Tuesday, February 28, 2017

The Haiku of Finance for 02/28/17

Verify user
Secure info from hackers
Protect your data

Saturday, February 25, 2017

Alfidi Capital at RSA Conference 2017

I made my first-ever visit to the RSA Conference in 2017  because I really needed to catch up on the tech sector this year. The visual displays on the Moscone Center expo floor were phenomenal, as you can see in my standard badge selfie below. I was all set for some awesome cybersecurity action. I scored a free Expo Pass from a generous sponsor because I am still way too cheap to pay for anything. I still score massive wins after all these years tracking business.

Alfidi Capital witnesses the mighty RSA expo in 2017.

I sat in the front row for the first panel session and a local venture capitalist recognized me right away. I had not seen him for at least a year, so I obviously made some impression on him back then with my commentary. Anyway, the VCs held forth on the economics of countering hacking and the kinds of expertise they want to see in a cybersecurity startup before investing. It should come as no surprise that CISOs own a corporation's cybersecurity budget, so a security startup should focus their customer development on CISOs and nowhere else. The panelists with CISO backgrounds noted that they have longstanding trust relationships with sales reps who have hopped around different companies. Relationships matter even in tech, so startups should hire experienced sales people with huge contact lists if they want to win revenue. Startups will be disappointed to know that security solutions don't always scale well, so presumably large corporate customers have internal barriers that inhibit integration with other enterprise systems. Maybe automation can solve scalability, or maybe automation is another buzzword that VCs can chase for a year.

Executives addressed foundational controls.

The RSAC Innovation Sandbox was a hoot. RSAC users threw a bunch of words into a word cloud and the biggest ones were "data, cloud, risk, threat" in bold letters. If I had my own personal word cloud following me around, it would show words like "genius, brilliant, awesome" in big letters. One investor noted that total dollar-volume funding for cybersecurity startups was down in 2016 but later-stage funding was still keeping valuations high. The situation totally reminded me of the VCs' push for a cloud / mobile / Big Data confluence a couple of years ago because their portfolio companies in each specific sector were failing. Startups chasing those dollars now should know that innovation must address speed, because hackers' OODA loops operate faster than security professionals can respond. Get used to hearing phrases like "cognitive load" in startup pitch decks, because VCs want to fund solutions that add value through automation that reduces an IT team's cognitive load in managing cybersecurity functions. I think a startup that can demonstrate how the OWASP Benchmark Project validates its automated security solutions will have a big advantage in attracting venture funding. Any solution that can address processing encrypted data, particularly with cutting edge tech like homomorphic encryption, will garner a similar advantage.

People also implement foundational controls.

The Governor of Virginia came to tell us all about how cybersecure things are over in his state. He kept telling variations of a funny story about dolphins in his state's waters and how much Virginians loved them. I hope those dolphins are qualified cybersecurity professionals. I agree with the Governor's sentiment that state-sponsored education should offer more tech and less baloney, although he didn't use the word "baloney." That's one of my favorite words. Anyone who thinks there's no baloney in tech has never sat through a startup pitch fest. I did a Google search for the US's national STEM education standards and found the US Department of Education's K-12 standards page, so the STEM stuff may be in there somewhere. The NSF's STEM Education Data has gotten a lot more user-friendly since the last time I checked out its Science and Engineering Indicators report. The NEA surprised me with some useful STEM links; it's nice to see a union do something useful. Remember, folks, that arts education puts the STEAM into STEM.

Intelligence on threats must drive security decisions.

I was thrilled to listen to a security panel featuring cybersecurity legend Bruce Schneier. I have read his regular Crypto-Gram newsletter for years and he always has a fresh take on the biggest security trends. The panel addressed the emerging challenge of monitoring, maintaining, and certifying IoT products. It sounds to me like there are plenty of niches for security startups to make their cases. Industry will always sacrifice security for performance, so expect government regulation to drive security standards. Mr. Schneier mentioned how regulation has both fixed costs and marginal costs for solutions, and he somehow connected it to European Union regulations that will raise the marginal costs of producing IoT devices. It sounded like justification for US device manufacturers to on-shore more IoT device production here at home. I can see the walled gardens going up already in IoT thanks to security concerns. Here comes my awesome Alfidi Capital genius, folks. Secure models must connect trusted "walled gardens" (i.e., families of products from Google, Apple, and other big providers) to home IoT hubs (i.e., the coming smart home systems) that are certified under federated standards (i.e., cloud stack, network connectivity, and hardware all certified under some family of government-approved standards bodies). You heard it here first. Oh yeah, one more thing . . educating consumers on security never works! People ignore privacy settings and safety procedures, so regulation will have to build fail-safe protocols that make it difficult for non-expert users to leave themselves exposed.

Get used to hearing about securing ICS.

The RSA people livened up their conference by having actors and poets come out to introduce major themes. Hollywood actor John Lithgow gave an opening-day monologue with audience members raising their glowing wristbands. It worked as a performance art piece but I did not get a wristband. That's what happens when you only get an Expo Pass. A poet named Rives introduced a couple of cute musings on how ideas can represent data connections. I won't spoil his performance for you, so just go look up his TED talks.

Scripting in software is not like the movies.

I never miss a chance to hear Dr. Eric Schmidt from Google (aka Alphabet, its new corporate name) hold forth on tech stuff. His talk at RSAC mentioned Google's TensorFlow open-source AI library. Those Google folks are just non-stop innovators; it must be all the coffee they drink. Dr. Schmidt said he uses game theory to make strategic business decisions, especially when deciding to deploy tech that keeps Google at the center of a new ecosystem. It's no wonder why Google is so dominant if that's really how they think. Every company should be lucky enough to have geniuses running the show.

FireEye came out to the expo.

I acquired some good background information from the NIST Cybersecurity Framework presentation. It is destined to be the beta version of the federated standards system I mentioned above. Cybersecurity professionals need to know about the Center for Internet Security's critical security controls, the Center for Responsible Enterprise and Trade compliance standards, the CForum's development of the NIST framework, and the National Cybersecurity Center of Excellence's implementation of the framework. The framework's sponsors were fond of the Checklist Manifesto methodology, so there's a cue for startups that want to execute solutions in this space. Note that the Industrial Internet Consortium has its own security framework.

The final speaker that mattered to me was the phenomenal, incomparable, mind-blowing Dr. Neil deGrasse Tyson. Okay, I'll admit I attended other speakers but this guy was the real deal when it comes to pure, unadulterated genius. His genius probably ranks right up there with my own. I can't do justice to his blend of science wisdom, performance art, and comedic monologue with my meager words. Check out YouTube for tons of examples of his knowledge. It's all in the delivery. Dr. Tyson connected Albert Einstein's theories to lasers and gravitational waves during his RSAC talk. Previous eras had Dr. Einstein, and we are lucky to have Dr. Tyson among us today. His explanations of complex ideas make him a living national treasure. He should run NASA.

Read my blog article closely enough and you'll see how I spotlight hints for startups. I picked up a ton of printed information from expo floor presenters on technology implementation that I am not going to share in public. My intent is to attract entrepreneurs to some cool ideas and advise them on execution. I am not about to tip my hand in public lest potential competitors get a clue. Suffice it to say that anyone can track publicly available information on tech development, but only a genius such as yours truly can fit it all into a coherent business plan. Every conference I attend is by definition a massive winner, simply because I am there. Thank you RSA for enabling me to score in 2017.

Monday, January 30, 2017

The Haiku of Finance for 01/30/17

Growth forecast model
ZIRP throws off future discount
Bad ways to adjust

Thursday, December 08, 2016

Wednesday, November 02, 2016

Tuesday, October 25, 2016

Monday, September 26, 2016

Wednesday, August 17, 2016

Wednesday, July 27, 2016

Tuesday, June 28, 2016

Tuesday, May 24, 2016

Friday, April 01, 2016

Thursday, March 31, 2016

Richmont Mines Hangs In For Long Haul

I am impressed with Richmont Mines (US ticker RIC). Their longevity and profitability in 2015 were rare in a junior resource producer. The main challenge ahead is to replace mined reserves, either with new discoveries or with better engineering to make discovered resources viable.

The management team must be doing something correctly. Their mining engineer CEO has been around other producing companies. It's nice for once to see actual mine operators running a mining company instead handing the place over to former consultants or investment bankers. Their other key people have been around the block in the mining sector for a while.

The company has two active mines in Canada, plus other properties in various stages of exploration and development. The PEA for the Island Gold mine and the latest 43-101 for the Beaufor mine are on Richmont's website. My problem is that the PEA is abbreviated and the 43-101 is in French. Someone in charge over there needs to show me the long forms in my own language. I prefer to examine complete primary source documents in English. I am going to take the company's word that independent parties have verified its 2P reserves and ore grades.

Results in recent years aren't stellar compared to the larger world economy, but are probably better than countless mining companies facing bottomless financial holes during a bear market for metals. Profit margin at 4.72% (from Yahoo Finance today) isn't great, but plenty of resource sector investors would like to see that kind of money after holding other beaten-down mining stocks. Check out Richmont's numbers at Reuters. Its five-year EPS growth rate of -18.39% shows that even solid operations can't hold back a bear market in metal prices. Its five-year ROE and ROA are both below one percent, which are also below their industry averages.

Richmont Mines is somehow surviving when its larger competitors are struggling and the sector's juniors are cratering. Someone has to occupy the middle of the market.

Full disclosure: No position in Richmont Mines at this time.

Friday, March 25, 2016

Thursday, March 24, 2016

James Bond Belongs On Wall Street

Wall Street often undervalues military veterans. Snobs who've never broken a sweat look down their nose at people who've worn muddy boots and dirtied their hands. The only veterans that might be exempt from the categorical cold shoulder are those with intelligence backgrounds. The appeal has little to do with qualifying skills and aptitudes. It has everything to do with a popular culture phenomenon that romanticizes intelligence work as something exclusive to a small elite, just like how Wall Street sees itself.

Intelligence analysis has a lot in common with financial analysis. Both rely on open source material for background data on geopolitical conditions and economic trends. Analysts in the US military and intelligence community use detailed methodologies for tracking changes in a competitor's strength. Private sector analysts have the same mentality when tracking a company's financial statements and news releases. Both types of analysts take the protection of confidential and proprietary information very seriously, and they take pains to safeguard privileged information from disclosure. It should be easy to make the argument that intelligence people would be assets on Wall Street. It's even easier to use a movie icon as shorthand for the advantages of having an intelligence pro in a financial house. That icon is none other than Agent 007, James Bond.

Anyone who's seen a Bond film knows the guy's fictional lifestyle. He travels the world with ease, wears a tuxedo to gambling tournaments at five-star hotels, drinks martinis, wears an expensive watch, drives a customized luxury car, and comes face to face with the most powerful and intriguing people in the world. James Bond is the archetype of alpha achievement and unquestioned competence, with a healthy serving of of sociopathy. Stereotypical financial titans think of themselves exactly the same way. Plenty of senior investment bankers and private equity fund managers negotiate high-stakes deals with intriguing international counterparts. They can afford a James Bond lifestyle in real life. 

Your typical high-powered Wall Street type gets deal flow from peer referrals, and hiring also works the same way. Image and prestige matter more than actual qualifications. An investment banker who sees a resume labeled "intelligence veteran" doesn't think about the candidate's analytical skills, geopolitical outlook, or cultural expertise. They think, "It's Agent 007. This person must have a lifestyle just like mine." That's all that matters.

Military veterans aiming for Wall Street careers can make this irrational bias work in their favor. Executives who think they need a Bond-like presence on their team are suckers for an intelligence veteran's pitch. The dumb trust fund kids running around Wall Street's mid-levels make hiring decisions on instinct. Action movies form their entire picture of military life. They'll hire for a "killer" advantage if they think a veteran brings shock and awe to a deal. You don't have to be a James Bond (or Jane Bond for the female equivalent) to close the deal, but the image's unspoken power just might open a door that would otherwise be closed to veterans.

Right this way, Mr. Bond. We've been expecting you . . . in the Fortune 500 boardroom.