Archive

Archive for October, 2012

Cyber & Network Security: “I See Said The Blind Man…”

October 31st, 2012 Comments off

After joining my latest company, I’ve found myself exposed to a group of brilliant individuals who have a laser focused fascination for cyber security and every subtlety tied to it. For those that know my background, the natural question is how did I get pulled into this one? After my tours of duty with Quiksilver & DC Shoes, Schneider Electric, Pacific Sunwear, and investment banking, the security industry is a bit out of my realm. But then again, I wasn’t brought in for my security expertise, but for my ability to drive financial performance and create a foundation for the rest of this group to prosper.

However, it has been eye opening experience working with this group. Although all the companies I’ve worked with had extensive IT departments, as well as a focus on “network security”, this is a whole different level. Literally, on my first day with this team, I took immediate actions to tighten down my own personal information after reading a few articles that were forwarded to me. One article in particular discussed a journalist who literally had his identity wiped clean, including family pictures kept online, after his accounts were hacked. Unbelievable.

The more noticeable hindsight to me as I was discussing other companies with our team is that I don’t recall EVER receiving an email where the file was password protected. Now keep in mind that I’ve worked for a number of different public companies, as well as equity research at an investment bank, and I have NEVER received a password encrypted file. Maybe a password so I couldn’t alter the structure, but not to actually open the file. Even in my own previous approach, my idea of “locking things down” was to send any forecast or financial info out in PDF so it couldn’t be modified. I’m pretty much chuckling at that approach now in comparison to what the daily MO is here.

What is even more interesting is the approach that most corporate IT departments are taking with regards to internet access, the opening of unfamiliar links, the lack of ongoing security training, and the relative absence of putting any significant effort into this area. Most companies may not offer that much for a targeted attack, but the subsequent cost and loss of productivity is an entirely different matter. I know I’m looking forward to the continued immersion & learning about this industry. For myself, the obvious phrase that came to mind was “I see said the blind man…”, but I think I’m still relatively blind on the security front.

Thanks for reading…

Jeffrey Ishmael

Are You Working w/ a Vendor or Partner?

October 22nd, 2012 Comments off

Regardless of the industry or the size of the company I have worked with, I have always used the term “vendor” rather generically, but in the end, my goal has been to always have vendors that are true Partners. Some would say that this would just be a case of semantics, and in the end, every partner is simply a vendor. I would argue otherwise, and my philosophy couldn’t be more justified after my recent move to a start-up.

I will say that there are a group of vendors, who no matter what the situation, will always likely be a vendor as their products are so commoditized that it’s a virtual impossibility for them to distinguish themselves. Who are the folks I would drop into this characterization? I would put examples such as office supplies, general office services such as copiers & secured recycling, and coffee services. These are vendors. Get the rate, set them up, and essentially let them manage themselves and ensure that they deliver on their promised services. If they don’t it’s not like there would be significant risk to your business.

Partners to me are an entirely different matter. These are the folks that are providing a key deliverable to the business that will either mitigate your future risk, or in the event of failed performance, creates a serious issue. These are the companies that you need to ensure will deliver, are committed to deliver, and will do all that is necessary to make sure they maintain their goodwill with you. In the case of our start-up, I would also put those companies into this pool that will ensure we have a smooth transition into our new space. If I’m contacting you with the opportunity to provide a service, and it’s something I can’t do myself, I don’t expect to do half the work to ensure you have a successful bid. Turnkey solutions are not about feeding your clients partial elements of a project for them to piece together and ultimately confirm what the cost of the project is.

I’ve been fortunate to find a number of true Partners over the years that have provided consistently great service and are always pleased when I can work with these folks again. Since there’s no tipping our hand to strategy in this, I can say that I can endorse my friends at Woodruff-Sawyer, Cresa Partners, Union Bank, and Project Pro Search. Over the years, and at a number of different companies, these folks have always been star performers. These are the folks that have shown they are true partners, will have your back when that extra effort is needed, and can be counted on to deliver.

Thanks for reading….

Jeffrey Ishmael

Categories: CorpFin Cafe, Management Tags:

Start-Up Fun: When Only A Phone Bill Affirms Your Corporate Existence…

October 6th, 2012 Comments off

While I thought I had pretty much seen the lowest levels of bad policy in corporate America, I’ve seen it sink to a new low with one of the service providers we were looking to bring on as a long-term partner. In my first call, and subsequent meeting with this company, they were very clear that we were in start-up mode, but were in need of a critical service they would be supplying. “No problem…” was all I continued to hear as we went through the on-boarding process. We even had an onsite inspection at our temporary location. I also walked them through the pedigree of the team and that this was not the “normal” start-up….that this was a rather super-charged early stage entity.  “No problem….” I continue to hear.

No keep in mind that this “start-up” was in the final stages of negotiating a commercial lease with two significant partners and a major property owner. Never mind that this “start-up” had already put in place a strong benefits program for employees and had also finalized on-boarding with a major 401k service provider. Never mind that this “start-up” had already put extensive D&O and E&O insurance coverage in place. Never mind that this “start-up’ had already gone through all the state and federal government registrations and was already operating as a C-Corp. All the right things to have in place to signal your serious about what you’re doing.

So my new “partner” calls me back and tells me we’re all approved and ready to finalizing the on-boarding process, but they need a copy of our corporate phone bill. Without that piece of information our status would be put on hold. “Are you kidding me…?” weren’t exactly the words that went through my head or what came out across the phone…my mobile phone. So…until we have our commercial lease signed in the next week we’re essentially in a holding pattern. So the lesson here…you’re only a “legitimate” corporate entity if you can show a copy of your corporate phone bill. Me, I’m just waiting to see the next example of corporate stupidity…

Thanks for reading…

Jeffrey Ishmael

Categories: CorpFin Cafe Tags: