardless of their scale or objectives.”

Aviv Mussinger, CEO , Kodem Security

“Nick did an amazing job rapidly and effectively improving our cybersecurity posture leveraging his breath of experience and expertise. What’s is particular impressive about our work with Nick is his ability to set out a strategic vision and get into the details to drive execution.  He operates at both the executive level and as a hands-on practitioner. He is a trusted advisor, and we love working with him.”

Kan Kotecha, CEO, Gale Healthcare Solutions

“Nick helped ETZ build security into our product from the design phase. He also connected us with elite consulting services at friends and family discount rates. He has an amazing global network and these connections are critical for an early-stage startup. Since then, he has become a friend and trusted advisor to the company expanding his role to include raising capital. We hope to have him as a partner for many years to come.”

Jiazi Gua, CEO, ETZ

“Nick has been a friend and industry colleague for many years. Starting from my time as Senior Director for Cybersecurity – National Security Council for the White House where he participated in our strategy development workshops, to the early days of StackRox as an investor and advisor, to present day Act Zero. He truly is a trusted partner and cybersecurity industry leader.”

Sameer Bhalotra, Founder and CEO, ActZero.ai

Cybersecurity Product Advisory

If your product is positioned as a tool, you will be commodified.

Your security product needs to help your customer, the CISO, sleep at night.

As Chief Security Officer for Silicon Valley Bank (SVB) from 2007-2021, the bank’s “Golden Age”, I have defended and responded to international crime and state attacks. As a security product buyer and implementer, my advice simplifies your buyer’s journey. From consideration to implementation, we help you stand-out and distinguish your company from the crowded marketplace, and advise on how to reduce complexity and cost of ownership.

On top of my primary mission to defend the bank’s people, assets, and interests, our biggest risk was to guard against cybersecurity “Island Hopping” campaigns; using our bank as a way to access funds and IP of approximately 80% of the VC and PE backed innovation companies in the world. Running the best cybersecurity team you never heard of, because we were successful in defending a high value target with hundreds of billions in “on balance sheet” assets, a global presence, processing billions of dollars in transactions.

SVB’s mission was (and still is) to “Increase Our Client’s Probability of Success”. My equally important role was to meet with our founder and CEOs to assess their value proposition and provide candid feedback. We would deep-dive into capability and capacity conversations with engineers and architects, work together on go-to-market strategies, total addressable market, and customer acquisition tactics. We beta tested fledgling technologies, and help them raise capital or extend a line of credit for warrants as the companies’ advocate, resulting in huge returns for the bank.

The benefits of cyber defense technologies go beyond risk mitigation. Financial benefits include quicker onboarding, asset inventory tracking, and time-to-value at scale. My market philosophy is to create cybersecurity value propositions with quantitatively oriented storytelling for win-win outcomes, our cybersecurity clients loved it. In many cases they were smart and turned my own logic on me and would share their value proposition to the bank. Using “addition through subtraction” I was able to simplify my technology stack while also deploying some of the most cutting-edge technologies to defend the bank.

Let us help you become more successful.


rocket_launch

Go-to-Market Strategy for
Cybersecurity Products

Refine your value proposition, find “product–market fit”, and tell your story that creates value beyond risk mitigation.


explore

Cybersecurity Product
and Marketing Advisory

Architecture and engineering review of your solution, competitive analysis and fit into existing cybersecurity environments, and avoiding implementation pit-falls.


balance

Cybersecurity Gap Assessment
and Advisory Services

Standards and best-practices gap assessment, enhancement roadmap, and long term advisory relationship with access to our network of specialists and solutions.

Cybersecurity Concerns: Why You Need a VCSO

Establish and maintain a robust information security products, services, and your posture to mitigate risks and safeguard the confidentiality, integrity, and availability of the organization’s information.

Protect to enable
Taking a physician’s diagnostic approach, we analyze pre-existing technology debt, system and application vulnerabilities, data inventory and security posture management to assess your cybersecurity health.

Improve your probability of cybersecurity success outcomes
Is cybersecurity a chess game, or more like poker where we make probabilistic bets over a series of circumstances to improve our likelihood of success. We will leverage frameworks, to frame our work, customize appropriately based on your organization’s risk appetite, and build a plan that works.

Bolster regulatory compliance
Compliance is not security, and security is not compliance. Let’s build a program that is complementary of your cybersecurity needs, factoring regulatory requirements enhancing risk efficiency.

Security incident response
Every second counts. When security incidents occur, such as data breaches or system compromises, our disaster response partner, ActZero, least incident response efforts to minimize the impact and restore the organization’s systems and operations. They coordinate the investigation, containment, and recovery activities and work to prevent similar incidents in the future.

Foster a security-aware culture
vCSO promotes a culture of security awareness and accountability throughout the organization. They provide training and education programs to raise awareness about security risks, policies, and best practices among employees, encouraging them to actively participate in maintaining a secure environment.

Methodology

Probabilistic Thinking and a Polymath’s Perspective

Using SWOT Analysis, the “Five Whys” root cause analysis method, Pre-Mortem exercises, to identify potential vulnerabilities and threats.

Measured, data centric “value at risk” approach using a proprietary “V12 Data” approach to managing cyber risk, following the philosophy of “Those who wish for peace, prepare for war”.

The Right Horses, for the Right Courses…at the Right Time

Commitment to highly-tailored and balanced solutions addressing clients’ cybersecurity needs through a unique combination of business risk awareness and first principles thinking, enabling the identification and mitigation of potential systemic vulnerabilities and threats.

Sensible Design and Deployment of Strategy

Principled strategy design and deployment centering the balance amongst fit to externalities, proportionality of means and ends, efficiency of leverage, cohesion of internal assets, and resilience to adversity.

Strategy
Strategy is based on shrewd calculations factoring dynamic circumstances.

Speed
Continuously calibrate and refine desired results.

Educate Business Leaders
Get more out of the balance of the business and technical considerations.

AI + Human expertise
Attention to logistical optimization needs to maximize strategy.

Team

Nick Shevelyov

PRINCIPAL

Andrej Bosanac

Andrej Bosanac

ANALYST

Duncan Weinman

Duncan Weinman

ANALYST

Berk Algan

Berk Algan

ADVISOR

Berk Algan

Bill Placke

ADVISOR

Mark Willis

Mark Willis

ADVISOR

Michael V. Korsak

Michael V. Korsak

ADVISOR