NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, Kathy Stershic of member company Dialogic Research and Communications shares how public sector CIOS can and should prepare to take advantage of the Internet of Things while creating a secure, trusted foundation for the long term.


Gartner defines IoT as “the network of objects that contain embedded technology to communicate and sense or interact with their internal states or external environment.” At present, that generally means a machine-to-machine connection, although an expanded ‘Internet of Everything’ may well evolve to include people-to-machine and process-to-machine connections in an ever-growing ecosystem.While select commercial applications are beginning to appear, at this very early stage IoT is one area in which Public Sector IT has a unique opportunity to lead—creating large scale deployments driven by constituent demand, growing security threats, and the economic imperative to “do new with less.” For example, smart street lighting solutions can reduce crime while saving money; combined water management, smart grid and waste management can yield greater ROI on energy investment; connected warfighters can bring dominance to the battlefield, faster.

While the opportunities are many, so are the risks. IoT presents exponentially increased threats in a dynamic landscape. There is no more network perimeter. Embedded, non-standardized sensor hardware creates an increased number of connected threat points, many of which will result from the ‘smartification’ of traditionally dumb devices never intended for software or IP and built by manufacturers not accustomed to thinking about digital security.

There is a pending vast amount of data to be generated by new sources—how must it be secured as it moves and permutates? The public internet is highly vulnerable, but even isolated networks are not impermeable— think back just a short time to Stuxnet.

Human error is a leading security concern, whether due to inadequate data security policies, non-adherence to existing policies, intentional malicious acts, or even the increasing shift to BYOD.

IoT success hinges on trust, making privacy another major issue. What data is captured and stored? How? Who owns it? How may it be used? How should and will it be protected through its use cycle, and by whom?

While these challenges apply generally to IoT deployments, the Public Sector faces some truly unique and consequential situations. Consider the implications of generating data that precisely reveals the location of dismounted soldiers in combat, the specific timing and location of municipal buses en route, safe campus video monitoring, or public health threat information, to name just a few.

Given the enormous changes that IoT will eventually bring, Federal regulation and policy are inevitable but will remain unclear for some time, politics being what they are. State and municipal-level policies vary greatly. Policy needs to be appropriately aligned to possibility for each environment, but some formidable issues must be addressed first:

-          Data Collection. Many public sector mission and business leaders want to collect data from untrusted sources that can facilitate better, faster decision-making, such as improving threat, health or environmental analysis. But many current cybersecurity policies conflict with data collection, limiting what can be captured. The pressure is on IT to open up, yet security can’t be compromised.

-          Cybersecurity. To date, the market has been served with a complexity of disparate point solutions, mostly focused on prevention. Defense will always be the priority goal, but with malwares proliferating at two per second (and accelerating), a 100% prevention strategy is simply not possible. Malicious actors need to be right only 1% of the time or less to permeate the firewall. Therefore, it’s not only prudent but necessary to prepare for the full aBack conCnuum―before, during and aEer. An appropriate solution requires layers of security that span prevention, halting an attack in progress, and accelerating remediation after it occurs.

-          Bandwidth will always be limited, but data volume is only growing, with much of it useless—driving the need for edge-based data analytics to ensure the flow of just the most relevant data to those who will make use of it. Policy must guide what is considered most important and relevant, and who needs to receive what level of information.

-          Cloud. Not surprisingly, as adoption of cloud-based services increases, incidents of cyber-attacks on cloud environments are now nearly on par with attacks of on-premise equipment. IoT connectivity will force a growing intersection of domains in the cloud environment: sensors and networks, IaaS and SaaS, Big Data analytics—yielding an increasingly expanded and vulnerable enterprise environment. Persistent security enforcement and information management policies are needed, where responsibility is shared between the service provider and the customer, to protect the data and the devices and people connected to it.

What then must CIOs consider when preparing for Trusted IoT deployment?

Given these challenging issues, Public Sector CIOs should lay some important groundwork when embarking on their IoT journey:

-          Carefully plan the number and scope of initial IoT deployments that an organization can afford to undertake, including the investment in the needed people and skills, applications, analytics technologies and risk mitigation required to capitalize on the opportunity value: IaaS/SaaS, cybersecurity and Big Data. In an era of ridiculously tight budgets, existing infrastructure must obviously be leveraged as much as possible.

-          Establish and maintain trust throughout the data lifecycle. Consider solutions like Suite B encryption (devised by the NSA), which secures data out to the tactical edge. Reliable firewalls between cloud and fog network nodes are also needed. Beyond the technology, only capture data that is truly needed for the business or mission purpose, then be transparent with citizens and stakeholders. Let them know what is collected, why, how it’s used, and how it’s managed and protected. Provide easy opt-outs when possible.

-          Prepare for the full attack continuum. Design a robust security platform rather than approaching security from a point-topoint perspective. A combined hardware and software platform managing the connection, the applications, the devices and the data will enable CIOs to more readily enforce security policies and provide for security persistency. Correctly applied analytics can identify an attack in progress and help to remediate damage more quickly, but this approach will require intelligent information stewardship along with tight security.

-          Educate the workforce. Push security messages frequently. Set reasonable access and geo-fencing policies that balance the desire for expanded data collection with the need for security, then enforce them as much as possible. Revisit them annually to assess and accommodate changing stakeholder requirements.

-          Explore innovation partnerships with the private sector to create technical and policy solutions to IoT challenges. Feasible solutions can later be adopted cross-domain to maximize the potential benefits.

The Internet of Things has the potential for sweeping disruption, perhaps on par with only a few milestones in recent history such as World War One and the Industrial Revolution. While IoT may forever change the way public sector leaders protect and serve, trust is paramount to IoT success. Constituent participation will be weighed as a trade-off for utility received, such as a better citizen experience or increased public safety. Thoughtful, holistic planning should include not just the technological, but the fiduciary, legal and ethical aspects that will engender trust and drive to the greatest public good.


Kathy Stershic is Principal Consultant of Dialog Research & Communications, a consulting firm serving IT Executives through thought leadership messaging and informed, strategic communications planning. kstershic@dialogrc.com; blogging@dialogrc.com; @kstershic

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, John Beveridge of Rapidan Inbound shares insights both on closing deals as well as developing a business that you want to close from the Nov. 20 Small Business and Entrepreneur and Business Development, Marketing & Sales joint committee event.


One of the most difficult things for tech companies, or any company, for that matter, is creating revenue from your technology. Unfortunately, it’s not a matter of build it and they will come.On Thursday, November 20, the Small Business and Entrepreneur and the Business Development, Marketing & Sales Committees hosted a joint event titled, “The Art of the Deal – How Successful High-Growth Companies Close Deals.”

Hosted by Samantha Smith of Etail Eye, the event featured 3 executives from high-growth companies who shared their experiences on how to best generate revenue. Panelists included:

Marty Kaufman, VP of Operations, WeddingWire

Chris Marentis, CEO, Surefire Social

Carolyn Parent, Chief Experience Officer, Gravy

The panelists shared insights both on closing deals as well as doing the things you need to develop business that you want to close. Here are some of the tips the panelists shared.

  • A good way to start developing business is to develop your personal brand as well as your company brand. Creating good content is a great way to develop your personal brand and anyone can do it. Chris Marentis started Surefire Social with an eBook.
  • Economic down times create opportunities for new businesses. Carolyn Parent recommended that new businesses take what they can get and show results quickly. You may want to land that Fortune 500 account, but if a good SMB opportunity arises, take advantage of it. To close business, find some way to show them value quickly, even if it’s just a needs analysis.
  • New businesses can take advantage of sales technology to qualify new business opportunities. Marty Kaufman shared how WeddingWire’s data scientists use predictive analytics to help them target their business development resources to maximize revenue. Don’t overlook the affordable SaaS sales technology resources available to you.
  • Depending on which market you serve, your sales strategies will vary. B2C companies should look to create viral buzz around their products and services while B2B companies should position themselves as valued business partners to their customers. The B2G market moves at a glacial pace and sellers need to be early to the party.

These were just a few of the insights the panelists shared at the event. Want to learn more about business development, sales and marketing? Come to the next committee meeting on December 16.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, David K. Shepherd of LMI shares six strategies for reducing loss from data breaches. Check out previous blogs from LMI on a business-driven approach to IT decision-making and three business-friendly strategies to increase the value of enterprise architecture.


David Shepherd

David Shepherd, senior consultant and member of the Systems Development Group at LMI.

It’s no secret that data breaches are on the rise. These security rifts cost U.S. organizations an average of $195 per protected personal data record lost or stolen, with total costs averaging more than $5.8 million per organization breached. What may be surprising is that well-intentioned employees could be putting your data at risk..

How? To meet deadlines and collaboration requirements, employees skirt security rules protecting confidential documents by using personal email addresses and free file sharing services. Focused on completing tasks, they are unaware of the risks.

MeriTalk research shows that nearly 50 percent of federal agency security breaches are caused by security noncompliance. Forrester data reveals that the top reason for breaches (36 percent of companies surveyed) is inadvertent use of data without clear knowledge of polices. The problem is exacerbated by the proliferation of mobile devices that connect to cellular and Wi-Fi networks and upload data to the cloud.

Why do users bypass security? They take these risks to complete tasks within tight deadlines. They recognize this isn’t the “right” way to share documents, but feel they have no other options. Common complaints:

“Due to mail server size limitations, I cannot send a large file to my client.”

“Neither my client nor my company has a file-sharing tool.”

Balancing data protection and productivity

Increasing the number of security rules will not decrease employee data losses. The following six recommendations can help organizations balance the need for data protection, policy clarity, and productivity.

1) Understand employee needs when setting security policies

Engage users so you understand their day-to-day work and why they bypass security. Anonymous surveys and best practice initiatives are helpful tools. Consider granting amnesty to ensure you fully understand the problem. If your employees are using Dropbox, Box, or Google Docs, they are saying they need better storage and collaboration tools.

2) Conduct consistent, regular staff training at all levels

PricewaterhouseCoopers research reveals that most businesses invest only up to $400 per employee per year on cybersecurity training. The big exception is financial institutions, which typically spend $2,500 per employee each year. Employee training must be ongoing and pervasive—not an annual ritual. It must also include executives who are more likely to have data on multiple devices.

3) Provide a secure, flexible, and easy-to-use file-sharing tool

Employees started using cloud storage because providers offered free services with easy-to-use interfaces. These companies also offer enterprise versions, which include customizable interfaces, meet government security standards, and may even be branded with your organizational identity. Nearly all providers offer trials.

4) Deal with mobility

Organizations need to update mobile device policies to address both organization- and employee-owned devices. Solutions need to protect organization data while meeting security and employee usability needs.

5) Invest in effective prevention

Be proactive. Prior to a damaging event, security budgets are slim. After a breach, organizations can’t spend money fast enough. An event’s root cause is often due to problems with an organization’s processes. Hastily spending money on new tools won’t necessarily fix the root cause.

6) Consider suggesting tools, even if you can’t endorse their use

If an organization can’t provide a file-sharing tool, consider suggesting employees use a particular service. Wouldn’t it be better to monitor a single service closely, rather than attempting to monitor them all? If a bad breach occurs, the organization could immediately inform users and take corrective actions.

Our pristine networks are vulnerable to dedicated employees who are trying to do great work and meet impossible deadlines. If we don’t provide secure, capable tools, they will find another way. We can continue to fight against them, or we can investigate their needs, accept the challenges, and work to meet those needs while still ensuring security.


David K. Shepherd is a senior consultant in LMI’s Systems Development Group and has 25 years of experience as an information technology (IT) service management and security professional. He has designed, developed, managed, and maintained enterprise quality websites and applications for federal clients. He also advises clients on IT infrastructure issues, effective use of tools and techniques, and security engineering. He can be reached at dshepherd@lmi.org.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Notes from the Silicon Valley Cybersecurity Summit: Part 2

September 30th, 2014 | Posted by Sarah Jones in Guest Blogs - (Comments Off)

NVTC is inviting members to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. Kathy Stershic of member company Dialog Research & Communications shares her insights below.


While the policy panel discussion at the summer’s Silicon Valley Cyber Security Summit pointed out the many challenges of governments trying to deal with the cyber threat, the second ‘Next Generation’ panel was all about the shortage of qualified talent to deal with the problem.

The good news – cyber presents a great career opportunity! As in, the industry needs lots of help. Now. The not so good news is that 40 percent of open IT security jobs in 2015 will be vacant. There simply aren’t enough qualified people to fill them. Technologies such as new threat intelligence and attack remediation products will continue to advance. That will help automate intervention, but there is still a need for people to skillfully apply them, and for others to create them in the first place in the face of a never-ending game of new threats. One speaker said that, as of only a couple of years ago, a new malware was detected every 15 seconds. Now two new malwares are detected every one second! The speakers expected that pace to accelerate exponentially.

There are a growing number of formal university programs in this area, but I was very surprised to hear that only 12 percent of computer science majors are female, and that population has been steadily shrinking for two decades. A marginal percent of those study cyber. So we’ve got a challenge with public engagement in the issue, an inadequate talent pool, and almost half of the student population not thinking about the problem.

Of course not all software learning is in the classroom and talented hackers do emerge. That is why General Keith Alexander [former head of U.S. CyberCommand] went to least year’s Black Hat Conference – while unconventional, he knew this is a place to find badly needed talent. There are also several incubator initiatives like  Virginia’s Mach37, and many startups are trying to get off the ground.

Another challenge is that CEOs don’t fundamentally understand the complex cyber problem, so they delegate the task to the CIO. [This reminds me of similar dispositions toward Disaster Readiness and Business Continuity Planning pre-9/11]. Cyber threat is another form of business risk and should be planned for as such. One speaker mentioned that there is expert consensus, even from VCs who are scrupulous about how money is spent, that for a $100 million IT budget, 5-15 percent should be spent on security. While panelists noted cyber threat is a top discussion point for many corporate boards, there is uncertainty about what to actually do to prepare.

This is a tough issue all the way around. One speaker suggested repositioning the brand message to what regular folk will respond to – protecting our national treasures, homes and quality of life, critical infrastructure and national security. Nick Shevelyov, Chief Security Officer of Silicon Valley Bank, summarized the issue: ‘the technology that empowers us also imperils us.” I’m hoping more of us come to understand that and step up.


Contributed by Kathy Stershic, Principal Consultant, Dialog Research & Communications

kstershic@dialogrc.com

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week on the NVTC blog, Gretchen Frary Guandolo of Clearsight Advisors shares how the opportunity for big data professional services firms has never been greater.


Total big data revenue (software, hardware and services) reached $18.6 billion last year, up from $11.6 billion in 2012 (according to Wikibon), an impressive 58% growth over the previous year. No doubt the big data market is enormous and growing quickly, but one of the main inhibitors to growth is the lack of professional services firms focused around big data. Software, hardware and diversified IT services vendors are all on the hunt for the same target – professional services firms of scale focused on the strategy and implementation of big data projects. Clearsight recently represented Think Big Analytics in their sale to Teradata, a transaction that underscored the skyrocketing demand for big data services.  The sale process was highly competitive with bidders from several different market segments.  The opportunity for big data professional services firms has never been greater. The drivers behind the strong demand for big data services, include:

  • Few IP/tools exist that allow business users to easily implement and access Hadoop data in an uncomplicated, user friendly fashion
  • Special knowledge is required to navigate all the privacy/security/compliance moving parts and their implication on big data
  • A practitioner of big data is necessary to translate and mediate between all constituents around the table – line of business, c-suite and IT departments – to ensure a successful outcome.

As more companies boast successful Hadoop/big data projects, demand continues to grow, but there remains a divide in the approach to tackling big data projects. Big data consulting firms develop their own IP and toolsets because simple, business user- focused analytic packages accessing Hadoop data are not yet widely available. Software and hardware vendors have a challenging time selling their infrastructure products and deploying Hadoop solutions because their sale process requires a more consultative sale, implementation discipline, and technology skills of a big data consulting firm. The shortage of big data professional services skills is acute. As a result, at Clearsight we expect to see the larger product vendors, IT services firms,  ad agencies and many other sectors continue to hunt for acquisition targets to increase their big data services capabilities and address the growing need for big data professional services.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Notes from the Silicon Valley Cybersecurity Summit

September 23rd, 2014 | Posted by Sarah Jones in Guest Blogs | Uncategorized - (Comments Off)

NVTC is inviting members to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. Kathy Stershic of member company Dialog Research & Communications shares her insights below.


I was fortunate to attend Silicon Valley Cyber Security Summit over the summer, where I spent four hours indulging in the subject. The panel discussions were excellent, bringing perspectives from security technology providers, pundits, the Department of Homeland Security, congressmen, senators and executives from the outstanding Silicon Valley Leadership Group (#SVLG).

The first discussion centered around progress to date with Obama’s Executive Order (EO) issued in early 2013, and the potential for more formal cyber policy or regulation coming from the Congress. The cybersecurity problem offers a rare opportunity for the public sector to lead in a critical technology domain, but all of the day’s speakers emphasized the requirement for public-private partnership in addressing the challenge. There has actually been some good news around the Cybersecurity Framework, an outcome of the EO being driven by NIST, in which participation is voluntary but to which 3,000 private sector representatives have actually contributed. While governments actively push such information to the citizenry, companies need to share a lot more about what’s happening to them, what they’re learning and how they’re defending themselves – competitive concerns are keeping this constrained to date. Still, some progress is being made.

One of the biggest eye openers was the claim by several speakers that the public is just not engaged in this issue and therefore practices poor digital ‘hygiene’. I found this surprising and uncanny in the aftermath of the Target and Nieman Marcus’s attacks last fall, and the Aug. 5 revelation that a Russian crime ring had stolen 1.2 billion user name and password combinations and more than 500 million email addresses.

Senator Saxby Chambliss (R-Ga.) extolled the virtues of his and Senator Dianne Feinstein’s (D-Calif.) Cybersecurity Information Sharing Act bill, which made it through the Intelligence Committee but still faces stiff opposition from privacy advocates. Everyone agreed that what would spur Congressional action would be a real crisis – a big attack that causes a real national issue. We hope that we don’t have to endure a crisis to make progress, however. It is also possible for Federal agencies like HHS, DHS, the SEC and others to impose cyber regulations within their domains – some are already doing so. And states are stepping up too, with a plethora of unique policies. Beyond the U.S., each country will have its own policies as well.

In my opinion, the core issue behind the discussion was trust – citizens don’t trust the government, businesses don’t trust each other or the government, and the government doesn’t trust other governments. One speaker even joked that in the Silicon Valley, the NSA is seen as an ‘advanced persistent threat.’  Everyone is waiting for a cybersecurity crisis, which I believe will sooner or later. Let’s hope later.

My next post will discuss the country’s shortage of skilled cybersecurity workers.


Contributed by Kathy Stershic, Principal Consultant, Dialog Research & Communications

kstershic@dialogrc.com

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, Elizabeth Harr of member company Hinge Marketing shares five reasons social media impacts your business in a measurable way.


With numerous social media platforms to keep track of — each their own little world with a specific set of participation standards — it’s no wonder that many marketers are asking “is this worth it?” Between the tweets, shares, status updates, pins and likes, maintaining a strong social media presence can be time consuming and confusing. Social Media Examiner’s latest industry report revealed that marketers spend a minimum of six hours per week on their social media accounts — nearly an entire day’s work.

It’s understandable that you’d want to see measurable impact from your technology firm’s social media marketing if you’re putting in all that effort. social-media-tree-icon
Perhaps the easiest way to answer the question of “is this worth it?” is to look to your clients. How are they researching their technology needs? What factors are they considering when making a purchasing decision? Where are they looking? More often than not, your buyers are starting with a basic online search, glancing through the first page of results, and checking out their options from there.

Combined with a well-rounded digital marketing strategy, social media can add the extra boost your technology firm needs to get you on that first page of search engine results. Once prospective buyers find you, social media can play a role in closing the sale. And to really drive home exactly why social media marketing is “worth it,” here’s a list of benefits that can help improve your bottom line.

5 Ways Social Media Marketing Benefits Your Technology Firm 

It Boosts Your Search Engine Rankings

Your buyers aren’t likely to look past that first page of results. Luckily, a strong social media presence can help your technology firm be one of the first options they see. Having more backlinks to your website helps to improve your ranking and social media is the perfect platform to share those links and increase your search engine optimization.

It Increases Referral Traffic

Thanks to Google Analytics, you can see exactly what types of posts on which social media platforms are driving traffic to your site. Learn from your results and focus on the types of posts that are generating the most visitors.

It Helps Establish Your Brand

When a prospective buyer finds your website, they’re probably going to poke around to see if your priorities and personality match their own. Social media is a great way for potential clients to get to “know” your technology firm. The information you share can help position you as a trusted authority in your field.

It Can Build Your Contacts List

You can use your social media accounts to promote premium content that drives visitors to your website. In order to download the content, ask visitors to enter in some basic contact information to build up your email lists. Sticking to requiring nothing more than a name and email address will help increase your conversions for the content.

It Can Be a Great Promotional Tool

Promoting offers on social media requires you to walk a fine line. Your followers don’t want to see an excess of promotional content, but you can still publicize offers as long as they’re mixed in with predominantly informational content.

Though the time commitment of social media marketing might seem overwhelming to your technology firm at times, employing it as part of your digital marketing strategy can help you acquire new clients. Between increasing your online visibility, driving traffic to your website and establishing your credibility in the industry, social media is, without a doubt, “worth it.”

Check out Hinge’s free Social Media Guide for tips on increasing your social media footprint.


Elizabeth Harr is a partner at Hinge, a marketing and branding firm for professional services. Elizabeth is an accomplished entrepreneur and experienced executive with a background in strategic planning, brand building, and communications. She is the coauthor of Inside the Buyer’s Brain, How Buyers Buy: Technology Services Edition and Online Marketing for Professional Services: Technology Services Edition.

 

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How to Use Equity to Incentivize Employees

July 31st, 2014 | Posted by Sarah Jones in Guest Blogs - (Comments Off)

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. In his latest post on the NVTC blog, Matt Rajput of CohnReznick shares his insights how to attract and retain employees through equity compensation.


Technology company executives are continually challenged with how to attract, retain, and motivate key employees. Technology start-ups, in an effort to conserve cash, are known for streamlining operations and offering employees thin compensation and benefits packages until they land on more stable financial ground.

One idea for attracting and retaining employees is to include an equity component as part of the complete compensation package.  This can be in the form of common stock, stock options, profits interests, phantom stock, and other forms of equity.

Issuing equity to employees is a great opportunity to give employees a stake in the future of the company because the value of their stock, stock options, or other equity instrument is tied to the performance and growth of the company. This concept of ownership also creates inherent advantages as employees who become owners themselves (or have the option to become owners) will work harder to improve the business, because it will drive more value to their options.

Equity compensation promotes employee retention as vesting terms or restrictions typically require employees to remain with the company for a certain period before they are fully vested in the equity. For example, an employee can be given 100 stock options, in lieu of or in addition to an annual bonus, but the options have a four year vesting term requiring the employee to vest in 25 options each year. In this circumstance, the employee would have to remain with the company for four years to fully recognize the entire value of the 100 stock options. If the employee were to leave after two years, they would only be vested in 50 stock options leaving 50 options on the table.

Equity is also a very important carrot that can be used to attract talent.  In a competitive market, the ability to offer a prospective employee a stake in the upside of the company’s growth could be a differentiator in closing the deal.  Even if the company has the ability to pay market salaries, many astute tech executives continue to look for an equity stake.

Another attractive element of this type of compensation is that it is a cost-effective way to offer employees additional compensation that may be worth a great deal of money in the future as the value of the company improves over time.

However, implementing an equity compensation plan does not come without challenges. Some employees may not want to wait a few years for a liquidity event to receive the compensation for the work that they are currently performing. Long vesting periods, tax consequences, and high exercise prices are all characteristics that make equity issuances less satisfying to employees than cash compensation. Additionally, non-public companies may have a hard time getting employees to realize the value in an equity instrument that cannot be easily turned into cash.

Despite these pitfalls, many companies, both public and private, continue to utilize various forms of equity compensation to keep their employees motivated, well-compensated, and engaged.


Matt Rajput, CPA, is an Audit Senior Manager with CohnReznick LLP and a member of the firm’s Technology Industry Practice. Working from the firm’s Tysons Corner office, Matt has eight+ years of experience servicing publicly-traded and closely-held companies in the technology sector and he routinely provides services to private equity and venture capital backed companies. Contact Matt at matt.rajput@cohnreznick.com. Follow CohnReznick’s Technology Practice on Twitter @CR_TechInd.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. In the post below, Derek Alden Elder of member company Salient Federal Solutions explains how professional development is essential for success.


Today’s government, industry, civilian, and institutional professional leadership all agree on one thing: Professional development is vital to success. Yet it is becoming harder each and every day to find time for it. This is driven by many factors. The most obvious, of course, is the continual reduction in force to accommodate todays lower cost requirements. These strong economic and political headwinds demand we make a difference.

With less people doing more work it is impossible to ignore the implications to the remaining forces’ availability to support seemingly non-essential requirements, such as further developing their applicable capabilities through professional development, training, and education. We must have a relentless commitment to our customers, colleagues and our communities. Salient Federal Solutions believes that a viable solution exists which will mitigate this issue and we use it today.

In a rapidly changing environment, infusing current work requirements into the training our warfighters receive today is essential to increasing effectiveness within an experiential modality while also serving the trainee by assisting with the execution of their deliverables and concurrently advancing their knowledge base. Salient plans a custom approach to every requirement so it can and is being done today. We understand that success is dependent upon our situational approach and customized execution on each task – getting warfighters what they need and when they need it. Minimizing time spent while maximizing output to current requirements while broadening knowledge base will determine effectiveness and thus define return on investment of training to leadership. Although counter to most industry culture, this is the only viable path to solving the growing work/train/time issue we all experience in these leaner times.

Whether it be professional, technical, or personal development it is essential for the end user to insist upon their workload being infused to the exercises associated with our learning process, but similarly, we need to drive this approach from the top down as the leading providers to the education and training industry. This change can only be achieved if we stand together behind one simple truth; developing our workforce is vital to future success and it cannot be accomplished without fundamental changes to the approach most take today. If our workplace has become more efficient and lean then so must we with something as important this.


If you’re interested in professional development, get involved with NVTC! Attend an event for opportunities to see and be seen by industry leaders; join a committee to meet potential clients, build relationships, and learn about trends; and check out NVTC’s many other resources.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

How To Be Strategic With Your IT Hiring

June 18th, 2014 | Posted by Sarah Jones in Guest Blogs - (Comments Off)

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. In the below post, Marc Berman of member company Vector Technical Resources shares strategic steps for managers when hiring an IT staff.


Hiring tech talent can be a serious challenge for many organizations. Depending upon where your company is located, you may be competing with shinier, flashier tech
companies that can offer massive salaries, on-site gym memberships, free daycare, and other perks. Conversely, you may be operating in a rural area where new IT talent is hard to come by.

The (somewhat) good news is that no matter where you are or what your organization does, you are not alone. The Technology Councils of North America conducted a survey in 2013 that found nearly 70% of participating executives believe there is a shortage of quality tech talent in the marketplace. They feel that “all the good ones are taken,” and it can be difficult to attract and hire the right people.

Making Strong IT Hiring Decisions

This climate can lead companies to make poor IT hiring decisions. Hiring managers may feel pressured to jump on the first candidate with the appropriate skill set. But even if an IT candidate’s skills match up with your needs, there are other things to consider before making an offer.

Here are some tips to help you make strategic IT hiring decisions:

  1. Documented Work – An IT candidate can claim certain skills and accomplishments, and it may be possible to glean their expertise from an interview, but it is important to get documentation of previous projects.
  2. Look for Broad Experience – Specialization can be beneficial for certain positions, but more often than not, your organization will depend upon IT pros with a broad knowledge base. When someone focuses narrowly on one specific skill, it can lead them to be less effective at solving large problems.
  3. Match Personality with Company Culture – Employees must be happy in order to do their jobs well, and if the culture of the organization isn’t a good fit, your new hire won’t feel comfortable or happy. For example, individuals with a laid-back attitude and work history in casual environments may feel stifled in a workplace with a more rigid corporate structure.  Be sure to take personality and your company culture into consideration before making an offer.
  4. Don’t Make a Panic Hire – Making a fast hiring decision out of sheer panic rarely turns out well. If the position is so critical that it must be filled immediately, it’s worth it to take a breath and move deliberately, because a bad hire will ultimately force you back into a desperate situation. Never hire for an IT position after one interview.  Always conduct a phone screen first. This can help narrow the field before you potentially waste your time and the candidate’s time on an in-person interview.
  5. Include the Team – If an IT professional will be reporting to three managers, include all three managers in the hiring process. It is important that everyone gets a sense of a candidate’s personality and work style, so that they can feel comfortable bringing that individual on board.

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS