Below is our recent interview with Brad Thies, the Founder and President at BARR Advisory:
Q: Could you provide our readers with a brief introduction to your company?
A: Alongside partner BARR Certifications, BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. We serve as a trusted advisor to some of the fastest growing cloud-based organizations around the globe, helping businesses simplify compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.
Q: Any highlights on your recent announcement?
A: BARR Certifications recently earned accreditation for ISO/IEC 27701 by the ANSI National Accreditation Board (ANAB). The accreditation validates BARR’s competence in performing certification services to both ISO/IEC 27001 and 27701 standards.
For organizations eager to stand out in a crowded market of cloud service providers, these certifications serve as differentiators that not only demonstrate the maturity of your information security management systems, but also affirm your commitment to protecting and securing consumer and third-party data. We’re excited to now have another tool in our belts to help companies achieve their security and compliance goals, and in the months and years to come, we look forward to continuing to find new ways to work toward our mission of creating a more secure world.
Q: Can you give us more insights into your offerings?
A: Our business includes two main buckets—our attestation services and our virtual CISO (vCISO) practice. Not only do we help clients provide assurance through audits, such as SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, and others, we also have the unique perspective of rolling up our sleeves and building security programs ourselves through our vCISO services. By providing unparalleled service, following the data, and focusing on security first, we help our clients navigate the threat landscape by taking a comprehensive approach to cybersecurity and compliance.
Q: What can we expect from your company in the future? What are your plans?
A: We anticipate the continued demand for cybersecurity and compliance services, but our ultimate vision is a fully automated future. Outdated assessments and manual audit techniques take countless hours today, and while these hours achieve compliance, they distract us from focusing on the ultimate goal—security and resilience to evolving threats and business needs. Compliance is important for creating a way to communicate external standards, but if we put the majority of our resources towards compliance, we’re less capable of preparing for evolving threat models that compliance and regulations cannot protect us from. Our goal is to automate close to 100 percent of primary compliance reporting (including SOC, ISO, and NIST) so that we can spend more resources implementing true security strategy.
Looking ahead, we also hope to continue minimizing the barriers to entry in the cybersecurity industry. Cybersecurity, at its core, is a human issue—and to further build our platform, we intend to cast a wider net for pulling in new talent. Too often, cybersecurity job postings require years of experience, a number of certifications, and specialized training all for an entry-level role, intimidating potential candidates. We’re on a mission to change that by collaborating with partners and taking on industry apprentices to fill a more robust pipeline of cybersecurity talent.
Q: What is the best thing about your company?
A: At BARR, we believe that people are at the center of cybersecurity. From the culture of connection we’ve created among our distributed team to our trusted partnerships and unparalleled client support, people are the focus of everything we do. Because at the end of the day, protecting data means protecting the people it represents.Activate Social Media: