Kirby Risk is a 98-year-old family-owned industrial electrical distributor operating across Indiana, Illinois, and Ohio. The company evolved from a small battery shop in 1926 into a regional supply chain operation serving manufacturing and industrial clients. It's not a tech company - the stack is standard Microsoft 365 - but that's the environment: legacy infrastructure supporting physical distribution, engineering services, and operational logistics for industrial customers.
The threat surface here is classic critical infrastructure territory. Industrial control systems, supply chain dependencies, customer data tied to manufacturing contracts, and operational technology networks that connect physical sites across three states. If you're threat modeling a century-old distributor with regional footprint and manufacturing ties, you're looking at ransomware risk, supplier compromise vectors, and the usual mess of OT/IT convergence. No indication of dedicated security engineering in the provided facts, which tracks for a company this size and sector.
James K. Risk III runs the operation. They've been named a Top Workplace five consecutive years, which suggests employee retention and institutional knowledge - relevant for security because it means lower insider risk from churn, but also potential accumulation of legacy access and undocumented systems. The culture language is heavy on relationships and service, light on technical posture. If you're evaluating this as a security role, you'd be building foundational capabilities in an environment that hasn't historically prioritized them.