Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

Global summit spotlights Houston's growing role in brain health, innovation

where to be

The Center for Houston’s Future and UTMB are bringing the Texas Brain Economy Summit back to Houston this summer to continue to position the region as a global leader in brain health.

The summit, held June 9-10 at the Texas Medical Center's Helix Park, will bring together more than 500 executives, researchers, policymakers and innovators from around the world to discuss the global brain economy.

Attendees can expect to hear from leaders of global institutions, including the World Economic Forum, U.S. Chamber of Commerce, McKinsey Health Institute, Global Brain Economy Initiative, Davos Alzheimer’s Collaborative, Business Collaborative for Brain Health (UsAgainstAlzheimer’s), Rice University, Memorial Hermann, MD Anderson and many others.

Day 1 of the conference will focus on "Enabling Human Flourishing & Economic Growth." Day 2 will focus on "Scaling Innovation & AI Solutions in the Brain Economy."

Keynotes will be delivered by:

  • Lexi Branson, vice president of health policy at the U.S. Chamber of Commerce
  • Kana Enomoto, director of the McKinsey Health Institute
  • Megan Henshall, founder of Google Experience Institute (Xi)
  • Ryan Howard, co-lead of Google Experience Institute (Xi)
  • Dr. Hani Jneid, John Sealy Distinguished Centennial Chair in Cardiology and vice president of cardiovascular operations at UTMB
  • Steve Kean, president and CEO of the Greater Houston Partnership
  • Dan Patrick, Lieutenant Governor of Texas
  • Jochen Reiser, president of UTMB
  • Thomas Seitz, senior partner of the McKinsey Health Institute

Other significant speakers include:

  • Rym Ayadi, founder and president of the Euro-Mediterranean Economists Association (EMEA) and co-founder of the Brain Capital Alliance
  • Arthur Evans, CEO and executive vice president of the American Psychological Association
  • David Gow, president and CEO of the Center for Houston’s Future (Gow is the founder and chairman of Gow Media, InnovationMap's parent company)
  • Bill McKeon, president and CEO of the Texas Medical Center
  • Jeff Merritt, head of urban transformation at the World Economic Forum
  • Joanne Pike, president and CEO of the Alzheimer’s Association
  • George Vradenburg, founding chairman of Davos Alzheimer’s Collaborative and co-founder, chairman and CEO of Us Against Alzheimer’s

The event is supported through Project Metis, which was launched by the Center for Houston’s Future last year. Led by Rice Brain Institute, The University of Texas Medical Branch's Moody Brain Health Institute and Memorial Hermann’s comprehensive neurology care department, the initiative aims to advance the understanding, prevention and treatment of the brain. It was developed on the heels of Texas voters overwhelmingly approving a ballot measure to launch the $3 billion, state-funded Dementia Prevention and Research Institute of Texas (DPRIT).

“Texas voters, by approving the state-funded Dementia Prevention Institute, have shown a strong commitment to brain health, as scientific advances continue daily. [Project Metis] aims to harness the Houston region’s unique strengths: its concentration of leading medical and academic institutions, a vibrant innovation ecosystem, and a history of entrepreneurial leadership in health and life sciences,” Gow said at the time.

Learn more about The Texas Brain Economy Summit and purchase tickets here.

Texas solar power poised to surpass coal for the first time in 2026

Powering Texas

Solar power promises to shine even brighter in Texas this year.

A new forecast from the U.S. Energy Information Administration (EIA) indicates that for the first time, annual power generation from utility-scale solar will surpass annual power generation from coal across the territory covered by the Electric Reliability Council of Texas (ERCOT).

Solar generation is expected to reach 78 billion kilowatt-hours in 2026 in the ERCOT grid, compared with 60 billion kilowatt-hours for coal, the EIA forecast says. The ERCOT grid supplies power to about 90 percent of Texas, including the Houston area.

“Utility-scale solar generation has been increasing steadily in ERCOT as solar capacity additions help meet rapid electricity demand growth,” the forecast says.

Although natural gas remains the dominant source of electricity generation in ERCOT, accounting for an average 44 percent of electricity generation from 2021 to 2025, solar’s share of the generation mix rose from four percent to 12 percent. During the same period, coal’s share dropped from 19 percent to 13 percent.

EIA predicts about 40 percent of U.S. solar capacity, or 14 billion kilowatt-hours, added in 2026 will come from Texas.

Although EIA expects annual solar generation to exceed annual coal generation in 2026, solar surpassed coal in ERCOT on a monthly basis for the first time in March 2025, when solar generation totaled 4.33 billion kilowatt-hours and coal’s totaled 4.16 billion kilowatt-hours. Solar generation continued to exceed that of coal until August of that year.

“In 2026, we estimate that solar exceeded coal for the first time in March, and we forecast generation from solar installations in ERCOT will continue to exceed that from coal until December, when coal generation exceeds solar,” says EIA. “We expect solar generation to exceed that of coal for every month in 2027 except January and December.”

For 2027, EIA forecasts annual solar generation of 99 billion kilowatt-hours in the ERCOT grid, compared with 66 billion kilowatt-hours of annual coal generation.

In April, ERCOT projected almost 368 billion kilowatt-hours of demand in ERCOT’s territory by 2032. ERCOT’s all-time peak demand hit 85.5 billion kilowatt-hours in August 2023.

“Texas is experiencing exceptional growth and development, which is reshaping how large load demand is identified, verified, and incorporated into long-term planning,” ERCOT President and CEO Pablo Vegas said. “As a result of a changing landscape, we believe this forecast to be higher than expected … load growth.”

---

This article first appeared on EnergyCapitalHTX.com.

Intuitive Machines strikes $49.3M deal to expand lunar communications network

space deal

Houston-based Intuitive Machines is bulking up its space-to-ground data network with the acquisition of United Kingdom-based Goonhilly Earth Station and its U.S. arm, COMSAT.

The $49.3 million cash-and-stock deal would add 44 antennas to Intuitive Machines’ network. The acquisition is expected to close in the third quarter.

Intuitive Machines, a space infrastructure and services company, designs, builds, and operates spacecraft and data networks for lunar and deep-space missions. Goonhilly operates a satellite Earth station in Cornwall, England.

Intuitive Machines says Goonhilly’s and COMSAT’s civil, commercial, and government customers will complement its current customer base and broaden its reach into related sectors.

“Customers have been clear that they want a single, integrated, and resilient solution for their communications and [position, navigation, and timing] needs as they accelerate missions at an unprecedented pace,” Steve Altemus, co‑founder and CEO of Intuitive Machines, said in a news release.

Kenn Herskind, executive chairman of Goonhilly, says the acquisition “will allow us to scale that capability globally and directly support the next era of lunar exploration. Together, we will be creating a commercial lunar communications network that is interoperable, resilient, and ready to support Artemis and international missions.”
View All Listings