Cyber (In)security

 “There are only two kinds of companies in the United States: those who have been hacked and know it, and those who have been hacked and do not know it.”

Thus spake Richard Clarke, consultant to US presidents, at an October 10 joint breakfast meeting of the Greater Boston Chamber of Commerce and NACD New England.

Also on the panel: Art Coviello, EVP at EMC; Chris Goggans (billed as “one of the world’s most famous hackers” and now vice president of a security consulting firm); moderator Jeff Brown, Chief Information Security Officer for Raytheon.  A subsequent blog will address appropriate director response; below are highpoints of the panel: 

  • Any company’s system can be hacked.  Hacking should be viewed as a risk management issue; what are the “crown jewels” of information that must be protected, and how can you protect that information? 
  • IT systems are dynamic and changing, with  proliferation of devices accessing the internet and your company.  Thus no preventative program is fool-proof. 
  • Every company should have a “warning system” that monitors information systems continually, to find the hack early and thus reduce the “dwell time” during which the hacker is sitting in your system. 
  • Certain foreign governments (China and Russia were mentioned) hack US companies and turn over trade secrets to their own domestic companies. 
  • While at least one major company does not “go to the cloud,” because the cloud broadens the “attack surface” over which an intrusion can occur, smaller companies may be well served in the cloud because they may thus benefit from cloud-based security services they could not otherwise afford. 
  • If you suffer a “material hack,” the SEC requires disclosure by public companies.  Forty-eight states require notice to customers if their personal information is compromised.  Contractual arrangements may require cyber network protection, mediation and indemnification from counterparties. 
  • Publicity  for a company that has been hacked can be devastating; you need a plan not only to limit or shorten hacks, but also to deal with the press, the general public and your important constituencies such as customers. 

Private Equity Update

 The common wisdom is that private equity funds will purchase a “platform” company, and then seek to build on that platform with “rollups” until a certain enhanced size is reached.  Then, the company can be sold or can go public, enjoying a greater value multiple. 

Not so fast, said a panel of senior private equity professionals at Duane Morris’ October 2 private equity forum held in Boston. 

Participants included Marty Mannion, Managing Director of Summit; Jay Jester, Managing Director of Audax; Tom Wippman, Senior Outside Legal Advisor to Sterling Partners; and Phil Mazzini, former President of H&R Block’s retail business who built that business through “hundreds of acquisitions.” 

The game has changed, agreed the panel, since the old days when the idea was simply to do acquisitions, grow bigger and then assume an enhanced value.  A more sophisticated investment environment requires more than mere conglomeration leading to size, but rather enhancement of the businesses. 

Key points:

  • * It is important to start with a solid platform company with strong, acquisition minded management.  The HR factor, and adequate integration of add-ons, has become central; “in the day,” integration was never looked at, only size. 
  • * Carefully pick an industry in which you propose to do a rollup; is it possible?  You might ask, is anyone in the industry already doing a consolidation?  Although some may think, “no one is doing it so what a great opportunity,” the panel agreed that it is a negative sign when people who know the industry best are not attempting consolidation. 
  • * Finally, the PEs acknowledge that they are unlikely to be able to compete with a strategic buyer.  The strategic simply knows more, knows where cost savings are most likely to occur, and is thus likely to out-bid the private equity fund. 

Changes in Med Device IP

Protecting the IP of med devices is undergoing rapid change, requiring manufacturers to revisit their IP programs: changes in US and European regulation, convergence of technologies, attacks by patent trolls.

 Some of these changes were outlined at last Friday’s MassMedic conference in Waltham, MA, with presentations by counsel from here and the EU.  Highlights:

            *Last year’s America Invents Act created a more robust method of challenging a patent by a proceeding within the Patent and Trademark Office; the hope was to limit expensive and drawn-out suits in US District Courts.  Unfortunately now many challenges are mounted in BOTH venues, and it is not clear that defendants will be able to “stay” or delay the Court proceedings while the PTO determines patent validity.

            *Convergence of medical technology with other technologies (notably in mobile medicine) has complicated the identification of an alleged infringer.

            *Riding the trend of introducing med devices in Europe before the US to take advantage of what is perceived to be a more manageable regulatory path, the EU is considering a “unitary” patent which, once granted, would cover most EU countries (alas, not all).  (Presently, a grant of European patent must then be “registered” in each country individually.)

            *So-called patent “trolls,” non-operating entities which sue manufacturers seeking royalties for infringement, are turning more to med device companies. Not all such entities are predatory; plaintiffs may include universities, research facilities, emerging companies with innovative technology whose rights are ignored by large manufacturers.  (The methods used to assert claims, the popular courts in which to bring suit, and some strategies to resist were discussed by my partner Tony Fitzpatrick; let me know if you would like to see his power-points on this volatile topic.)

Death of Noncomps?

Popular and trade press reports indicate that Governor Patrick is supporting legislation that will ban noncompetition agreements under Massachusetts law.  The theory is that noncomps deter mobility, that mobility is good as it fosters competition in the tech sector, and Massachusetts wants to remain a tech hotbed.  (Noncomps have been verboten in California, in most instances, for a long time.)

The issue arises as Massachusetts considers adopting a beefed-up trade secret protection law.  As traditional noncomps often were premised on preventing abuse of trade secrets, the ban on noncomps in light of increased trade secret protection by statute is a logical extension.  Presumably noncomps would still survive if incident to the sale of a business or if the employer is paying the former employee not to work.

This change is long-overdue.  Enforcing noncomps in Mass courts has become difficult and unpredictable, as well as expensive.  Noncomps here go back literally to horse and buggy days, when dairies tried to prevent drivers from going to the competition with knowledge of the milk route and how many bottles of sweet cream Mrs. Murphy liked to take on Thursdays.  But one result will be that employers will have to review their methods of protecting intellectual property; it is better to prevent leaks at the source than to rely on a strenghtened statute after the fact.

 

SEC to Act on Public Advertising of Private Placements?

The SEC has announced that at its July 10 meeting (tomorrow!) it will take up implementation of the JOBS Act provision to allow in effect public advertising of private placements.  This provision was included in the Act in an effort to foster financing of emerging companies and is so highly controversial that the SEC until now has failed to establish long-overdue procedures and regulations to permit implementation.  The text of the SEC announcement is set forth below; stay tuned.

SEC announcement:

The Commission will consider whether to adopt amendments to eliminate the prohibition against general solicitation and general advertising in certain securities offerings conducted pursuant to Rule 506 of Regulation D under the Securities Act and Rule 144A under the Securities Act, as mandated by Section 201(a) of the Jumpstart Our Business Startups Act.

Financing Med Devices 2013

It is not a secret that funding for med devices remains depressed compared to the heyday period up to 2008 —  but this may be the new normal.  What are the current groundrules?

Suggestions from the June 7 conference held by Mass Medic (the device industry council):

*focus on reimbursable solutions to unmet needs; “me-too” products are not getting financed

*venture supports products where they believe that there is an 80% chance that the device works, leaving market risk as the biggest unknown, so presentations must address both aspects

*to reduce capital needs and thus maximize IRR, investors seek companies that have learned to  minimize cash burn rates

*will the doctors like and use this device, or (notwithstanding its merits) will it eliminate significant income engines for the practitioners?

The focus of the meeting was to explore diverse sources of med device financing beyond angels and VCs.  One speaker urged overcoming the focus on equity by reframing the entrepreneur’s quest: do not start by saying your goal is to sell equity, but rather define your goal as seeking money aligned with your plan for your product.  Consider approaching customers and competitors suggesting license deals, development deals, down payments, joint venture efforts.

So, all you need is a disruptive reimbursable device addressing a major unmet need in the treatment of a chronic disease, the use of which will improve patient outcomes while protecting doctor income streams.  Sounds easy enough….

Investing in Today’s Market Environment

With the stock market charging ahead, how should you be investing your money?

At a program presented May 15th by Boston Private Bank & Trust Company, while noting that each portfolio should reflect that investor’s goals, time horizon and risk tolerance, the panel suggested some generally salient issues to be considered:

  • Is the classic allocation of 60% stocks/40% bonds still wise?  Is 70/30 the “new normal?”  While reviewing history suggests that 60/40 returns averaged a healthy 9% per annum, recent trends suggest that the classic allocation may not enjoy similar future results.
  • Analysis is complicated by inclusion of riskier investments into recent macro allocations, making historical comparisons difficult.
  • Bond returns are low, but as always  provide a counter-balance to equity risks.
  • Recent developments suggest the end of a strong cycle for commodities.  This does not necessarily mean negative returns, and commodities now may provide strong diversification.
  • While about 80% of reporting S&P companies beat earnings estimates in the first quarter, less than half did it by beating gross revenues; this may foretell a need for greater selectivity.
  • Real estate is strong and is part of many portfolios; REITs permit diversification coupled with both yield and liquidity.
  • An historical argument was made in favor of dividend-paying stocks for total return and indication of company quality.
  • If you are looking to retire, a careful portfolio analysis should be undertaken; draw-down rate from a portfolio is intimately related to how long a portfolio will last.  Drawing lightly in early years may be key.
  • The $64 question is, where is the market going?  Aside from history telling us that there will be corrections and cyclical “pull backs,” fundamental indicators became more confusing in April and should be consulted as leading indicators; the regional Feds shortly will be announcing results, which are important measures of these fundamentals.

Nothing startling here; basic analysis by a traditionally oriented asset management team.  One overall impression: asset allocation and selection within asset classes are seen as heavily informed by history, which reveals some remarkably constant dynamics.  This fact alone might well lead an investor to look for a professionally managed portfolio, which I am sure would not be a bad result for the advisory community, including Boston Private.

Trends in Executive Compensation

Executive compensation remains a volatile topic both in the press and in the board room.  What are some of the major trends in public company executive compensation?  A panel at this morning’s breakfast meeting of the National Association of Corporate Directors/New England suggests among other things:

  • In the United States, the range of CEO compensation is shrinking.  The median remains the same but the extremes are moving toward it.
  • Boards are struggling with the degree to which they should push back against what is becoming more or less standard compensation packages, driven by shareholder advisors such as ISS and GL; boards want to exercise directorial discretion to craft solutions that fit their particular company.
  • To compensate senior management based upon shareholder return is elusive; some shareholders are short-term, others are long-term.
  • To some degree,” say-on-pay” is a referendum on company performance, disconnected from the quality of management performance.
  • Salary is an emotional issue, CEOs want to track their peers, but it is not an incentive driver in most cases.
  • Long-term incentives in public companies these days divide between use of “performance shares” tied to long-term corporate objectives, and  stock options or restricted stock in much the same fashion.
  • Long-term goals can discentivize; if something unexpectedly interferes with incentive program goals early on, executives can become depressed and can cease to strive over the balance of the period.
  • Sometimes forgotten is the board role in retention of the executive corps; good succession planning requires maintenance of a “deep bench” as well as reliance on outside resources, and the board should be asking: “who is ready now? if not now, who will be ready in three years?” and, for the latter group, what sort of training does that person need in order to make requisite progress.

The applicability of public company practices to private companies will vary depending upon scale, history, presence of outside capital, and the board involvement of founders.  However, the discipline of thinking about compensation in relation to identified goals, implicit in the public company world, nonetheless is a valuable skill for any mid-market enterprise.

Racial Justice in the Supreme Court this Term

Two pending cases in the United States Supreme Court, to be decided by the end of this June, involve issues of racial justice.

One case challenges the affirmative action plan for admissions at the University of Texas.  Many lawyers thought that several years ago a five-to-four Supreme Court decision upholding the University of Michigan admission plan resolved all these kinds of cases.  Apparently not.

The Michigan plan, approved by the Court, stated that universities could utilize race as one factor, although not the determinative, in establishing standards for admission.  The justification was that the university had a legitimate interest in creating a diversified student body, believing that such diversity created a better educational experience.

The University of Texas had in effect a “top 10% rule” which automatically admitted to its Austin Campus the top 10% of graduates in all Texas public high schools.  Since many Texas high schools werede facto racially segregated, this resulted in substantial student body diversity.  Texas now was intending to graft on top of its 10% rule a provision, affecting the recruiting of the balance of its entering class, using the Michigan system (race being one but not the only factor).

The case may even be thrown out; the plaintiff, a white student claiming she was discriminated against, has already graduated from another college and the only remedy she is seeking is the return of her application fee (a fee which the University of Texas never refunds in any case, whether or not an applicant is admitted or denied admission for any reason whatsoever).

The second case, Shelby County against (United States Attorney General) Holder, involves Section 5 of the 1965 Voting Rights Act, which identifies certain states as having bad racial history.  Any change in the voting laws of those listed states cannot be given effect unless the United States Department of Justice approves.  The Congress has five times extended the Act but has never once amended the list of states which are subject to this mandatory review.  The plaintiffs argue with some cogency: is it really possible that in the last forty- plus years, since the enactment of the original Voting Rights law, there has been no change whatsoever in any of the states subject to this pre-clearance procedure?

Does not a failure to make specific findings on a state- by- state basis, identifying anew those states which still require such scrutiny, prove that Congress is simply renewing the statute without a rational federal interest which would justify intrusion into state election laws?