Profiles search

Brett C. Don, CISM

C-Suite Business Advisor <> IT & Risk Executive
Washington D.C., DC, United States

Details

Education: BS

Business Administration / Information Systems

Widener University

1984 : 1988

Holy Cross Academy

1980 : 1984
Experience: Executive responsibility for the information technology and security services at a large, multi-office professional services firm.

CHALLENGE : Transform the Information Technology (IT) & Security (InfoSec) Departments of this 400-person, multi-office professional services firm from an operational, reactive service model to a proactive, customer-facing, advisory model.



ROLE : Use consulting skills and C-Level experience to drive operational excellence, align IT decisions with business needs and architect security operations to meet client requirements. Manage $8M budget and 20 business and technology professionals.



• Strategic Alignment of IT | Continuously raise profile of IT through Board briefings, customer group meetings and innovation workshops. Formalized approach to IT planning that includes benchmarking against similar businesses and a sensible, tactical plan. Built consensus for a new team comprised of internal consultants to deliver targeted solutions (people, process and technology) that have measurable impact on profitability and client service.



• Mature IT Operations | Created and continuously refine IT operating procedures including change control and management of incidents, assets, budgets, projects, patching and vendor services. Leverage vendor managed services for the routine, elevating internal talent for strategic work.



• Modernize Technology Services | Manage a large project portfolio including the introduction of select Cloud services (Azure AD, O365, etc.), modernized data center operations (Nimble SAN, etc.) and customer-facing technology (Windows 10, iManage 10, O365, etc.).

• Strategic Alignment of InfoSec | Created and continuously refine an end-to-end Information Security Program through various risk assessments (CIS 20, NYDFS, HIPAA). Program is based on financial industry client security requirements and ISO 27001-2 standards and covers policies, procedures, awareness training, vendor audits, and technical controls.

2017 : Present

Stradley Ronon

Chief Information & Security Officer (CIO / CISO)

SDK | Risk+IT Advisors is a trusted partner to mid-size businesses including many of the leading trade associations, non-profits and professional service firms.

CHALLENGE : Mid-market businesses are struggling with the rising costs of technology, the perceived value of the IT investment and the risks of doing business in a digital world.

ROLE : Using two decades of expertise as a business consultant and technology executive, I advise executives on solutions that help their businesses manage risk and maximize investment in technology.

• Manage complex projects across an expanded portfolio including fractional CIO/CISO services, project management, strategic technology planning, technology selection, policy development, security assessments, ISO gap analysis, HIPAA compliance, business continuity and incident response planning.

• Recent hands-on contract and sub-contract consulting assignments include interim CIO for a 75-attorney law firm; fractional CIO/CISO for a 100-person non-profit, a comprehensive technology assessment for a 400-person think tank consulting firm, comprehensive security assessment for a 1100-person AMLAW 100 firm, business continuity planning for a 100-person Association, HIPAA risk assessment for a regional insurance company, ISO 27001 certification for a 600-person law firm, security awareness training for a 200-person law firm, project management for a 100-PC Windows 95 migration and information governance assessment and planning for a 200-student independent school.

SERVICE PORTFOLIO INCLUDES :

• FRACTIONAL CIO / CISO SERVICES

• IT STRATEGIC PLANNING

• SYSTEM EVALUATION & SELECTION

• PROJECT MANAGEMENT

• INFORMATION SECURITY PROGRAM

• SECURITY AWARENESS TRAINING

• ISO 27002 RISK ASSESSMENTS

• HIPAA/HITECH COMPLIANCE

• INFORMATION GOVERNANCE

• BUSINESS CONTINUITY PLANNING

• INCIDENT RESPONSE PLANNING

• BUSINESS PROCESS ANALYSIS

2012 : 2017

SDK | Risk+IT Advisors LLC

Founder & Managing Consultant

CHALLENGE | Transform IT into a strategic asset, differentiate the Firm’s eDiscovery services and improve the risk profile for this 900-person, $300M, multi-office law firm.

ROLE | Shared COO role overseeing the day-to-day operations and strategic planning for ten administrative departments including information technology, applications development, information security, records, new business intake, library/research, knowledge management, docketing, managing clerk, and e-Discovery.

• Oversaw a $3M revenue target, $26M capital/operating budgets, and 125 business and technical professionals through 5 direct reports.

• Managed a large project portfolio to completion, on time and within budget, including NetApp SAN, Cisco UCS, VSphere ESX, iPhone/Android/iPad and Relativity.

• Architected a hybrid cloud data center model with advanced technologies from Cisco, NetApp and VMWare aimed at reducing IT operating expenses and supporting the Firm’s growth strategy.

• Developed an innovative eDiscovery product offering (www.esipredict.com) from concept to launch making litigation costs more predictable for clients and creating competitive advantage for the Firm.

• Designed and delivered an Information Security Program using ISO 27K standards covering policy development, awareness campaigns and technical controls designed to protect client data.

2008 : 2012

Dickstein Shapiro LLP

Chief Information & Risk Officer

CHALLENGE | Stabilize a defective computer network to maximize attorney productivity, rebuild the IT organization to restore lost credibility and align technology with the needs of this $170M, 600-person, multi-office law firm.

ROLE | Provided leadership, turnaround strategy and change management expertise to significantly reduce chronic system downtime.

• Managed a capital/operating budget of $7.5 million and 30 professionals.

• Managed a large project portfolio to completion, on time and within budget, including NetWare to Windows Server, Notes Mail to Exchange, Cisco switching and routing, HP SAN, Windows XP/Office 2003 and Sharepoint.

• Managed the development of a hosted information management system for a Broadcasting client allowing the Chief Legal Officer to reduce outside counsel fees and meet the Chief Executive Officer’s budget demands.

• Redesigned file management work processes and implemented a custom content management system to drastically reduce wasted attorney/paralegal time searching for misplaced files.

2000 : 2008

Wiley Rein LLP

Chief Information Officer (CIO)

Developed business, drafted proposals and delivered consulting services to CEOs, COOs, CLOs and General Counsel of large professional service organizations and Fortune 1000 corporations to address a wide array of business problems including organizational performance, reducing waste, profitability, technology assessments, controlling eDiscovery/litigation costs, managing data privacy risks and long-range planning.

1996 : 2000

Altman Weil, Inc.

Senior Consultant | Business + IT
Company: Stradley Ronon
Years of Experience: 35
Spoken Language: English

Skills

Business Continuity, Change Management, Cloud Computing, Disaster Recovery, Financial Management & Cost Control, Information Governance, Information Technology, Innovation for Competitive Advantage & Profit Growth, ISO 27001, IT Management, IT Security Best Practices, IT Strategy, Knowledge Management, management consulting, Negotiation, Influence & Persuausion, Organizational Development, Process Improvement, Project Management, Risk Management, SaaS, Security, Strategic Planning, Talent Management, Vendor Management - SaaS, outsource, near/off-shore, Vendor Management, Innovation for, Negotiation, Influence, Organizational, Financial Management, IT Security Best

About

A results-driven IT & Risk executive with a history of utilizing advanced technologies to improve customer productivity, reduce risk and innovate for top line growth.



Advises C-level executives on a wide-range of complex business problems including performance and profitability, reducing waste, managing data privacy risks, controlling litigation costs and leveraging information assets to create competitive advantage. Draws on two decades of experience to articulate visions for strategic alignment that maximize revenue, minimize disruption to the delivery of services and maintain an effective cost structure for business operations.



Develops and values talented individuals, maximizing individual strengths and motivating teams to produce extraordinary results. Without good people who exhibit a healthy and positive attitude, we will never achieve our greatest potential as a service organization.



Specialties:

● Law Firms, Corporate Law Departments, Non-Profits and K-8 Private Schools

● Strategic Business & Technology Planning

● Information Governance, Risk Management & Compliance

● ISO/IEC 27001/02 Standards

● HIPAA / HITECH Compliance

● BC / DR Planning

● eDiscovery Strategy & Cost Containment

● Business Process Analysis

● Financial/Budget Management & Cost Control

● Organizational Behavior & Talent Management

● Program & Project Management

● Negotiation, Influence & Persuasion

● Vendor Management including SaaS, Outsourcing & Off/Near-Shoring

● Technical Design