Our Proven Approach

Chief Information Security Officer (CISO) advisory services help businesses develop, mature, and manage cybersecurity programs that guard sensitive information, strengthen brand reputation, and differentiate products.

Partnering with BARR gives you access to a team of skilled security professionals that serve as a virtual CISO (vCISO), helping you build and maintain a program that is flexible and adaptive to the needs of its stakeholders. Our proven approach includes four phases designed to build and optimize a customized cybersecurity program that caters to your business needs.

How It Works

https://www.barradvisory.com/wp-content/themes/salient/css/fonts/svg/arrows_hamburger 2.svg

Phase 1: Scope

We believe in determining the why before proposing the how, and that careful planning and scoping is imperative to achieve your security objectives.

https://www.barradvisory.com/wp-content/themes/salient/css/fonts/svg/basic_sheet_txt .svg

Phase 2: Assess

The next critical step in implementing a strong cybersecurity program once scope is defined is to identify gaps in your existing program.

https://www.barradvisory.com/wp-content/themes/salient/css/fonts/svg/arrows_circle_check.svg

Phase 3: Roadmap

Once gaps are identified, we provide a roadmap that turns those gaps into a competitive advantage.

https://www.barradvisory.com/wp-content/themes/salient/css/fonts/svg/arrows_clockwise_dashed.svg

Phase 4: Remediation

After gaps are identified and a cybersecurity roadmap is formulated, we help manage remediation of those gaps, execute on the roadmap, and provide ongoing support.

Not only do we give you the tools you need for a successful cybersecurity program, we help you execute. Explore some of the services available to you as part of the remediation phase:

Risk Assessment

BARR offers a comprehensive risk assessment service that is designed to identify, quantify, and manage security risk. A thorough risk assessment can help you identify where you need to shore up your security controls to mitigate internal and external risk factors.

Policy & Procedure Documentation

Any successful security program will include a set of policies and procedures. We’ll provide consultation resulting in a customized set of policies and procedures that are both understood and followed by all members of your organization.

Security Project Management

Project management is essential to the successful execution of any cybersecurity program. Why? Because without it, cybersecurity projects are left ill-defined, underfunded, and past due. The BARR Advisory team helps you manage scope, schedule, and cost of cybersecurity initiatives.

Security Questionnaire Responses

When your customers send security questionnaires, you want to be ready with responses that will put them at ease knowing their data is safe with you. BARR formulates those responses and offers direct communication with your customers to help resolve any concerns they may have, leaving them feeling confident in choosing your product or service.

Internal Audit Service

Our team of experienced consultants work with your unique business needs to develop or enhance your internal audit function; identifying shortcomings in your internal controls, testing those controls, and providing actionable next steps. We perform audits against frameworks including SOC 2, NIST CSF, ISO 27001, CIS Top 20, and more.

Vendor Assessment

How can you hire third-party vendors and minimize the worry that they may not live up to your own security standards? We help you pinpoint the vendors that present the highest level of risk using a standardized, risk-based approach. Once identified, we offer simple steps to protect you from potential risks associated with using third party services.

Privacy Assessment & Compliance

A privacy assessment is an important tool for identifying if your security systems are meeting standard protocols. We’ll help you close the gaps against GDPR and CCPA, along with identifying areas vulnerable to cyber attacks, issues with compliance, deficiencies with security policy, and flaws in security technology.

Mappings to Other Frameworks—Test Once, Use Many

BARR Advisory team will assist you in identifying systems and controls within your security program, and will map those controls to multiple standards including SOC 2, ISO 27001, NIST CSF, CSA STAR, HIRTRUST, NYDFS, CIS Top 20, and more.

Ongoing Virtual CISO Support

BARR Advisory offers ongoing support as a virtual CISO, providing transparency on your cybersecurity program to your board, executive team, and other stakeholders. We are your strategic asset to weave security and compliance into the DNA of your organization and differentiate among your competition.

Benefits of a Virtual CISO

  • Significant reduction in cost compared to a full-time CISO
  • An independent perspective eliminates conflict of interest
  • Limited turnover means continuity for your business
  • Industry expertise necessary to make sound security decisions
  • Services are flexible and scalable on short notice
  • Readily available resources at your disposal

Save Yourself Time By Using Salient

Handling how you manage payments online is very important. Salient is a new innovative and easy to use method of sending & receiving money online. It’s fast, secure and free to sign up.

  • Top Customer Support
  • Most Liked Company
  • Best In Class 2016
  • Friendliest Group
  • Innovative Brand
Meet Cody Hewell, senior consultant, cyber risk advisory.

Get to Know Cody Hewell, Senior Consultant, Cyber Risk Advisory

| Careers, News | No Comments

The BARR Advisory team continues to grow with the addition of a new senior consultant, cyber risk advisory: Cody Hewell. Atlanta-based Hewell brings cybersecurity and governance expertise to his role…

BARR Advisory Joins CyberXchange E-commerce Marketplace

BARR Announces Participation in CyberXchange, World’s Preeminent B2B E-commerce Marketplace Dedicated to Cybersecurity

| Compliance Updates, News | No Comments

BARR Advisory’s Compliance and Consulting Services Are Now Showcased in the Online Marketplace, CyberXchange, and Mapped to Leading Cybersecurity Frameworks   Today, BARR Advisory announced the availability of its cybersecurity…

BARR Adds Larry Kinkaid to CISO Advisory team

BARR Expands CISO Advisory Team, Adds Larry Kinkaid as Senior Consultant

| Careers, CISO, News | No Comments

Larry Kinkaid, CISA, CRISC, has joined the BARR Advisory team as senior consultant, CISO Advisory. In this role, Kinkaid supports the company’s growing CISO advisory service offerings, specifically for small-to-medium-sized…

Learn five ways to keep your data safe as you shop online this holiday season.

5 Easy Ways to Better Protect Your Data This Holiday Season

| Data Privacy, Security | No Comments

With Black Friday and Cyber Monday quickly approaching, it’s likely you’re considering doing most of your shopping in your pajamas, curled up on a cozy couch. And you’re not alone….

Contact Us for a Free Consultation

We’re here to help you! Speak with a BARR specialist about your security and compliance needs.