Frequently Asked Questions

How would you describe your ideal Client?

The ideal client:

  • Runs a small federal government contracting business (1-500 employees), a privately held firm that sells personal or professional services.
  • Is facing a challenge or bottleneck with their technology or cybersecurity that is significant to them. These can be issues that keep them up at night or cause persistent frustration and slow down of delivery.  The tech isn’t serving you; you are a slave to the tech you have.
  • Is hiring me because of my expertise and is not afraid of any hard truths that may emerge.
  • Willing to le me (1) determine what issues are relevant (2) diagnose the root causes to the problem accurately and transparently (3) suggest the best possible solutions that can lead to the desired outcomes and real change but minimize disruptions.
  • Teams that are ready to be engaged from the start, forthcoming and honest with the current situation, and excited to jump into remediation steps with a little mix of fear and excitement but confident that the result is significantly better than the current situation. 
  • Teams that are open to different perspectives.  Acknowledging that self-diagnosis is extremely hard and usually viewed through rose-tinted glasses.
  • There is no hesitation about the fee against the possible (& probable) long-term positive impact on their business, without reminder or prompting.  They understand that trying to go it alone, or even without, is more expensive and burns more time than not hiring me.
What size are the companies that you work with?

Most of my paid services have been for companies between 1-500 people.  My entire consulting practice is built on understanding the differences in scale.  The more formalized your company needs to become the larger it grows. Cyber frameworks are built on scale.

How do I know if a vCIO is right for me?
No different than any other resource decision you face, it truly depends on your business goals.

If you have a current IT team that are just “fixers” a vCIO can provide additional expertise and support to look for enhancements in your business.

The complexity of your business needs, typically the more complex your business functions that greater probablity a vCIO can use technology to increase value.

Of course budget plays a part.  Having a key senior team member that can execute and maintain oversight can ensure a greater chance of success of a project and efficient use of budgets.

What are typical payment terms?

All services are fully prepaid and non-refundable, for any reason.

This is two-fold: (1) It allows me to be completely transparent with you, that you may get upset and potentially withhold payment.  Sometimes the truth hurts (2) It is your responsibilty to bring oversight to your team during implementation.  A failure to implement is not a reflection of the industry accepted strategies that will I provide based on your uniquest circumstances.

Do you certify the Cybersecurity Practices?

Short answer, no.  My practice is built on aligning the federal government contractors busines to NIST 800-171 framework.  The goal is to create a business that can maintain a cybersecure culture and not just check boxes.  Passing a one time audit does not in any shape or form me you are secure.  Its good for about 2 seconds if you revert to old habits until the next audit.

The standard that is coming is called CMMC.  It has went through ups and downs and is currently in rule making. 

I am waiting to see how this shakes out.

But by working with clients to incorporate cybersecurity best practices, aligned to NIST 800-171 you will be better prepared come an audit.


What Guarantees come with your service?

Like many other professional services, what you put in and commit to is what your get out.  The information you recieve is factual, industry best practice, and cutting edge.

The service is not a “make you feel good” consultation.  It is strictly implemented to accomplish the agreed up on goals.  There can be some hard truths that come out.

Your team are the implementors.

I thought my MSP did the same thing?
Your MSP plays a tactical role in the day-to-day management of the technology in your business, usually with a pre-defined technology stack.

A vCIO plays a strategic role not bound by an existing technology but identifies gaps and other weaknesses. A vCIO looks at building systems to scale.

A great vCIO will help define guidance to business owners on how an MSP will function within their company.


Can we get together and meet first?

Feel free to sign up for a virtual coffee section.  Links are all over this website. 

I will be happy to spend some time understanding your situation and how we can work together.


What are the typical deliverables?

The main deliverable is objective, insightful analysis and transformative advice.  The focus is not on long reports that no one will ever read.  The recommendations will be short, consise, sometimes in only outline form.  Or markups on your existing documentation that has been reviewed.  Then we will expand where necessary or unclear.

Everyone must be on the same page, me and you. Don’t assume.  Ask for clarity. 

What is a significant interaction during implementation?

After the main engagements are complete, each is followed by an execution period.  This is for a set number of significant phone calls or emails, whichever occurs first.  This can be initiated on your end or our end. This period and interaction are defined on each service page. 

A significant interaction is one where an agenda is developed, and preparation must occur.  You have gathered a list of questions, or a more substantial issue arises that needs to be resolved.  We initiate if we feel we are being avoided or momentum is being lost.



“John has always been an exceptional industry partner with a clear command of information technology, running the spectrum from policy to implementation. He brings both complementary and force-multiplying skills to every initiative we’ve undertaken. A true asset and go-to teammate.”

Michael Ferritto – Aquila Technology

“I have had the privilege of knowing and working with John Barker for 17 years.  His business solutions are both thoughtful and practical.  He is a life learner, so I know when I work with John, I am getting the latest thinking across the industry of thought leaders. His tools and templates have provided me with realistic and practical prompts to get started on various projects.”

Cara Parker – CParker Consulting

“I was ready to expand my business and needed a more robust, technically advanced accounting system. John not only successfully help me navigate the tech but assisted with the business side. My accountant was 99% certain a fully licensed CPA had assisted me. Clearly John is my go-to person for business consulting ”

Sterling Edwards – Sterling Edwards Home Improvement

“The strategies and tactics John gives are always on point. The technology info and connections John has, allowed us to make a quick go/no-go decision on key directions of the business. Don’t hesitate to trust his expertise in all things business and technology related”

Rialand Jones – Lammar Marie Gourmet Popcorn

“I have had the privilege of working with John on and off for the last couple of years. I have found his guidance to be priceless both professionally and personally. This guy is the real deal and no matter the project, he is someone that brings value and perspective that changes the game for the better. You are not going to regret engaging with him”

Justin Holroyd – USMC Veteran, Sales and Project Manager

“John Barker is an expert in his field. He is a wealth of knowledge when it comes to technology, and he’s able to convey that to the general public in a way that is entertaining and educational. He is a natural leader who is not afraid to speak his mind and has an innate ability to motivate those around him.”

Jeff Say – Culpeper Chamber of Commerce

John has been our vCIO resource for over 8 years now.  As the lead accountant for a prominent family in N.VA worth multiple 9 figures it is important to have someone like John that not only understands the technology and security needed to protect our assets but also the business side.


Amy Roberts — Piedmont Management Group