"By Failing to Prepare, You Are Preparing to Fail"

I thought I might take a few moments to provide some backstory given the recent buzz about my post yesterday announcing my move to the independent consulting path, the respective management transition at EnergySec and the recent post by Dale Peterson of DigitalBond highlighting the struggles the organization went through in December 2012.

First, the astute quote from Benjamin Franklin in title of this post is about preparation. We knew at the onset that the organization would need a heavier than usual executive load to provide the industry clout, clear direction and depth of experience needed to take the organization from its all-volunteer state to a self-sustaining nonprofit. We also knew that the startup mindset and staffing model would need to change once we saw clear evidence that the organization would be able to support itself. This is just smart business.

In December of last year, DOE re-affirmed commitment to the NESCO and extended the agreement but chose to hold their contribution until EnergySec could catch up to its part of the cost-share. At that time, the executives, in discussion with our Board of Directors and the NESCO Advisory Board, made the decision to streamline and enhance the operational capabilities to capture more immediate revenue. This was an easy call because we were already seeing steadily increasing positive traction with the NESCO Tactical Analysis Center and the organizational memberships. We were also running financial models to identify when the organizational changes to senior management would need to take place. The December circumstances required that we make some prompt staffing adjustments, close the cost-share gap, and ultimately re-instate the DOE cost-share contribution. The strategy is working. This approach is aligning the organization with the expected financial targets, but it was invoked slightly sooner than we forecasted.

Sure, partnering with any federal agency for funding is a challenge (ever tried to get VC for a nonprofit?). I've always said that federal grant money is "free like a puppy." We knew the risks going in, and unfortunately a fair share of those risks were realized. The risk landscape also included things like economic recovery/recession, competitive landscape, and politics. But as a result of the experience, we have a well-managed, lean, agile and tightly focused EnergySec operating the NESCO program. This benefits everyone.

I'm genuinely pleased with the direction the organization is going. EnergySec's story is a testament to the challenges inherent in sharing information effectively. It is an example of the complications found in public-private partnerships. It is proof of the strength and determination demonstrated by people dedicated to the security of our industry. We've been doing this longer than anyone else and we're still learning - as we should be.

[image credit]

Next Step

You may have heard about the recent EnergySec change in management. Yes, I'm taking the next step.

But no worries. I founded the organization over 10 years ago, I'm still very much attached to EnergySec and always will be. This transition was actually planned so it's a good thing for everyone. When the EnergySec Board asked me to leave the private consulting world and take the wheel as CEO in 2010 it was really to advance the nonprofit mission to the next level with the inertia created by the funding of the DOE cooperative agreement and get the NESCO off the ground. My goal was to be the steep-curve leader of the outreach, promotion and community building necessary to bootstrap the nonprofit to a funded and sustainable point. After which, I'd replace myself with a more operational executive and shift to an oversight and governance role. This allows the organization to streamline and focus on delivering quality products and services. Steve Parker is a perfect choice for CEO. He's been a key player in the organization since inception and he's built most of the operational aspects with his own two hands. I'm still deeply involved in EnergySec as President Emeritus, executive committee member of the NESCO Advisory Board, company liaison to the North American Energy CISO Forum and most importantly through my seat on the Board of Directors. I still wear an EnergySec badge at many of the conferences I attend and I'm a guest instructor for some of their training/classes. I'm their biggest advocate.

In short, I'm not really going anywhere. Just handing the day-to-day EnergySec operations over to a trusted friend and executive while I go back out into the community to do what I do best - be a catalyst, build interesting connections, ask the hard questions and provide the honest answers when no one else will. I'm always drawn to the next wave and I'm seeing some fascinating things on the horizon.  At the moment, I'm doing a lot of independent consulting/advisory around the critical infrastructure security, regulatory and policy areas for utilities as well as software and hardware companies. If you have any interesting projects that might benefit from my participation, please let me know!

While I have your attention, I would like to issue a call to arms. EnergySec and NESCO are doing great things for/with the industry. They are doing the hard work that everyone said couldn't (or shouldn't) be done. I've always told my staff "If it were easy, someone else would have done it already." And they still live by that message today. We knew it would be difficult in ways we couldn't imagine. But it was worth every ounce of effort to make it happen because it was (and will always be) the right thing to do. We can show the rest of the critical infrastructures, the Federal onlookers (regulators, etc), our energy industry peers and even the hype-driven media that we "get it." We are advancing security from the bottom up, as a sector united, dedicated to the mission of safe, reliable power. The industry needs a place where the asset owners can have open, honest and candid discussions about the potentially sensitive subject of security. EnergySec is that place. We must all work together to keep it safe.

So, do your part (if you haven't already) and purchase the organizational membership. Get your executives to join the CISO Forum. Get your people involved. Sign up for the Rapid Notification System. Buy a subscription to the Tactical Analysis Center (TAC). I know there are many organizations out there asking for the roughly same commitment. But I challenge any of them to demonstrate the 10-year history of trust, value and loyalty to the security cause that EnergySec has proven. And as part of the nonprofit mission, we do it at a fraction of the cost. Higher value, higher trust, and lower cost? Sounds like an easy choice to me.


You can always reach me at my EnergySec email address or my personal account if needed.



[image credit]