Johanna Thomas, Founder & CEOThreat actors are evolving at a rapid pace within the cyber defense landscape. Even though technology evolves continuously to keep pace with the attacks, the lack of skilled professionals in the arena impedes businesses from applying it to their operations. The same systematic approach of large security and compliance companies oftentimes does not suffice to tackle the complex problems organizations regularly face. “As a boutique consulting firm, we don’t follow a cookie-cutter approach,” begins Johanna Thomas, founder and CEO of S3. The company brings to the table skilled consultants and custom-built strategic services for Identity Governance (IDG), Security, as well as GRC to address the uniqueness of each client’s compliance, identity, and security concerns.
As an advocate of intellectual curiosity, Johanna stresses growth at an individual level to enable their employees to build the proper toolsets to support their clients. “It is our corporate responsibility to build like-minded and highly skilled individuals who contribute favorably to advancing cybersecurity,” she explains. Her carefully handpicked team of CPAs and other professionals provide assistance beyond traditional business operations and finance. They are equipped to offer advice on the complex and integrated nature of technology and business operations including SAP and its supporting applications. By leveraging their assistance, clients can effectively solve cyber, operational, and critical risk issues with agility.
S3’s pragmatic approach enables them to understand the client’s specific requirements and design a strategic plan to address challenges in cloud migration, security, identity, and compliance on a long-term and sustainable basis. The S3 team analyzes data from a technological, functional, and organizational perspective to create a comprehensive plan for the future. Furthermore, “Our emphasis on training enables clients to invest in their employee’s development without being completely dependent on professional services,” adds Johanna.
With the intention to drive maximum value out of the existing systems, S3 partners with technology providers, which provides S3 a better grasp of the product’s range and enables them to implement best-in-class solutions for their clients.
Our customer-centric approach, as well as investment in the right talent, has helped us and our clients evolve ahead of the security and compliance technology curve
The S3 team identifies issues within a short period of 4-6 weeks taking into account all the factors to pinpoint the root cause and ascertain the impact from a business standpoint. This enables S3 to create a customized strategic roadmap to guide the IDG and GRC program through a successful evolution.
To showcase the proficiency of S3, Johanna shares an anecdote, where a financial services client could reap multiple benefits from their personalized approach. The client was looking to transition to the cloud and increase identity automation but faced significant compliance challenges. On the lookout for a sustainable program to eliminate these problems, the client formed a collaborative partnership with S3 to identify the issues. S3 assessed the gaps in the existing process and helped them to rebuild it with a more cloud-centric and innovative method that helped in automating their services and reducing compliance risks.
S3 continues to explore the benefits of technologies such as analytics, machine learning, and AI in the identity management, risk, and security landscape. “Our customer-centric approach, as well as investment in the right talent, has helped us and our clients evolve ahead of the security and compliance technology curve,” explains Johanna.
As one of the few women at the helm of an IT Professional Services Organization, Johanna envisions more women will embark on a successful career path on compliance and security. With advisory roles in educational institutions and product technical boards, Johanna aims to help create more capable individuals and organizations in their mission to advance cybersecurity and combat risk.