We had the opportunity to chat with Brad Thies, the Founder and President at BARR Advisory:
Q: Brad, can you tell us something more about your company?
A: BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. We are a trusted advisor to some of the fastest growing cloud-based organizations around the globe, helping businesses simplify compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.
Q: Any highlights on your recent announcement?
A: Being recognized among the top 10 fastest-growing companies in the technology hub of the Midwest—Kansas City—is a testament not only to the hard work and dedication of our team, but also to the growing interest among business leaders worldwide in prioritizing data security and achieving lasting cyber resilience. We’re proud that our commitment to simplifying cybersecurity and compliance has placed us among this group.
Recommended: The Complete Guide How To Become Software Developer
Q: Can you give us more insights into your offerings?
A: Our business includes two main buckets—our attestation services and our virtual CISO (vCISO) practice. Not only do we help clients provide assurance through audits, such as SOC 2, ISO 27001, NIST CSF, HIPAA, HITRUST, and others, we also have the unique perspective of rolling up our sleeves and building security programs ourselves through our vCISO services. By providing unparalleled service, following the data, and focusing on security first, we help our clients navigate the threat landscape by taking a comprehensive approach to cybersecurity and compliance.
Q: What can we expect from your company in the future? What are your plans?
A: We anticipate the continued demand for cybersecurity and compliance services, but our ultimate vision is a fully automated future. Outdated assessments and manual audit techniques take countless hours today, and while these hours achieve compliance, they distract us from focusing on the ultimate goal—security and resilience to evolving threats and business needs. Compliance is important for creating a way to communicate external standards, but if we put the majority of our resources towards compliance, we’re less capable of preparing for evolving threat models that compliance and regulations cannot protect us from. Our goal is to automate close to 100 percent of primary compliance reporting (including SOC, ISO, and NIST) so that we can spend more resources implementing true security strategy.
Looking ahead, we also hope to continue minimizing the barriers to entry in the cybersecurity industry. Cybersecurity, at its core, is a human issue—and to further build our platform, we intend to cast a wider net for pulling in new talent. Too often, cybersecurity job postings require years of experience, a number of certifications, and specialized training all for an entry-level role, intimidating potential candidates. We’re on a mission to change that by collaborating with partners and taking on industry apprentices to fill a more robust pipeline of cybersecurity talent.
Q: What is the best thing about your company?
A: At BARR, we believe that people are at the center of cybersecurity. From the culture of connection we’ve created among our distributed team to our trusted partnerships and unparalleled client support, people are the focus of everything we do. Because at the end of the day, protecting data means protecting the people it represents.