Join us or reach out for a consult on our contact page.
Read on to learn more now...
The cyber community has never known more than we know today, nor has it had more funding and sophisticated technology.
Yet, incidents and breaches continue. The harsh cyber forensics realities are that most incidents and breaches are self-inflicted. And state-sponsored attacks are more intense by rogue states and their proxies.
In business terms, you lose customers, competitive edge, time to market, and most assuredly, suffer heavy costs and burnout.
Mighty companies fall due to structural flaws and group think, as in Jim Collins’ “How the Mighty Fall.” They fail to quickly adapt proven methods and stay ahead of competitors.
Cyber teams are also failing to adapt quickly and stay ahead of enemies. Bookkeeping-style control structures were never relevant, structurally sound or reliable for cyber -- given the nature of the system in which cyber risk lives.
People, process and technology can be misapplied. Diversity does not overcome group think -- need thought diversity and innovation.
How can this be?
Cyber pros are set up for failure– caught between structural flaws, flawed controls and policies, and group think – are simply not taking advantage of terrific and proven methods.
Industrial-Strength Design Thinking methods and math that drive strong business outcomes and are easily applicable to managing cyber risk.
Cyber success, like business, requires tools designed for the dynamic and chaotic cyber system.
Cyber pros are set up for failure, burnout and stress -- no matter how hard they work to fix implementation -- because the root cause lines in designed in, structural flaws.
Importantly, it is not the fault of cyber pros.
Yet it was another single piece of information that really hit us hard.
In short, cyber pros are set up to fail by the methods and math they are forced to use.
We believe that by going through this site, thinking through the implications – taking time to learn more through the online courses – you can gain what you need to make your cyber world more secure and your life easier -- cutting stress and burnout.
Brian Barnier is the co-founder of Think.Design.Cyber and the think-tank, CyberTheory Institute that bridges the gap between boards, business leaders, cybersecurity leaders and compliance. He is an avid sailor with a distinctive career spanning: cybersecurity, technology, risk management, new product innovation and financial services regulation.
Brian has pioneered critical, systems and Industrial-Strength Design Thinking in the cybersecurity discipline and the use of life-like scenario analysis to address critical issues of evolving threats/attacks, eliminate bad methods that cause breaches, waste money and resources and burnout cyber pros, affecting culture and retention.
He is the author of The Operational Risk Handbook (Harriman House, Great Britain, 2011) used as a textbook by the London Institute of Banking & Finance. In 2020, Brian’s paper with expert Prachee Kale, “Cybersecurity: The Endgame -- Part 1” was honored as the 2020 Article of the Year in the Taylor and Francis EDPACs journal.
Brian has earned coveted achievement awards from two of ISACA’s most significant chapters. In 2021, he earned the highly distinguished Joseph J. Wasserman Award presented by ISACA New York Metro Chapter. In 2015, he received the V. Lee Conyers Award from ISACA Greater Washington DC.
Brian is a sought-after keynote speaker and facilitator. He conducts board member trainings, outcomes accelerator workshops for cybersecurity organizations and has recently launched coaching for introverted cyber professionals to empower them to become business leaders. He has taught via the Federal Reserve, OCC, FHFA and FFIEC. He has a “Design Thinking for Cybersecurity” course coming soon on CyberEd.io.
Deep in professional guidance, he is a co-author of ISACA’s Risk IT and COBIT, and the Shared Assessments Program. ISACA's IT Audit Framework 2020 points to his work in risk assessment.
He is one of the first three “Fellows” of OCEG -- the Open Compliance & Ethics Group – the organization that created “Governance, Risk and Compliance” and served on the Red Book committee (the definitive GRC guidance).
Brian is also a contributor to Risk Management in Finance (Wiley, 2009) and Risk and Performance Management: A Guide for Government Decision Makers (Wiley, 2014).
At Lucent Bell Labs (Nokia) & AT&T he led teams to 9 patents. At AT&T he led a groundbreaking internal security initiative to enable new product sales.
At IBM he launched the first secure distributed messaging software, created the security as a process solution team, co-founded the GRC community of practice and #1 FinTech blogger.
At the City University of New York, he teaches a graduate seminar in data analytics viewed as #1 by several organizations. Previously, he taught at the graduate level at several universities.
Prachee Kale is the co-founder of Think.Design.Cyber, a Founding Executive Fellow of CyberTheory Institute and a multi-disciplinary professional with a 17 year, "4D" career spanning: Cybersecurity & Tech, Business Strategy, Diversity & Inclusion and Executive Coaching.
Prachee’s current work is focused on 1) coaching introverted cyber professionals (who account for 60%+ of cyber workforce) to build their brand and become strong leaders without changing their personalities and, 2) bringing critical, systems and design thinking to cybersecurity organizations so they can accelerate Zero Trust implementation, drive demonstrable business outcomes and cost savings, improve culture and reduce burnout.
She is the creator of “Design Thinking for Cybersecurity” online course, soon to be launched on ISMG’s CyberEd.io education platform.
Her article “Cybersecurity: The End Game Part 1” in the Taylor and Francis EDPACs journal was honored as “2020 Article of the Year.”
In cybersecurity, she has managed strategic investments of over $150 million, reduced spend by 20+%, eliminated antagonistic culture and demonstrated 90% retention rate for more than 3 years Prachee’s business strategy experience comes from working on business and ops/tech transformations, enterprise risk and regulatory mandates, in management consulting and the World Bank.
As a leader in the DEI dept., she is accelerating diversity and ESG initiatives. Prachee is the Executive Sponsor for the Women Leaders program focused on increasing representation of women of all backgrounds.
She earned an M.S. in Bioinformatics from George Washington University, which is about building tech for biological research. She wrote code, conducted scientific experiments on HIV viruses, and did PCR tests (yep, those). Think invasive viruses, the pandemic and cybersecurity!
Prachee speaks on topics of cybersecurity and gender diversity at global conferences, summits and podcasts. She makes meaningful connections with her audience and leaves them with a positive, growth mindset and impact they remember.
When she is not working, Prachee loves to travel, sail and cook. She will surely whip up something delicious whenever you visit!
Fun fact: Prachee was once called a “pit-bull” and “passionate” in two instances during the same meeting!
And many others...
From past centuries and current times who are gratefully credited in The Operational Risk Handbook, the CyberEd.io online course and other writing.
Plus hundreds and thousands of others whom we have met in corporate life, advisory assignments and public programs who have commented and refined the application of critical thinking, systems thinking and design thinking to cybersecurity.
Together, this makes the use of Industrial-Strength Design Thinking so proven and practical.
This is the Industrial-Strength Design Thinking (critical thinking, systems thinking and design thinking) for cybersecurity initiative of ValueBridge Advisors, LLC
Insights are based in the expertise of our principals, inlcuding the product management chapter of The Operational Risk Handbook, Harriman House, 2011 plus subsequent articles
© Copyright 2010-2023. All rights reserved. ValueBridgeAdvisors, LLC
We need your consent to load the translations
We use a third-party service to translate the website content that may collect data about your activity. Please review the details and accept the service to view the translations.