We do cybersecurity differently – the right way.

We are 100% focused on cybersecurity and take a strategic approach to working with our clients and seek to understand their organization, existing programs, and roadmap. We challenge traditional security and audit methodologies to reduce overhead and create a high return on investment while positioning security, compliance, and risk management as business enablers. We make cybersecurity stronger and easier for our clients, helping them better understand and protect themselves. Want to learn more?

Consult with an expert

3 co-workers having a discussion seated at the table
Outside photo of a building with the NuHarbor Security logo at top of the building
Stairs Discussion
OUR VALUES

NuHarbor’s guiding beliefs

We make it easy to secure what matters to you. Here’s what matters to us.

  • Protect the house.

    We cultivate a healthy work environment by demonstrating empathy and respect for one another and our clients. 

  • Help our clients win.

    We’re committed to delivering positive outcomes for our clients with urgency and competence. We seek a true partnership.

  • Always improve.

    Cybersecurity is always changing, and so are we. We continually enhance our knowledge and ability to excel for our clients.

Our origin story

Letter from the CEO

Our story starts in 2009. At the time, I was the Chief Information Security Officer (CISO) for a company in Vermont and was aspiring to be a respected company executive. I’ve always been enamored with information security, and I worked diligently to establish my place in the profession. I completed certifications and did everything I could to establish credibility. I wanted to prove I was worthy of this opportunity. I believed a security leadership role in a growing company would be the pinnacle of my career, and I had arrived.

As a new CISO, I quickly learned the job wasn’t all about security. There was a lot of politics. People stepped on others to advance their careers, and budget dollars were scarce. I learned my new job was to be the political face of the security team and to evangelize the need for security to internal business units.

In 2013, I had a small budget that was OpEx (operational expenditure), not CapEx (capital expenditure). I could hire consultants (OpEx) but couldn’t arm them with security tools (CapEx). So essentially, I had a bunch of farmers with pitchforks fighting an army with automated cybersecurity weapons. To make matters worse, I couldn’t find a single security company or partner to help me deliver my security program. I could find security partners to do security testing, but they couldn’t do any security engineering. I could find companies to help me implement Splunk, but they weren’t that good at Splunk and didn’t know anything about security. I could find incident responders, but they couldn’t do anything else security-related. I quickly realized that the security industry was, and still is, a very fragmented market full of niche vendors. The sum of these vendors didn’t equal a full security program.

It was around 2013 when I’d had enough. After all the years I spent evangelizing for budget and receiving half-baked solutions from a fragmented security vendor market, I was at a point where I was bad-mouthing an industry that I grew up loving. My watershed event came that same year when my management made me hire a Big Four company to do an ISO 27001 security assessment. That Big Four company charged me a lot for the assessment, but from the company management standpoint, it was the safe bet because no one can refute what the Big Four suggests. My question to management was: “Why are we having an accounting firm assess our security? You would never have an information security professional suggest an appropriate chart of accounts or do someone’s taxes!”

The short story is that the assessment was a disaster. That Big Four company sent me staff members fresh out of college. Their lead assessor had never done an ISO 27001 assessment. Having been an auditor in the past, I understood the auditee has an obligation to feed the auditor information to arrive at mutually beneficial recommendations, so I helped with the audit, as it was an opportunity to push the security agenda and highlight the issues I needed to be fixed for the management team. But for the big price tag, I expected the auditors to be practiced in the standard. I was, again, disappointed. I helped teach ISO 27001 to their organization. After helping my Big Four partner write the report and do the board presentation, I had transitioned to completely cynical.

In late 2013, I took two weeks off to reset my career. I traveled to Australia with my wife who was speaking at a conference. With the time zone change and alone time, I reflected with uninterrupted thoughts on the last few years. Completely cynical and hating security, I realized I had two options: I could complain and let the issue persist or I could take action. I chose action, and NuHarbor Security was born. When I returned from Australia, I quit my job as a CISO and began NuHarbor’s mission.

Today NuHarbor means “a new understanding of the harbor.” Harbor is a synonym for someplace safe. We do security differently – the right way, and the way it should be done. We’ve walked a hundred miles in your shoes. We’ve sat on your side of the table, we understand the challenges, we understand the frustrations. There’s a better way to do security. Today our mission is to be the absolute best national cybersecurity services firm in the industry. We provide end-to-end security services and are continually evaluating our portfolio to deliver relevant security services. We’ve developed a best-of-breed philosophy around security technology and deep industry expertise around those technologies. Our approach to security, our comprehensive offerings, and our client-first perspective make us a long-term security partner for our clients.

— Justin Fimlaid, CEO & Founder

Our leaders

Trusted cybersecurity experts who care about making the world a safer place.

Meet the team

Group of photo of leadership standing together

News

Hear it from us first.  Stay on top of company accolades, press releases, news mentions, and industry insights.

Stay informed

careers company photo

Join the crew.

At NuHarbor, we provide the highest quality consulting and managed services for an exciting list of clientele. We take enormous pride in our work culture. Join the future of cybersecurity.

View open positions

I enjoy working at NuHarbor. We’re like a family! It doesn’t matter who you are or where you come from. Everyone here is willing and ready to welcome, work, share ideas, support, listen, and push each other to greatness.
dorcas
Dorcas Managed Services Consulting Engineer, NuHarbor Security

6x

We’re a six-time winner of Best Workplace awards, among other accolades.

37%

We love to promote from within – 37% of employees received promotions in the past year.

20+

We have a nationwide presence with employees in over 20 states.

3x

We’ve tripled in size since 2021 and we’re still going strong.

Awards

When our dedication to cybersecurity and workplace culture shines through.

Inc. Best Workplaces of 2023
Tenable Assure Gold Partnership
Splunk 2022 Global Partner Award of 2022
Splunk 2021 Gold Partner Award Winner
CRN MSP 500 2023
CRN MSP 500 2022
2024 Best Places to Work in Vermont
2023 Best Places to Work in Vermont
2022 Best Places to Work in Vermont
2021 Best Places to Work in Vermont
2020 Best Places to Work in Vermont
2018 Best Places to Work in Vermont
Entrepreneur 360 Best Company of 2018

Explore comprehensive cybersecurity protection today.

  1. Consult with an expert

    Talk to one of our cybersecurity experts so we can better understand your needs and how we can help.

  2. Agree on a plan

    Based on your objectives we’ll create a tailored plan to meet your cybersecurity needs.

  3. Start maximizing your protection

    Experience peace of mind knowing what matters most is secure.

Consult with an expert