Former NSO CEO and ex-Austrian Chancellor found startup

Shalev Hulio and Sebastian Kutz credit: Pini Siluk and Dominic Butzmann
Shalev Hulio and Sebastian Kutz credit: Pini Siluk and Dominic Butzmann

Exclusive: Shalev Hulio has founded Dream Security together with Sebastian Kurz to provide cybersecurity for critical infrastructure installations.

Shalev Hulio is leaving NSO Group, 12 years after founding the Israeli cyberattack company with Omri Lavie and Niv Karmi, and founding Dream Security, a company focusing on cybersecurity for critical infrastructures - gas, oil and water installations - protecting them from ransom and terror attacks.

Thus Hulio is switching from cyberattack sector - the Pegasus spyware developed by NSO has become a controversial tool for spying on terror and crime suspects - to cybersecurity. Hulio's new company Dream will also be serving government agencies and selling its wares to national organizations, with an emphasis on Europe in the first stage.

Although Hulio stepped down as NSO CEO in August, he remains an advisor to the company and is helping to find a buyer. But in recent weeks he has also been busy in founding the new company. Hulio has recruited former Austrian Chancellor Sebastian Kurz and Gil Dolev, formerly of Adallom, NSO and the Prime Ministers Office and raised $20 million, from a long list of investors led by Dovi Frances. This is a large amount for a pre-seed round and Dream is expected to register as a limited company only at the beginning of November and open its offices in the German Templar Colony in Sarona.

The list of investors in the new startup include people close to Hulio like Adi Shalev, the first investor in NSO and the company that Hulio and Lavie founded prior to that - Medihand, which developed an app for buying from video clips. Other investors include Empire Online founder Noam Lanir, Draftkings controlling shareholder Shalom Meckenzie, and three Israeli cybersecurity entrepreneurs Yevgeny Dibrov and Nadir Izrael from Armis and Assaf Hefetz from Snyk. Frances led the round with his own money rather than funds from Group 11, which does not invest in cybersecurity firms. Estimates are that Frances has invested $5 million in Dream.

The surprising member of the team is Sebastian Kurz, who was Chancellor of Austria until last year, and will serve as Dream's president and VP business development. Kurz, 35, was Austria's youngest ever chancellor, who formed two governments in 2019 and 2020 but resigned in October 2021 after allegations about irregularities. Over the past year, since retiring from politics, he has worked in the private sector. Previously Kurz had served as Austria's Foreign Minister. Kurz met Hulio at the start of the year when he visited Israel seeking startups to invest in. Instead of recommending a startup to invest in, Hulio asked him to join his new cybersecurity venture to help open the doors of European governments and infrastructure companies.

"During my time as Chancellor, I witnessed many attacks on governments as well as on manufacturing plants and energy installations, most of which were not published in the media," Kurz told "Globes" from Vienna. "This has far-reaching implications for supply chains as well as regular energy supplies and public services such as water and hospitals." In answer to a question by "Globes" as to whether Dream will sell its products to undemocratic countries, Kurz said that at this stage the company is focusing on Europe. "This is a company that was founded in Israel and is currently looking to the European market."

"I'm both scared and excited at the same time," Hulio told "Globes." "It's scary to found something like this after so many years at NSO and exciting to the same extent. 12 years in one company - it's not easy to switch.

"After NSO, I thought to myself, what is it that I most want to do. I wanted to remain in the cyber sector but I would never compete with NSO. I decided that I want to move from the attack side to defense. Ultimately, cybersecurity is a much bigger market. But I didn't choose to get involved in the mobile phone security sector, which would have been the obvious and easy thing to do, and after research I came to the critical infrastructures sector."

Dream provides perimeter security for critical infrastructure facilities by protecting computer equipment, smart devices and outdated industrial facilities. At the core of the system is an understanding of the behavior of an attacker and of cyber breaches, a field in which Hulio gained experience during his 12 years at NSO

"Ultimately, while cybersecurity incidents may happen, there is no single company that provides all the protection for the critical assets in a gas or oil facility," Hulio tells "Globes." "Each of these organizations is concerned about three factors: a ransom attack, like the one in which Aramco had to pay $50 million in Bitcoins, information leakage - such as a pharmaceutical formula - from production lines, and physical sabotage that may be caused by cyber gangs or state actors. From talks we had with such critical infrastructure organizations, we saw the great hunger for such security solutions."

Dream aims to compete with cybersecurity giants such as Cybereason, Palo Alto Networks, SentinelOne and CrowdStrike in terms of platforms, and with companies such as Armis, SCADAfence and Claroty in network security in infrastructure facilities.

Hulio continued, "When you look at the field of computing equipment, IT, it is a field that has undergone a crazy jump in the last two or three years, with cybersecurity solutions in cloud computing, applications and firewalls. On the other hand, in the world of critical infrastructure or operative technology - there has been no such leap, if at all, while the damage that can be caused by a cyberattack is a disaster for the real world and can harm the public. Look, for example, at the attack on the Colonial Pipeline company that shut down the energy industry in the eastern US, or the attempt to poison a water reservoir in Florida by taking over its management system. I am not a prophet of doom - but I believe that we will yet see the "September 11" of cyber - an event that will change our perception of how exposed critical infrastructures are today."

The name of the company - Dream - derives from an abbreviation of Detect, Respond and Management of all aspects of cybersecurity for organizations with industrial installations in energy, water and health infrastructures. In general, this includes managing agents on the various devices, advanced AI-based solutions capable of detecting real-time anomalies and behavioral changes, and managing cybersecurity incidents based on the experience of its founders.

Published by Globes, Israel business news - - on October 12, 2022.

© Copyright of Globes Publisher Itonut (1983) Ltd., 2022.

Shalev Hulio and Sebastian Kutz credit: Pini Siluk and Dominic Butzmann
Shalev Hulio and Sebastian Kutz credit: Pini Siluk and Dominic Butzmann
Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018