“We are committed to protecting your information by implementing minimal impact cyber security solutions.”

MO.com is made possible by our friends at:

Guidant Financial: The leader in alternative startup, franchise and small business financing

Brian Gay is a technology consulting entrepreneur and owner of Think Forward Consulting, a company committed to using an Enterprise Architecture approach to improve clients’ operations. Brian has extensive experience in Enterprise Architecture, Cyber Security and IT Project Management. He uses his expertise daily to support Federal government and commercial customers. Brian has worked with the Department of Labor, Department of Defense, Department of Commerce and Homeland Security.

Brian’s accomplishments include:

• Developing a common architecture for one of the initial Cloud Computing procurement’s in the Federal government

• Implementing an Enterprise Architecture approach for a $250 Million consulting company

• Establishing a foundation for Enterprise Security Architecture at a Cabinet-level Department

• Conducting an Agile Development and Project Management assessment for an application Center of Excellence (COE)

Brian is a Project Management Professional (PMP) and a Certified Information System Security Professional (CISSP). He holds a Bachelors of Business Administration in Finance from James Madison University.

MO: What exactly is Enterprise Architecture?

Brian: Enterprise Architecture (EA) is often described using city planning as an example. A city planner determines where the industrial, residential and business areas are within the city. They also design the water, electricity and sewerage system required for our city to function, and then develops the standards.

The Enterprise Architecture acts as the planner for the constant improvement of your business operations and IT platform. To accomplish this planning and improvement, you develop models for the business, information and technology of your organization. For example, the Enterprise Architecture helps enable initiatives like bring your own device (BYOD). If your organization supports personal devices the architecture planning process builds plans and standards for the types of devices that can used (iPad or Android, Windows).

MO: What are some of the unique challenges that you face when it comes to supporting the Federal government in their projects?

Brian: Several years ago, the federal government implemented strict compliance requirements such as the Systems Development Lifecycle (SDLC), Earned Value Management (EVM), etc. However, these requirements are not in-line with some of the newer approaches to IT. The new approaches to IT are Agile Methodologies and (in cyber security) continuous monitoring. Therefore requirements exist that create additional paper work and compliance which burden the organization.

MO: What are some of the advantages of implementing a multi-discipline approach for your clients?

Brian: A multi-disciplinary approach is one of our key differentiators. Our clients used to treat Enterprise Architecture and Cyber Security as two unrelated activities. By integrating the principles of EA into our Cyber Security approach we assess the entire scope of projects and solutions to ensure they align to the overall cyber strategy. EA is focused on mission of the organization and the alignment of all activities to support the strategic goals. All Cyber Security initiatives must align to the overall EA. This allows us to recommend projects that provide that maximum benefits and are not redundant.

MO: What are some trends in cyber security that you think that our readers should be paying attention to?

Brian: I see several trends that will have a high impact to our lives and businesses:

Mobility: All industries are embracing bring your own device (BYOD). It’s a great way to achieve cost savings, but it comes with increased security implications. Look for the terms containerization and virtualization, both are industry standards to protect corporate data.

Mobile Transactions: Google Wallet and other methods are becoming more common. However, the technology Google Wallet is based on has series security flaws. In addition, financial institutions do not have the bandwidth to monitor all this traffic.

Mobile Threats: There is big money in cybercrime and mobile devices are the number one target. From malware to fraudulent lures such as text message spoofing the threats are numerous. There are over 6 billion cell phone subscriptions. With trillions of texts, emails and other messages sent each year there are abundant opportunities for the bad guys.

Cloud: I believe in embracing the Cloud but everyone must understand the risks. If your business stores confidential data in the Cloud make sure you encrypt the data before you send it to the Cloud. You must understand you will have less control over your security in the Cloud.

MO: What’s the biggest challenge facing your industry?

Brian: Our nature is to continue to innovate and develop game changing technologies which create unknown challenges. With every new technology the bad guys (cybercriminals, hacktivists, enemy governments and terrorists) get new vectors to attack. Cyber Security must be an able to enable the flow of information not act as a hindrance. At Think Forward Consulting we are committed to protecting your information by implementing minimal impact cyber security solutions. The biggest challenge is providing cyber security without making it too cumbersome.

MO: How has developing application prototypes allowed the firm to grow and improve your offerings beyond traditional consultancy services?

Brian: The consulting model is highly competitive and revenue is only generated when your staff is billing time to a customer. The prototyping will allow Think Forward Consulting to accomplish several objectives. The first is to differentiate ourselves further in the market. Next, it will separate the company’s growth from direct billing only. Therefore we soon will be able to generate revenues from consulting services and our products offerings.

Our first prototype focuses on the Chief Information Officer (CIO) and Chief Information Security Officer (CISO). The tool allows the CIO and CISO to quickly map out all their current mandates and projects against their security requirements. This allows them to see where the gaps exist and evaluate how external mandates and other initiatives impact their Enterprise Cyber Security. The ability to discuss these concepts with our current and potential customers is a huge marketing and thought leader advantage.