top of page

At your service


I'm Ryan Stillions, and my niche is working with your cybersecurity defenders to modernize and optimize network and SaaS visibility at a forensic level.


This helps your SOC and 3rd party MSSP/MDR providers to identify and respond to threats faster.  My clients are usually CISOs, CIOs and IT leaders of medium to large businesses who bring me in on a fractional basis to help their teams boost visibility, save time, accomplish more, and better manage risk.

Through planning workshops, short-term projects, recurring guidance retainers and fully managed or co-managed services, I design, build and optimize bespoke network TAP, Packet Broker, NSM, NDR, IDS sensor grids, Asset Detection and Inventory systems, and SaaS Threat Detection systems in complex IT and OT environments, and then help amplify the teams who run and use them.

I do all this through affordable flat-fee month-to-month subscription plans and 1099 contracts, with a satisfaction guarantee. Think fractional CISO, but lower altitude, embedded with your engineers, analysts, and architects, specializing in visibility infrastructure and detection engineering that optimizes your information superiority (about your business) and fuels your Detection & Response operations (against your adversaries).   To learn more, let’s grab some time to chat.

- Ryan

Numbers at a glance

My Journey

Curiosity created the cat


If you ever have an opportunity to share modern technology with youngsters, I implore you to do it.  Do it early and often, and without hesitation or reserve.  I was just a young boy when my father brought home a Commodore Amiga 500 to the 19th-century farmhouse we grew up in, out on a dirt road in rural Iowa.  It became the jet fuel to my curiosity engine and probably altered the trajectory of my life. This is also why we support the Rural Technology Fund, and will continue to do so as our business grows.

Blame it all on my roots

I am blessed to have grown up in the Midwest, surrounded by good influences.  Honest, hard-working, not afraid to get their hands dirty, entrepreneurial, and salt of the earth, good people. I didn't appreciate it in my youth, but I had (and still have) many good mentors.  My grandfather, pictured here, was just one example.  He put me to work at the age of 12 with my first "official job", which of course, gave me more than spending money for Amiga games, it gave me purpose.  No silver spoon story here.  I inherited multi-generational grit on all sides of the family and am proud to carry that legacy forward.  At times, grit is the only thing that gets us through.


A calling to serve


Serving in the US Air Force was an honor and privilege. I gave it my all and got it back in spades. It's here that I learned technology from the ground up, starting at the lowest levels of electronics theory, into how computer systems are built, networked, and made to work globally, securely, and with resiliency.  In short, military-grade.  It wouldn't be until years later that I would come to appreciate these foundational skills and the opportunity to have learned "what good looks like" early in my career.  My frame of reference had been pinned to a very high bar, as opposed to 98% of some 3,000+ commercial environments I would later come to experience.

IT Operations & Engineering

My first and last duty station in uniform was Cheyenne Mountain Air Force Station, home to the North American Aerospace Defense Command - NORAD.  Their mission is rapid detection and escalation of Air, Missile, and Space threats to North America.  My team's mission was to make sure the mission systems it all runs on are up, secure, and resilient 24/7/365.  It's here that I learned the foundational principles of sensor networks, visibility, detection, early warning, escalation, and crisis management when under pressure. Skills I carried forward into digital forensics & incident response (DFIR) and managed detection & response (MDR).  In total, I spent roughly nine years serving in the broader Defense Industrial Base (DIB) between the USAF (active duty), Lockheed Martin, and a brief stint with ManTech International.  America will never know the extent to which our nation goes to protect us from dangers, and I'm OK with that. I'll be forever thankful to my brothers and sisters in arms who protect and defend our great nation.


Forensics & Incident Response


For the next eight years, I would go on to perform digital forensics & incident response within IT and OT environments for large global enterprises.  Between investigations, I could focus on cyber security operations and detection engineering within the platforms that support DFIR and MDR functions. These were some of the world's largest Network Security Monitoring (NSM) sensor grids, SIEM deployments, and EDR deployments. The phrase "PCAP or it didn't happen" takes on a whole new meaning to an analyst who has access to petabytes a day of new data and telemetry. By the end of this eight-year period, the career pressure to go build these capabilities "as a Service" was beginning to heat up, so I shifted into building out cybersecurity managed detection & response (MDR) services at scale.

Building Managed Services (x3)

For the next eight years, I would go on to build service offerings for three different "leading" managed service providers, who in total grew to encompass over 1,400 customers and 3,000+ distinct environments.  One was a smaller firm specializing in SMB to mid-enterprise clients, and two were large global firms focusing more on mid to large enterprises.  Building out these global follow-the-sun 24/7/365 security operations teams who provide SOC, MDR, DFIR, and Crisis Management services to thousands of companies in every industry vertical imaginable was a uniquely insightful experience. After twenty five years of living "right of boom" I decided I wanted to pick up my experiences and carry them as far left of boom as I possibly could; visibility.


A better way


Frustrated with traditional service delivery models, I set off in search of a better way. My research led me to discover independent practitioners in adjacent professional industries like healthcare (e.g. Direct Primary Care physicians, concierge doctors) and even tax & accounting services who were disrupting their industries by going solo with flat-fee subscription-based direct-access service delivery models.  The best part was their results, off-the-charts client satisfaction. By cutting out middle men, getting real about client ratios, and focusing on the relationship, they had found their "better way".  But could this work in cybersecurity?  I made a ton of calls, and confirmed what I already suspected. Like other greed-stricken unchecked industries before it, most growth-driven cybersecurity managed services firms were under-serving the larger they became.  CISOs, CIOs, and their leaders are always seeking access to very specific skills to help their teams achieve specific outcomes, from trusted advisors without financial agendas, on a fractional access basis.  My hardest task would be showing up.  That I can do!

My days of 500:1 client ratios were over. Now I serve only a few clients at a time, with care.  In 2022 I founded Treyis Advisors LLC, an Iowa-based Limited Liability Corporation and veteran-owned small business, and as they say, the rest is history.   But there is one more chapter we need to write.

Your chapter

And your chapter doesn't belong here in my story, it belongs in yours.  You don't have to live right of boom.  There is a place where breaches are rare, the heroes prevail, and your teams get restful sleep at night.  But the path to getting there is hard and winding and uniquely yours.  Nobody has your path written on a map, or can sell it to you in a SKU. It will require grit, and focus, and perseverance. If you're up for the journey, I invite you to hit the button below so we can start a conversation.  I help a few active clients at a time, and schedules fill fast. Reach out today.

bottom of page