Houston founders: How safe is your company's data?

guest column

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

From Your Site Articles
Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

Autonomous truck company with Houston routes goes public

on a roll

Kodiak Robotics, a provider of AI-powered autonomous vehicle technology, has gone public through a SPAC merger and has rebranded as Kodiak AI. The company operates trucking routes to and from Houston, which has served as a launchpad for the business.

Privately held Kodiak, founded in 2018, merged with a special purpose acquisition company — publicly held Ares Acquisition Corp. II — to form Kodiak AI, whose stock now trades on the Nasdaq market.

In September, Mountain View, California-based Kodiak and New York City-based Ares disclosed a $145 million PIPE (private investment in public equity) investment from institutional investors to support the business combo. Since announcing the SPAC deal, more than $220 million has been raised for the new Kodiak.

“We believe these additional investments underscore our investors’ confidence in the value proposition of Kodiak’s safe and commercially deployed autonomous technology,” Don Burnette, founder and CEO of Kodiak, said in a news release.

“We look forward to leading the advancement of the commercial trucking and public sector industries,” he added, “and delivering on the exciting value creation opportunities ahead to the benefit of customers and shareholders.”

Last December, Kodiak debuted a facility near George Bush Intercontinental/Houston Airport for loading and loading driverless trucks. Transportation and logistics company Ryder operates the “truckport” for Ryder.

The facility serves freight routes to and from Houston, Dallas and Oklahoma City. Kodiak’s trucks currently operate with or without drivers. Kodiak’s inaugural route launched in 2024 between Houston and Dallas.

One of the companies using Kodiak’s technology is Austin-based Atlas Energy Solutions, which owns and operates four driverless trucks equipped with Kodiak’s driver-as-a-service technology. The trucks pick up fracking sand from Atlas’ Dune Express, a 42-mile conveyor system that carries sand from Atlas’ mine to sites near customers’ oil wells in the Permian Basin.

Altogether, Atlas has ordered 100 trucks that will run on Kodiak’s autonomous technology in an effort to automate Atlas’ supply chain.

Rice University scientists invent new algorithm to fight Alzheimer's

A Seismic Breakthrough

A new breakthrough from researchers at Rice University could unlock the genetic components that determine several human diseases such as Parkinson's and Alzheimer's.

Alzheimer's disease affected 57 million people worldwide in 2021, and cases in the United States are expected to double in the next couple of decades. Despite its prevalence and widespread attention of the condition, the full mechanisms are still poorly understood. One hurdle has been identifying which brain cells are linked to the disease.

For years, it was thought that the cells most linked with Alzheimer's pathology via DNA evidence were microglia, infection-fighting cells in the brain. However, this did not match with actual studies of Alzheimer's patients' brains. It's the memory-making cells in the human brain that are implicated in the pathology.

To prove this link, researchers at Rice, alongside Boston University, developed a computational algorithm called “Single-cell Expression Integration System for Mapping Genetically Implicated Cell Types," or SEISMIC. It allows researchers to zero in on specific neurons linked to Alzheimer's, the first of its kind. Qiliang Lai, a Rice doctoral student and the lead author of a paper on the discovery published in Nature Communications, believes that this is an important step in the fight against Alzheimer's.

“As we age, some brain cells naturally slow down, but in dementia — a memory-loss disease — specific brain cells actually die and can’t be replaced,” said Lai. “The fact that it is memory-making brain cells dying and not infection-fighting brain cells raises this confusing puzzle where DNA evidence and brain evidence don’t match up.”

Studying Alzheimer's has been hampered by the limitations of computational analysis. Genome-wide association studies (GWAS) and single-cell RNA sequencing (scRNA-seq) map small differences in the DNA of Alzheimer's patients. The genetic signal in these studies would often over-emphasize the presence of infection fighting cells, essentially making the activity of those cells too "loud" statistically to identify other factors. Combined with greater specificity in brain regional activity, SEISMIC reduces the data chatter to grant a clearer picture of the genetic component of Alzheimer's.

“We built our SEISMIC algorithm to analyze genetic information and match it precisely to specific types of brain cells,” Lai said. “This enables us to create a more detailed picture of which cell types are affected by which genetic programs.”

Though the algorithm is not in and of itself likely to lead to a cure or treatment for Alzheimer's any time soon, the researchers say that SEISMIC is already performing significantly better than existing tools at identifying important disease-relevant cellular signals more clearly.

“We think this work could help reconcile some contradicting patterns in the data pertaining to Alzheimer’s research,” said Vicky Yao, assistant professor of computer science and a member of the Ken Kennedy Institute at Rice. “Beyond that, the method will likely be broadly valuable to help us better understand which cell types are relevant in different complex diseases.”

---

This article originally appeared on CultureMap.com.

5 incubators and accelerators fueling the growth of Houston startups

meet the finalists

Houston is home to numerous accelerators and incubators that support founders in pushing their innovative startups and technologies forward.

As part of our 2025 Houston Innovation Awards, the new Incubator/Accelerator of the Year category honors a local incubator or accelerator that is championing and fueling the growth of Houston startups.

Five incubators and accelerators have been named finalists for the 2025 award. They support startups ranging from hard-tech companies to digital health startups.

Read more about these organizations below. Then join us at the Houston Innovation Awards on Nov. 13 at Greentown Labs, when the winner will be unveiled.

Get your tickets now on sale for this exclusive event celebrating Houston Innovation.

Activate

Hard tech incubator Activate supports scientists in "the outset of their entrepreneurial journey." The Houston hub was introduced last year, and joins others in Boston, New York, and Berkley, California—where Activate is headquartered. It named its second Houston cohort this summer.

This year, the incubator grew to include its largest number of concurrent supported fellows, with 88 companies currently being supported nationally. In total, Activate has supported 296 fellows who have created 236 companies. Those companies have raised over $4 billion in follow-on funding, according to Activate. In Houston, it has supported several Innovation Awards finalists, including Solidec, Bairitone Health and Deep Anchor Solutions. It is led locally by Houston Managing Director Jeremy Pitts.

EnergyTech Nexus

Cleantech startup hub EnergyTech Nexus' mission is to accelerate the energy transition by connecting founders, investors and industrial stakeholders and helping to develop transformative companies, known as "thunderlizards."

The hub was founded in 2023 by CEO Jason Ethier, Juliana Garaizar and Nada Ahmed. It has supported startups including Capwell Services, Resollant, Syzygy Plasmonics, Hertha Metals, EarthEn Energy and Solidec—many of which are current or past Innovation Awards finalists. This year Energy Tech Nexus launched its COPILOT Accelerator, powered by Wells Fargo Innovation Incubator (IN²) at the National Renewable Energy Laboratory (NREL). COPILOT partners with Browning the Green Space, a nonprofit that promotes diversity, equity and inclusion (DEI) in the clean energy and climatech sectors. Energy Tech Nexus also launched its Liftoff fundraising program, its Investor Program, and a "strategic ecosystem partnership" with Greentown Labs.

Greentown Labs

Climatetech incubator Greentown Labs offers its community resources and a network to climate and energy innovation startups looking to grow. The collaborative community offers members state-of-the-art prototyping labs, business resources and access to investors and corporate partners. The co-located incubator was first launched in Boston in 2011 before opening in Houston in 2021.

Greentown has seen major changes and activity this year. In February, Greentown announced Georgina Campbell Flatter as its new CEO, along with a new Board of Directors. In July, it announced Lawson Gow as its Head of Houston, a "dedicated role to champion the success of Greentown Houston’s startups and lead Greentown’s next chapter of impact in the region," according to Greentown. It has since announced numerous new partnerships, including those with Energy Tech Nexus, Los Angeles-based software development firm Nominal, to launch the new Industrial Center of Excellence; and Houston-based Shoreless, to launch an AI lab onsite. Greentown Houston has supported 175 startups since its launch in 2021, with 45 joining in the last two years. Those startups include the likes of Hertha Metals, RepAir Carbon, Solidec, Eclipse Energy (formerly GoldH2) and many others.

Healthtech Accelerator (TMCi)

The Healthtech Accelerator, formerly TMCx, focuses on clinical partnerships to improve healthcare delivery and outcomes. Emerging digital health and medical device startups that join the accelerator are connected with a network of TMC hospitals and seasoned advisors that will prepare them for clinical validation, funding and deployment.

The Healthtech Accelerator is part of Texas Medical Center Innovation, which also offers the TMCi Accelerator for Cancer Therapeutics. The Healthtech Accelerator named its 19th, and latest, cohort of 11 companies last month.

Impact Hub Houston

Impact Hub Houston supports early-stage ventures at various stages of development through innovative programs that address pressing societal issues. The nonprofit organization supports social impact startups through mentorship, connections and training opportunities.

There are more than 110 Impact Hubs globally with 24,000-plus members spanning 69 countries, making it one of the world’s largest communities for accelerating entrepreneurial solutions toward the United Nations' Sustainable Development Goals (SDGs).

---

The Houston Innovation Awards program is sponsored by Houston City College Northwest, Houston Powder Coaters, FLIGHT by Yuengling, and more to be announced soon. For sponsorship opportunities, please contact sales@innovationmap.com.



View All Listings