Skip to main content

As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past decade building a risk management program from the ground up.  As I shared in my Founder's Story,  I struggled in the early days with defining what our program would look like, and especially around the tooling I would use, but it wasn't long before I was able to demonstrate the value of risk management to the organization.  SimpleRisk quickly became our de facto tool of choice and, as my knowledge increased and my co

On March 29, 2019, Alex Polimeni and I presented at the BSides Austin conference on some of the work we've done for National Instruments with respect to using the NIST Cybersecurity Framework (CSF) as the foundation for an assessment of the organization's cybersecurity maturity.  For those who aren't familiar with the NIST CSF, it splits cybersecurity best practice activities up into five functions: Identify, Protect, Detect, Respond, and Recover.  Then, each of those functions are split into several categories.  For example, the Identify function is split into the categories of Asset Manag

Recently, a friend sent me a blog post by John A.

Every comic book superhero has a story behind them describing how they overcame some form of adversity in order to become the crime-fighting protector of all things good that we've come to know and love. Just like those champions of justice, SimpleRisk also has an origin story. It all started in 2012, when Josh Sokol was tasked with starting an enterprise risk management program at National Instruments.

Subscribe to GRC

KEEP UP WITH THE LATEST
PRODUCT ANNOUNCEMENTS
AND BLOG POSTS

FOLLOW US

CONTACT US