Photo by Adi Goldstein on Unsplash

As UTSI International celebrates its 40th anniversary, president and CEO Shaun Six reflects on the company's history, achievements, and exciting future.

---

In March 1985, Dan Nagala and a few friends took a risk, leaving their full-time jobs to pursue their passion and start their own company.

They founded UTSI Internationalamidst groundbreaking advancements in Industrial Control Systems and SCADA technology, revolutionizing remote operations for critical infrastructure. From the start, UTSI has been at the forefront of OT innovation and integration — a legacy we proudly carry forward today.

The legacy of Dan Nagala

Dan Nagala’s 50-plus-year career is too vast to cover every accomplishment, but if you’ve ever heard the phrase “Houston, we have a problem” in a movie, those screens in the control room and the logic causing the “blinky lights” to alert the operators, you’ve seen some of his work. Dan and his team ultimately paved the way for field communications to detect and communicate leaks on pipelines and give operators in remote locations situational awareness, expanding their ability to safely monitor and control their operations.

This capability was requested early on in the first pipeline control rooms, leading to UTSI’s first check-in 1985 (which I proudly have framed on my bookshelf). The protocols to communicate and do advanced calculations — which many would be tempted to call AI today — for the purpose of monitoring and control, was created from this group of enthusiasts who open sourced it and allowed it to proliferate, leading to over 80 percent of all critical infrastructure in the world now utilizing a variant thereof.

Given the novelty of the technology and the experience of UTSI, having implemented control systems and automation for pipelines in over 22 countries, Dan was asked to collaborate with industry experts, creating the first API leak detection and control room management standards for the American Petroleum Institute. These would later become regulation under PHMSA, DoT, and TSA, placing UTSI as the go-to experts in compliance in addition to their traditional expertise.

UTSI has delivered for the world’s largest infrastructure owners in multiple critical infrastructure sectors, like mining, water/wastewater, oil and gas, green energy, transportation authorities, etc. We have also done AI and cybersecurity, in addition to SCADA and ICS work for the DoD and DoE.

Strength in partners

I joined UTSI in 2022 as vice president, working under Dan, with the goal of gradually stepping into leadership. In 2023, I became CEO, president, and majority shareholder. While no one can truly fill Dan’s shoes alone, we’ve focused on strengthening our team, partnerships, and capabilities to continue UTSI’s legacy of excellence.

One of our first strategic partnerships was with Tory Tech, a leading API-compliant Control Room Management tool. UTSI has worked as integrators with Tory Tech for years and Dan worked as a CRM compliance advisor for them in the U.S. while they were setting up their headquarters in Houston. In 2024 we made it an official partnership, becoming a preferred integrator and focusing our team on training and development in the MaCRoM (Master Control Room Management) tool.

We've also made significant investments in our OT cybersecurity capabilities, expanding our team and partnering with industry leaders like Dennis Parker, Derrik Oates, Nozomi Networks, Fortinet, and Schneider Electric. These strategic moves ensure we deliver top-tier expertise, products, and solutions to better serve our customers.

Our partnership with ThreatGEN and the utilization of their AI-driven “AutoTableTop” tool not only utilizes our experience with TSA guidelines, but adds an element of reality that the traditional methods are lacking, making these engagements more interactive and beneficial for operators who are required to participate annually.

In 2024, UTSI also invested heavily in AI and Data Science by acquiring Houston-based AI company Pandata Tech and leveraging their Data-Quality-Methodology (DQM), Leak Geek, and time-series data science expertise to solve industry specific problems.

Moving up – in and around Houston

Building on our recent successes, we strategically relocated our office to the Netrality building (1301 Fannin St.), bringing us closer to clients and partners, while getting access to a Tier 3 Data Center with an uninterrupted 40-year power record.

Netrality is a SOC2-compliant facility with seven points of detection from the street to our server, including biometric screening. Our very own Roberto deLeon has architected our upgraded servers using the Purdue model as a basis of design while leveraging our relationship with Fortinet to standardize our hardware and software to the highest standards. We practice what we preach — every architecture, framework, and hardware recommendation we make is not just advised but actively implemented within our own operations.

Our investment in this space includes increasing our “SCADA R&D Lab” to play with toys from vendors, testing them out in our environment before we recommend and advise them to our clients and partners. Currently we’re working on LLMs for OT, building our own “DANN2.0” for use in-house. DANN is an homage to Dan Nagala (and, for the nerds, stands for Dan Artificial Neural Network), which we started in 2022 when I realized that knowledge capture is an industry wide epidemic and we need to be ready to integrate for our clients in a safe and local way at scale, in the OT environment.

Additionally, having come from a startup before joining UTSI, I wanted to get us closer to the heart of innovation, so we’ve added additional office space at The Cannon downtown. While there are many tech hubs around Houston, and we are proud to work with and partner with companies from Greentown Labs and the Ion, to name a few, we’ve found that The Cannon community is incredibly active and innovative, with experience in industrial use-cases.

Houston is set to become the Energy Transition capital, leading in hydrogen, carbon capture, and repurposing. With a 5:1 ratio of engineers leaving the industry and an average age over 60, we must innovate. The solution lies in combining a secure, cloud-free "ChatGPT for OT" with digital twins. Bringing the field to engineers is essential. We've partnered with a satellite constellation for asset imaging and U.K.-based Mods Solutions to leverage their CFIHOS-driven platform for intelligent digital twins — more on that partnership soon!

And we will need to leverage enhanced automation tools and actively monitor control networks to ensure security and respond quickly to issues, which is why we’ve partnered with Nozomi Networks.

Shaping the future

Although Dan has semi-retired to his cabin in Montana, he continues to do “the fun stuff” that brings him joy, such as conducting research for PRCI and assisting long-time clients. He also has been a mentor and advisor to me since I started at UTSI three years ago. I’m grateful for him and the group of industry experts he gathered around him to make UTSI such a well-known systems integrator and OT advisor for the world’s largest asset owners.

Our group of experts are active in the industry and will be speaking at events throughout the year, with a presence at Entellec, Level Zero, and participating at this year's API Cybernetics and PSIGs biannual conferences. We proudly serve on the BCarbon advisory board and GHPs Energy Committee.

Lastly, we have one request: We see a critical need for H2 and supercritical CO2 studies to develop simulation models, response plans, and leak detection best practices. These gases differ from those covered in existing standards. If you know anyone interested in funding or contributing, we’re collaborating with industry partners to secure support.

Courtesy photo

UTSI's advisory board digs into cybersecurity's challenges, trends + tech

From The Board

In today's digital landscape, the convergence of Information Technology (IT) and Operational Technology (OT) presents both opportunities and challenges for critical infrastructure asset owners and operators.

UTSI, a leading systems integrator of OT technology, has assembled an OT Cybersecurity Advisory Board to address these challenges and highlight standard processes and best practices to evaluate and secure these environments.

“We are excited about the strength of our esteemed Advisory Board and are confident that these strategic alliances will enhance our competitiveness,” says Shaun Six, president of UTSI International.

A few of the drivers of OT and IT convergence include increased efficiency, enhanced data, and improved remote monitoring and control capabilities. It exists to promote the promise of connectivity, data visualization, and to enable AI and better decision-making.

Key challenges
However, there are challenges. Increased attack surface, legacy systems, and infrastructure, as well as differing security requirements and regulatory and compliance challenges are all present.

“As we witnessed our global infrastructure recover from the largest outage on July 19, this is a clear and present example of how the application of technology between IT/OT can have an impact on the underlying interdependencies in critical systems and infrastructure," says Cherise Esperaza, co-founder and president of Security Gate. "Therefore, there is an ever-increasing need for resources to be expended for this endeavor, and understanding the areas of risk alongside business outcomes as it relates to the convergence will be a critical to ensuring optimal availability of these systems.”

Increased monitoring

When it comes to security monitoring and incident response, it's vital to incorporate new tools to monitor, meeting the same standards as legacy assets and reporting vulnerabilities.

"Continuous monitoring is one of the most critical aspects of securing your IT/OT infrastructure," offers Eric Rippetoe, former CISO of Federal Energy Regulatory Commission and UTSI cybersecurity consultant. "Automated tools coupled with mature processes allow organizations to rapidly detect security threats and enable teams to quickly respond to address issues. Having a security incident and not knowing about it could result in huge remediation costs and major long-term reputational damage."

Emerging technology and trends
With the rise of AI, it makes sense now more than ever to follow the principle of "never trust, always verify." A Zero Trust architecture is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction.

In line with this approach, UTSI International Corporation, as a Gold Partner of ThreatGEN, has been intensively utilizing ThreatGEN's AutoTableTop™ incident response tabletop exercise simulation tool. This advanced technology is helping UTSI provide meaningful tabletop exercises to their client base, particularly in high-risk SCADA and OT environments.

Clint Bodungen, president of ThreatGEN, emphasizes the tool's significance: "This tool is designed to sharpen incident response capabilities for teams operating in critical SCADA and OT environments. In these high-stakes settings, where system availability is paramount and the consequences of failure can be catastrophic, AutoTableTop™ provides an unparalleled platform for realistic, AI-driven tabletop exercises. It allows teams to practice and refine their responses to a wide range of scenarios, with practically zero planning time required, ensuring they're prepared for the unique challenges posed by industrial control systems where even a minor slip-up could have deadly consequences. This application of advanced simulation technology aligns with the industry's move towards more robust and realistic cybersecurity training, especially in sectors where the stakes are exceptionally high."

In conclusion
The convergence of IT and OT presents significant cybersecurity challenges for critical infrastructure. However, by understanding these challenges and implementing effective strategies, organizations can protect their essential systems from cyber threats.

“Maintaining an accurate inventory of assets poses a significant challenge for companies with control system networks," says Derek Harp, chairman, Control System Cyber Security Association International. "As outlined in our 2024 OT Cybersecurity Technology Report, not only is it difficult to identify these assets, but understanding their communication adds an additional layer of complexity. Typically, companies only gain a snapshot of their OT network status and assets' interactions during periodic assessments. Not surprisingly, our research also indicates that the frequency of these critical evaluations is increasing.”

The role of UTSI's OT Cybersecurity Advisory Board, along with the use of advanced tools like Security Gate and ThreatGEN, is pivotal in navigating this complex landscape. As the threat landscape continues to evolve, proactive measures and ongoing investment in cybersecurity will be crucial to safeguarding our most critical assets.

There are three topics in particular that business owners should refresh and/or make sure they include in their HR policies and employee handbook. Photo via Getty Images

3 things Houston companies need to freshen up when it comes to their HR practices

guest column

Just as we typically look to freshen up our homes this time of year, the same needs to be done for employee handbooks. Employee handbooks streamline HR operations, mitigate risks and set expectations to protect a business from negative workplace behavior by outlining employee policies and procedures.

There are three topics in particular that business owners should refresh and/or make sure they include in their HR policies and employee handbook: in-office attendance, social media and artificial intelligence (AI).

In-office attendance

When taking a closer look at hybrid workplace policies, the in-office attendance policies should align with your organizational goals. Whether you decide to implement hybrid work permanently or eventually return to being in the office completely, the return-to-office (RTO) policies should reflect those goals.

Clear expectations are especially important when defining office attendance rules. When attendance policies are set, employees respond best when they are fair, accessible and easily understood. Detailed policies outlining the nuances and consequences can help reduce noncompliance while supporting accountability.

Policies need consistent enforcement for them to be effective. Hybrid policies set prior to or during the pandemic may now be loosely enforced. The policies may state for employees to be in the office three days a week, but there may be no accountability for not meeting the mandate. Not enforcing attendance policies can give the impression that it is okay to violate other policies, too. Reviewing your policies allows you to course correct and write a policy reflecting your corporate culture and goals. You’ll then be able to reintroduce the attendance policy and enforce it across the board as intended.

Social media

You are hard pressed to find an employee without a social media account, whether it is TikTok or LinkedIn. If your business does not have a social media policy with guidelines surrounding employees’ online behaviors, now is the time to put one in place. If you do have a policy, social media changes quickly enough to warrant an annual review.

Social media policies should set boundaries between personal and professional use of social media. Employee activity on social media outside of work can influence business, as employees are often seen as reflecting the company. It is also important to note that social media policies should be based on input from senior management, HR, legal and IT, not just marketing.

The social media policy should delineate between an employee’s personal and professional use, establish a code of conduct and outline its use as part of crisis communications. Social media can just as easily elevate your brand, and you can potentially ask employees to share positive work experiences online.

Cybersecurity should also be addressed in social media policies. As it has become more common for hackers to infiltrate personal emails and social media accounts, policies can prohibit employees from storing company documents in their personal social media and email accounts for security purposes.

Artificial Intelligence (AI)

AI seems to be changing the way we do business daily. However, the policies surrounding company use of AI are lacking at many organizations. Research from McKinsey states only one in five employers have established policies governing their employees use of AI.

AI technology has already streamlined many business practices, but it can also present major risks. Inaccuracy can threaten your business if employees use generative AI for assistance in completing writing tasks, for instance, and the system may not generate accurate or original information.

As we learn the evolving and complex nuances of AI, creating a policy needs careful attention. You may consider developing an AI team to write a comprehensive, well-researched AI policy tailored to your organization. This working group should gather insights from leaders within the organization, including frontline managers, to fully understand how employees use, or might use, AI. This team should be charged with considering the ethical aspects of AI’s use and ensuring the policy aligns with company values.

One of the most critical elements of the policy is an accountability process or system. The policy should clearly outline any corrective action or disciplinary steps associated with using AI in a manner that harms the business and/or its clients. Just as important, the policy should outline how to use and how to avoid misusing AI. Since AI continues to evolve month to month, this is a policy that will require more attention and revisioning throughout the year.

Keeping a critical eye on HR policies is an important part of business success. Setting aside time to review, update and even create new policies now – before being faced with an issue – can potentially mitigate costly challenges down the road.

------

Karen Leal is performance specialist with Houston-based Insperity, a provider of human resources offering a suite of scalable HR solutions available in the marketplace.

Stay informed and regularly check your security procedures to protect yourself, your business, and your customers. Photo via Getty Images

Houston founders: How safe is your company's data?

guest column

As news comes out every week about new technologies, from new crypto wallets to generative AI to self-driving taxis, it can get overwhelming for most of us to keep up or to understand the new intricacies of technology, and it can get easy to say, “The IT department has it covered.” Well, do they have it covered?

Far too often, companies fail to protect its data with the same muster as its financial security until it is too late. Just as a healthy business will regularly conduct audits of its accounting processes to detect potential fraud, ensure regulatory compliance, and locate areas of improvement for the organization, the same should be done for a business’s data security practices. Key components of any organization are its people and its information, and the IT department is in charge of protecting that information.

We as business people need to ensure that the company’s technology personnel are indeed securing one of the company’s most valuable assets: information.

Big picture: Your business needs to follow an audit process

  1. Confirm the scope of your data
  2. Conduct an internal review of all security practices
  3. Conduct a review of all vendor practices that have access to your data
  4. Confirm compliance with regulations and contractual obligations
  5. Prepare a report with detailed findings and recommendations to improve on year-over-year

Data: What do you have and what duties does it require?

Personal information, particularly when it belongs to customers, is the most frequently compromised type of data. Under laws like the newly passed Texas Data Privacy and Security Act (TDPSA), businesses can have additional obligations to keep this information protected. Personal information can include any information “that is linked or reasonably linkable to an identified or identifiable individual.”

Sensitive data also requires extra precaution, which means protecting (1) personal data that reveals racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; (2) genetic or biometric data that is processed for the purpose of uniquely identifying an individual; (3) personal data collected from a known child; or (4) precise geolocation data.

Other types of data to watch out for include the business’s intellectual property, anonymized customer data, employee personal information, and any other type of proprietary business data. Depending on the industry, the cost of a breach of any of these types of data could be incredibly high, particularly for healthcare and finance.

Ultimately, Texas businesses are required to maintain reasonable procedures to protect personal information, and there may be other laws implicated such as HIPAA, GLBA, CCPA/CPRA, BIPA, GDPR, PIPEDA, and many more, depending on where business is done, the industry implicated, and, in some cases, where customers are located.

"But I think the vendor is responsible."

Check your contracts, and check if the law requires you to have a duty to protect the compromised information, as many do. Involve your IT department in the review of technical compliance whenever you are sharing data with a third party. Further, it is important to make sure that however the Data Processing Addendum says the vendor is processing data is how they are actually processing data. To that point, if you are processing someone else’s data, your business also needs to be doing what it says it is doing, in contracts with third parties and in your Privacy Policy.

Software as a service arrangements, end user license agreements, and other internet and software-based services may require you to hand over data and not give you the opportunity to customize and shift risk. This is why it is important to thoroughly evaluate what technical protections are in place because the risk and duty may still fall on your business regarding the data of your customers and employees. Ask yourself (or your IT professionals) if the vendor actually needs the data they receive to provide services to you.

Key takeaway: Stay informed

Your business needs checks and balances in place with the IT department to ensure you know what they are (or are not) doing and what they are supposed to do. You need policies and procedures, and they need to regularly be tested.

Do you know where your data is stored, both internally and with third parties? Who controls it? How is it being processed, and is anything being shared? Are encryption procedures in place? Firewalls, Intrusion Protection Systems, and End-Point Detection and Response? Do you and your vendors have Incident Response Plans? Stay informed and regularly check your security procedures to protect yourself, your business, and your customers.

------

Courtney Gahm-Oldham is partner at Frost Brown Todd. Lauren Cole is associate at Frost Brown Todd.

This tiny “smart car” is a lot more powerful than you might think. Photo by Jon Burke/UH

University of Houston gets $2M to launch innovative transportation-focused cybersecurity center

traffic safety

The University of Houston is now leading a national consortium focused on cybersecurity in the transportation sector.

Known as the Transportation Cybersecurity Center for Advanced Research and Education, or CYBER-CARE, it's backed by a $2 million grant from U.S. Department of Transportation for its first year, with anticipated total federal funding of $10 million over five years, as part of the department's University Transportation Centers program that aims to address a number of topics in the field.

UH's center aims to "establish a fundamental knowledge base and explore advanced theories of how to best mitigate impacts of potential large-scale cyberattacks on transportation infrastructure," according to a release from the university. This includes protecting vehicle control systems, developing industry-wide best practices, responding to potential cyber incidents and introducing ways to recover quickly from cyber incidents in traffic networks.

CYBER-CARE is led by Yunpeng “Jack” Zhang, associate professor in the Department of Information Science Technology at the UH and director of the center.

"Our goal to make our intelligent transportation system (ITS) safer for all road users. That aligns well with the USDOT’s strategic goal of improving safety,” Zhang explained in a statement. “We also will promote interdisciplinary research and education across the transportation and cybersecurity domains.”

The center opened earlier this year within UH's Cullen College of Engineering’s Division of Technology. Houston and Texas colleges Rice University and Texas A&M University-Corpus Christi have joined the consortium with UH, along with Embry-Riddle Aeronautical University, University of Cincinnati and University of Hawai‘i at Mānoa.

The DOT's University Transportation Centers first launched in 1988 to conduct research. Support has ebbed and flowed over the years, but has seen some uptick recently. The Biden Administration's 2021 Bipartisan Infrastructure Law authorized 35 UTCs to receive a total of $90 million in funding from 2022 to 2026 to address issues like traffic congestion, safety, infrastructure durability and cybersecurity risks.

According to the DOT's website there are other Texas UTCs at University of Texas at Austin, University of Texas Arlington, Texas A&M University College Station, Prairie View A&M University and Texas State University.

Last year, Texas A&M also launched a new institute for research and education regarding cybersecurity. The Global Cyber Research Institute was funded by $10 million in gifts from former Texas A&M student Ray Rothrock, a venture capitalist and cybersecurity expert, and other donors.

Tap into these tips to make your company safer from cyber attacks. Photo via Getty Images

Houston expert: 5 tips for improving your company's cybersecurity

guest column

Imagine waking up tomorrow to find out that all of your critical information (trade secrets, financial data, customer lists, etc.) is gone. While working to find out what happened, you order lunch online, only to find out your bank account has no balance.

That scenario happens every day to business leaders just like you. Here are 5 tips everyone should know, which will help reduce cyber security risks.

Tip 1: Know what you need to protect

If you don’t know where your data is kept, how can you protect it?

From hardware like laptops and cell phones, to critical software including accounting and HR, spreadsheets used to calculate financial reports, OneDrive accounts, Google Drive, and “C” drives, there are numerous places your critical data could be kept. Work with your managers to identify every piece of hardware, software, and where the critical data is kept.

Tip 2: Turn on multi-factor authentication for everything you possibly can.

Whenever possible, someone should need a username, password, and a code from an authentication app, text code, e-mailed code, something that’s a unique identifier that randomly changes in order to access critical company information. Alternatively, you can rely on biometrics (fingerprints, facial recognition, etc.) as your third line of protection.

Tip 3: Know who has access to the data and implement basic user access rules.

Everyone should have their own username and unique password. Generic admin accounts, shared user accounts, etc. should never be allowed. If you’re only paying for five licenses but have 10 people accessing the software, stop being cheap and pay for more licenses.

Log in to your bank’s website (or go to a local branch) and run a report which lists who has access to the online banking system and what they can do within it. While you’re at it, get a report of everyone with signature rights for checks and make sure it’s properly updated.

Run a report of all users for each software you listed above which includes what level of access they have. Does their access match their job requirements? Remove all access that isn’t required for their job. You can add access back later if they need it. This can also help you identify employees who might have too many responsibilities.

Now go through the rest of the software, network folders, and the other items you listed above and do the same exercise. Going forward, whoever “owns” the data in each system (banking, accounting, HR, etc.) should approve all access to that data.

Tip 4: Back up that data — often

You most likely have a folder on your computer that has important information in it like Financial spreadsheets, HR files, customer data, and marketing plans. If you selected that folder and hit the delete key, then you opened the recycle bin on your desktop and the folder wasn’t there, how bad would your day be?

Now that you know the location of files, folders, software, and other important data points, turn on an auto-backup process and test that process about once a quarter. If you use something like Google Drive, Microsoft’s OneDrive, or similar cloud services, most will provide free backup support. However, before you do that, require all employees to move important files off of their “C” drive and into network folders.

Tip 5: Implement antivirus software

I’ll be the first to say that I hate antivirus software. Why? Because it typically slows down your computer while it runs in the background and flags items like the spreadsheet you use every month as a “potential threat”.

Even so, the aggravation is worth it in the long run.

There are tons of antivirus software options. If you think about protecting your home, you don’t need armed guards, attack dogs, and a feral cat. You do need someone to glance out the window to see who is at the door. If it’s a group of zombies trying to eat you, then you need to have the ability and resources to protect your home. Pick an antivirus software that matches your budget and get it in place. Don’t overthink it, just get it going.

One last bonus tip I’ll leave you with — have random test “phishing” emails sent out to everyone (including yourself) in your company. The number one cause of cyber security issues in businesses is internal users clicking on fake emails.

------

Thomas Mullinnix is the founder of Houston-based Re-Vision Management Consulting LLC.

Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Houston doctor aims to revolutionize hearing aid industry with tiny implant

small but mighty

“What is the future of hearing aids?” That’s the question that led to a potential revolution.

“The current hearing aid market and technology is old, and there are little incremental improvements, but really no significant, radical new ideas, and I like to challenge the status quo,” says Dr. Ron Moses, an ENT specialist and surgeon at Houston Methodist.

Moses is the creator of NanoEar, which he calls “the world’s smallest hearing aid.” NanoEar is an implantable device that combines the invisibility of a micro-sized tympanostomy tube with more power—and a superior hearing experience—than the best behind-the-ear hearing aid.

“You put the NanoEar inside of the eardrum in an in-office procedure that takes literally five minutes,” Moses says.

As Moses explains, because of how the human cochlea is formed, its nerves break down over time. It’s simply an inevitability that if we live long enough, we will need hearing aids.

“The question is, ‘Are we going to all be satisfied with what exists?’” he asks.

Moses says that currently, only about 20 percent of patients who need hearing aids have them. That’s because of the combination of the stigma, the expense, and the hassle and discomfort associated with the hearing aids currently available on the market. That leaves 80 percent untapped among a population of 466 million people with hearing impairment, and more to come as our population ages. In a nearly $7 billion global market, that additional 80 percent could mean big money.

Moses initially patented a version of the invention in 2000, but says that it took finding the right team to incorporate as NanoEar. That took place in 2016, when he joined forces with cofounders Michael Moore and Willem Vermaat, now the company’s president and CFO, respectively. Moore is a mechanical engineer, while Vermaat is a “financial guru;” both are repeat entrepreneurs in the biotech space.

Today, NanoEar has nine active patents. The company’s technical advisors include “the genius behind developing the brains in this device,” Chris Salthouse; NASA battery engineer Will West; Dutch physicist and audiologist Joris Dirckx; and Daniel Spitz, a third-generation master watchmaker and the original guitarist for the famed metal band Anthrax.

The NanoEar concept has done proof-of-concept testing on both cadavers at the University of Antwerp and on chinchillas, which are excellent models for human hearing, at Tulane University. As part of the TMC Innovation Institute program in 2017, the NanoEar team met with FDA advisors, who told them that they might be eligible for an expedited pathway to approval.

Thus far, NanoEar has raised about $900,000 to get its nine patents and perform its proof-of-concept experiments. The next step is to build the prototype, but completing it will take $2.75 million of seed funding.

Despite the potential for making global change, Moses has said it’s been challenging to raise funds for his innovation.

“We're hoping to find that group of people or person who may want to hear their children or grandchildren better. They may want to join with others and bring a team of investors to offset that risk, to move this forward, because we already have a world-class team ready to go,” he says.

To that end, NanoEar has partnered with Austin-based Capital Factory to help with their raise. “I have reached out to their entire network and am getting a lot of interest, a lot of interest,” says Moses. “But in the end, of course, we need the money.”

It will likely, quite literally, be a sound investment in the future of how we all hear the next generation.

Houston VC funding surged in Q1 2025 to highest level in years, report says

by the numbers

First-quarter funding for Houston-area startups just hit its highest level since 2022, according to the latest PitchBook-NVCA Venture Monitor. But fundraising in subsequent quarters might not be as robust thanks to ongoing economic turmoil, the report warns.

In the first quarter of 2025, Houston-area startups raised $544.2 million in venture capital from investors, PitchBook-NVCA data shows. That compares with $263.5 million in Q1 2024 and $344.5 million in Q1 2023. For the first quarter of 2022, local startups nabbed $745.5 million in venture capital.

The Houston-area total for first-quarter VC funding this year fell well short of the sum for the Austin area (more than $3.3 billion) and Dallas-Fort Worth ($696.8 million), according to PitchBook-NVCA data.

While first-quarter 2025 funding for Houston-area startups got a boost, the number of VC deals declined versus the first quarters of 2024, 2023 and 2022. The PitchBook-NVCA Monitor reported 37 local VC deals in this year’s first quarter, compared with 45 during the same period in 2024, 53 in 2023, and 57 in 2022.

The PitchBook-NVCA report indicates fundraising figures for the Houston area, the Austin area, Dallas-Fort Worth and other markets might shrink in upcoming quarters.

“Should the latest iteration of tariffs stand, we expect significant pressure on fundraising and dealmaking in the near term as investors sit on the sidelines and wait for signs of market stabilization,” the report says.

Due to new trade tariffs and policy shifts, the chances of an upcoming rebound in the VC market have likely faded, says Nizar Tarhuni, executive vice president of research and market intelligence at PitchBook.

“These impacts amplify economic uncertainty and could further disrupt the private markets by complicating investment decisions, supply chains, exit windows, and portfolio strategies,” Tarhuni says. “While this may eventually lead to new domestic investment and create opportunities, the overall environment is facing volatility, hesitation, and structural change.”