By - - 4 minutes of reading
NovaSync Founding

NovaSync Founding Story

When Jared Shakespeare and Brent Castagnetto founded NovaSync in January of 2021, it wasn’t because they dreamed of building software. It was because they were tired of living the problem. Learn about how NovaSync came to be a leader in NERC CIP Governance, Risk, and Compliance software.

NovaSync was created to help registered electric utilities in North America manage their NERC CIP compliance program using a centralized GRC (Governance, Risk, Compliance) software for compliance management.

A Broken System, Up Close

Brent still remembers the moment clearly. He was supporting a NERC CIP and FERC led audit for large publicly traded utility, trying to compile the Electronic Records Template (ERT) for CIP-004 compliance. It was a compliance nightmare.

“Four different tools. Three weeks. Four people.”

The team was chasing down personnel access records, dates, transfers, revocations, file share records, all while stitching together reports with digital duct tape and sheer mental agility. One of Brent’s team members flagged a mismatch on a single date for a single person, and the entire narrative they were presenting to FERC began to unravel. The auditor’s confidence visually dropped in real time.

They weren’t alone. Across the industry, entities were paying consultants just to figure out how to validate their quarterly and annual NERC CIP-004 R3, R4, and R5 access management review checks. For these requirements, everyone seemed to be reacting, scrambling to get ahead of problems that should’ve been caught earlier, or could have been avoided altogether.

What If We Built It Ourselves?

Jared’s perspective was working on a consulting project with a smaller utility. The utility was trying to stand up another compliance automation software, which the vendor had sent over a CIP consultant for training. Jared sat through a three-day session explaining how to simply add a line to the bottom of a report.

It was maddening. “What if I just made something better?” he thought.

That spark led to the early NovaSync prototype, focused on solving real NERC CIP compliance problems people had, like access management and patch evaluations. Not quarterly just for compliance, not “whenever someone checks,” but every day. Find issues early. Prevent self-reports. Tighten internal controls. Actually improve security. It sounds obvious now, but it wasn’t what the industry was doing and still remains a large gap.

By January 2021, they had built access management, asset management, patch management, and change management modules. In 2022, NovaSync added Josh Erramouspe to lead Implementations, Bryan and Ricky to scale engineering. In early 2025, Nick Santora joined the NovaSync team with sights set on adding more teammates as the company continues to grow. Each SuperNova teammate continues to strengthen the product and focus towards a NERC GRC (Governance, Risk, and Compliance) automation software.

Compliance Automation for NERC CIP

NovaSync has a unique perspective of the industry, building from expertise and time earned in the field. Jared and Brent served as NERC CIP auditors and led the industry based off their expertise, insights, and best practices. Building NovaSync was about making things work better, faster, and without the constant compliance duct-tape hustle. NovaSync’s position was to create a highly configurable, expert driven platform, not left to clients to figure out alone.

NovaSync is about solving real compliance and security challenges, many of which our team has lived through personally.

One example? Patch management for CIP-007 R2. In a 35-day update cycle, how do you know the source of truth for what was evaluated and when? Who has the record? Is anyone even looking at the right system? NovaSync turned those worries into automated confidence.

Help is Built Into Our DNA

What set Jared and Brent apart was their instinct to help. It wasn’t just about building software, it was about freeing people from mind-numbing manual tasks so they could actually do their jobs. It was about giving organizations a way to reduce compliance risk and raise the bar on internal security, simultaneously.

Customers started to notice that daily account checks were normal. They automated patch evaluations. They reduced reliance on spreadsheets and stopped forcing their security teams to dig through SharePoint history just to get a partial answer.

As former NERC CIP auditors, Jared and Brent have seen a lot of CIP compliance programs from many angles. Their unique perspective towards approaching CIP compliance is built off years of audit experience from real-world events. Jared and Brent built towards a path that would solve many of the common CIP compliance challenges they saw during their audit engagements.

The Future of NERC CIP GRC Software

The journey doesn’t stop at solving today’s NERC CIP compliance problems. The NovaSync team is actively listening to the industry. Watching for new challenges, new regulatory pressures, and new inefficiencies that cost real time, money, and trust. That is why we created NovaSync.

As SharePoint and other tools go cloud-based, enterprise GRC becomes even more complex, NovaSync remains focused. A mission to deliver practical solutions and build software that actually helps NERC CIP compliance teams. Automate the tasks, reports, and evidence collection that should be automated. Help compliance experts and SMEs do their job better.

And it all started with one question: What if we didn’t wait for someone else to fix it?

Request Demo
Request Demo