Authors: Sahana Nazeer and Lauren Perna
In the first part, we talked about what culture is and how MIT has managed to quantify it through an interactive tool called the Culture 500. Now that we understand it, we need to know how a company institutes a vibrant culture. It all starts with, ironically, hiring. The first 20 to 50 employees serve as the poster image for future team-members; therefore, they should have strong leadership skills and the ability to adapt as the company scales. The initial team should also be a diverse group with complementary skill sets. Culture is bound to suffer if every on staff thinks the same way. The hiring team should assess what strengths are already present and target people with skills that will offer a good balance.
This may mean requiring that initial hires undergo a more involved interview process, i.e. behavioral-based questions with a range of employees, especially senior leadership. If a company invests in the first 20 people coming through the door, then they will not have to sell the company to the next 20 people who choose to follow them.
Paula Cloghessy, chief human resources officer at Translate Bio, echoes this sentiment. She was one of those “next 20 people” who did not need a hard sell to join the company. Cloghessy came onboard when there between 30 and 40 employees; she joined because of CEO Ron Renaud’s people first mentality. “In a biotech you are constantly in survival mode, but Ron saw the importance of building people and bringing them together early on.” Renaud’s “people first” focus is still a vital part of the company’s culture and is made evident through their branding initiatives–something we’ll talk about in the next part.
So, what about those companies who have a reputation for a toxic company culture? Is there any hope? Certainly. There are many resources online offering advice on how to turn a toxic culture around without firing the whole staff, although that is one way to go about it. Some common tactics: implementing a culture team, analyzing employee demographics, and surveying current and former employees. An important takeaway is that culture starts from the top, so if the Board or Senior Leadership team are part of the problem then that’s where to start.
Whether a company is establishing a new culture or revamping an existing one, they should make sure that the culture aligns with company goals. Once a company has established (or re-established) a good corporate culture, what’s next? Promoting it, believing it, and showing it. In the next part, we’ll talk about promoting it.
Authors: Sahana Nazeer and Lauren Perna
In the super competitive world of life science employment, culture ranks top of the list of reasons people decide to join a company. While a nice paycheck and great benefits are important, the type of work and the people at a company are the top priority for most employees. According to Biospace’s 2019 Ideal Employer Report “interesting and meaningful work” is the #1 quality in an ideal employer. In a survey of 2,700 life science professionals, 74% of respondents said team dynamics was important.
The trend is not unique to the life sciences industry. Glassdoor conducted a Mission and Culture Survey last year across four countries (including the U.S.), and the main takeaways from the survey all highlight the cruciality of company culture.
-
- Over 77% of adults take into consideration a company’s culture and 79% weigh a company’s mission and purpose prior to applying.
- A little over 50% of adults stated that company culture is more important than salary in terms of job satisfaction.
- 73% of adults will not even apply to a company unless its values align with their own.
- In order of greatest to least importance for employee satisfaction, adults listed culture and values, senior leadership, career opportunities, business outlook, work-life balance, and compensation and benefits.
Culture matters so much now that the fine people at MIT Sloan created a Culture 500 Index–an interactive tool that measures how major companies rank across nine different values that they have identified as being a critical part of corporate culture. The data is based on a sample of companies on Glassdoor, representing 33 industries with an average of 18 companies per industry. Each of the companies in the sample had at least 2,000 reviews. The Culture 500 is a benchmark for company culture, celebrating success and encouraging improvement.
According to MIT’s introductory report on the Culture 500: “A healthy company culture can turbocharge corporate performance.”
In fact, the report states that there is research showing “a good corporate culture is correlated to higher profitability and returns to shareholders.”
So, what makes a good culture? According to the Culture 500, the nine values to consider include: agility, collaboration, customer, diversity, execution, innovation, integrity, performance, and respect. The biotech and pharma industry did the best in the customer category, which makes sense given most people join this industry to help others. The industry also did well in the integrity and respect categories, while some categories were a mixed bag like innovation and diversity. Agility was the industry’s weakest category, meaning biopharmas do not “move quickly and effectively to changes in the marketplace and seize new opportunities,” which makes sense given the amount of resources and time it takes to make a drug.
Larger companies may seem like the clear front-runner in the culture department, since they have the financial resources to create a positive culture or improve a not-so-great one. But size is both the advantage and their disadvantage. In a large, well-established company, it can be really hard to combat a bad culture and the ramifications can be detrimental (i.e. Wells Fargo).
That’s where the startups have an advantage. They can create an appealing work environment from the ground up, and in the hot life sciences job market that’s important. As we’ve stated before, smaller companies need to sell their culture and mission because they cannot compete with the larger biopharmas in the salary and benefits department.
MIT’s Culture 500 is a great tool to help companies who are starting out and for companies who wish to improve. Companies can also delve deeper into Culture 500’s data source—Glassdoor. With over 49 million reviews on the site, there’s bound to be some helpful nuggets of information from companies not used on the Index.
Now that we understand culture a little better, we can talk about how to go about executing a good culture. In our second part of this five-part series, we tackle the execution of culture.
Rockland, Massachusetts, January 17, 2020: Sci.Bio is pleased to announce that Kerry Ciejek has been promoted to Managing Partner. Ciejek joined the company in September as a Senior Recruiting Partner with extensive experience in life science and healthcare recruiting.
Ciejek received her Bachelor of Science in Biology from Fairfield University. She began recruiting career with Lab Pros, where she spent 17 years building and developing teams. After that, she spent several years in an in-house recruiting role with Steward Health Care. Ciejek decided to make the move to Sci.bio after speaking with Founder Eric Celidonio and learning about its innovative model.
“I decided to join the Sci.bio team because I could see there is a deep level of commitment to client and candidate success. I also appreciated the team’s wealth of scientific knowledge, that allows us to understand our clients and candidates and make great matches,” Ciejek explains.
Ciejek also brings expertise in recruitment training and coaching. She is a Co-Active Coach®, trained through the Coaches Training Institute. “I love coaching and training recruiters, so I am excited that this new role will allow me to share my passion with the staff.”
In her new role, Ciejek will also be a strategic partner to Celidonio, who provided the following statement: “Kerry is someone I’ve always wanted to work with and I am honored that she has accepted a role as a Managing Partner. She brings an incredible boutique agency recruiting and training background that will bolster our capabilities as a preeminent, total talent solution for life science companies.”
For more information about Sci.Bio please contact Lauren Perna at [email protected]
Contributing Authors: Eric Celidonio and Lauren E. Perna
In the first two parts of this series we talked about real cases of IP theft, including our own. These cases are extreme, but still the threat should not be taken lightly. There are many precautions you can take to protect your company. Forbes outlines a list of ways companies typically shield themselves from corporate espionage. The best practices list takes into consideration both internal security issues, arising from current and past employees being able to access and leak data, as well as outsiders who are trying to get access to company information.
The most reasonable precaution is to conduct a security audit of both physical spaces and intellectual property (which can include anything from ideas being floated around the office to data located on your company’s servers). The audit should also work to secure sources of data, such as USB drives or laptops, that could be stolen by a corporate spy walking through your building.
The list also suggests organizations take into consideration the ability of outsiders to visit their company. For example, major tech companies such as Apple and Google are typically located on a private road that is away from main thoroughfares in order to reduce visitor traffic and reduce spying and data loss.
Other ways companies can protect themselves include:
- Universally adopt a well-written Confidentiality or Non-Disclosure Agreement (NDA) requirement for all interviewers in order to discourage would-be spy agents.
- Make IP security a part of your corporate culture. Remind personnel with access to sensitive information what is in need of protection and how they can protect it, how to protect it as well as the potential consequences of sensitive information loss.
- Make sure visitors and interviewers are accompanied by an internal staff member and not be left alone places where sensitive information is stored such as offices and lab space.
- Advise individuals without access to IP what they should do if they inadvertently come across IP or sensitive information.
- Limit the number of copies of sensitive information as well as general access to printers, encrypt sensitive information whenever possible.
- Consider implementing user and entity behavior analytics (UEBA). UEBA utilizes machine learning and artificial intelligence-powered analytics to monitor activity and detect unusual behavior; it can be very effective in thwarting cyber spying and sabotage attempts.Consider implementing user and entity behavior analytics (UEBA). UEBA utilizes machine learning and artificial intelligence-powered analytics to monitor activity and detect unusual behavior; it can be very effective in thwarting cyber spying and sabotage attempts.
- Have role-based access privileges that are frequently reviewed and that are changed INSTANTLY with promotion, re-assignment, termination, re-organization, need to know, or other changes in employment status.
Roger Johnson, CEO of Right Brain Sekurity, in an interview with Digital Guardian recommended deploying effective insider threat countermeasures with a focus on disgruntlement detection and mitigation techniques. He indicates that there are many motivations for an inside attack, but disgruntlement is one of the easiest to address. He recommends fair, effective, and widely used grievance and employee assistance programs. Treat all employees and contractors well (not just “fairly”), especially those with sensitive IP access and those who have been terminated. As we suggest in a recent article, there are different ways managers can appreciate their employees that are not to be overlooked.
When it comes to the candidate process, it’s about knowing what to look for:
- The questions asked by the candidate are not relevant to the job–instead, they are focused more on intellectual property.
- There is an insistence on seeing the lab, manufacturing facility, or cleanroom.
- The job candidate’s LinkedIn seems incomplete (e.g., no picture, or very little information is included) or their resume lacks specific details.
- Your company’s computer network is accessed from an unfamiliar location (i.e., indicating that spies or other malicious entities may have infiltrated your organization’s servers).
Conclusions
Corporate espionage may seem like something out of a Hollywood movie, but it is real and more common than you might think. Unfortunately, the candidate interviewing process can serve as a unique opportunity for spies to gain access to sensitive and confidential information including company IP. That doesn’t mean you need to stop interviewing highly qualified candidates on the concern they might be spies. With proper precautionary measures and ongoing vigilance, you can mitigate risk and still build a stellar (spy-free) team.
References:
https://www.forbes.com/sites/betsyatkins/2019/02/12/learning-from-apples-spying-incidents-how-to-protect-your-company-from-corporate-espionage/#63e5f5246fb4
https://www.forbes.com/sites/quora/2017/06/05/how-do-fortune-500-protect-themselves-from-corporate-espionage/#4e76717a5ced
https://www.giac.org/paper/gsec/1587/corporate-espionage-101/102941
https://www.thebalancesmb.com/how-corporate-spies-could-be-watching-your-business-4165210
https://usnwc.libguides.com/c.php?g=661096&p=5258510
https://www.cio.com/article/2879575/how-corporate-spies-access-your-companys-secrets.html
https://www.inc.com/magazine/201302/george-chidi/confessions-of-a-corporate-spy.html
https://blogs.findlaw.com/free_enterprise/2017/05/3-tips-to-protect-against-corporate-espionage.html
https://www.csoonline.com/article/3285726/what-is-corporate-espionage-inside-the-murky-world-of-private-spying.html
https://securityintelligence.com/articles/10-myths-and-misconceptions-about-industrial-espionage/
http://ipcommission.org/report/IP_Commission_Report_052213.pdf
https://www.cnbc.com/2019/02/28/1-in-5-companies-say-china-stole-their-ip-within-the-last-year-cnbc.html
https://www.csoonline.com/article/2138380/intellectual-property-protection-10-tips-to-keep-ip-safe.html
https://digitalguardian.com/blog/how-to-secure-intellectual-property#Johnston
Interested in getting the entire 3 part series in your inbox? Enter your details below:
Contributing Authors: Eric Celidonio and Lauren E. Perna
In the first part of this series, we told the story of a candidate that used the interview process to steal proprietary information from a potential employee. The interview process can provide a perfect opportunity for IP theft, but it can take place under other clever circumstances. For example, previous employees of your organization may still be able to access sensitive corporate data on your company’s servers. Or current employees can be bribed and or offer sensitive detail in interviews or social settings. Some other examples include:
- Trespassing on company property
- Posing as an employee to gain on sight or IT access
- Recording a phone conversation
- Email phishing and server hacking
Technologies used in corporate espionage technologies can include hacking USBs, which can contain malware which allows malicious entities to access corporate servers to steal data. In 2013, hackers working for the Chinese government stole trade secrets from U.S. and European aviation companies. Chinese hackers who visited the Suzhou headquarters of French aviation company Safran left a USB drive containing malware which allowed them to access corporate data.
However, corporate espionage technology doesn’t have to be sophisticated. Recall that, in the example we related at the beginning of the article, Marc brought a pen camera with a microphone to record conversations and obtain trade secrets. Corporate spies can steal computers or thumb drives, or use video or audio recording, to facilitate their intellectual property theft.
According to CSO online the most common IP breaches occur through:
- External email like a Gmail or Yahoo account (51%)
- Corporate email (46%)
- File sharing via FTP (40%)
- Collaboration tools like Slack or Dropbox (38%)
- SMS or instant messaging apps like Whatsapp (35%)
Recent Cases of Corporate Espionage
Just a few weeks ago, a striking case of corporate espionage hit the local news. On December 10th, a Chinese National medical student was caught at Logan Airport smuggling vials of research specimens in his luggage. Zaosong Zheng, 29, came here on a Harvard University sponsored visa and spent the past year doing cancer research at Beth Israel Hospital. Zheng was also caught with the laptop of a fellow Chinese researcher, who was in on his plan to steal the specimens, continue the research at home, and take credit for the work. This may sound rather brazen, but according to the Boston Globe it is not uncommon, as there have been about 18 similar cases at Logan Airport.
This case comes just a few months after several biotech leaders wrote an open letter to the NIH admonishing the dismissal of five Asian-American scientists from MD Anderson Cancer Center and Emory University on the basis they did not report their foreign ties. These dismissals were part of a larger NIH campaign to address concerns of IP theft among foreign nationals, especially those from China. The target is often oncology, and with China encroaching on the U.S.’s progress, NIH feels their concerns are valid. The biotech leaders worry the campaign is xenophobic and could hinder progress.
The NIH began their campaign in 2018 after several major cases of biopharma corporate espionage were made public, including one out of GSK’s Philadelphia R&D facility. A researcher pleaded guilty to stealing confidential research and sending it to China; she was working in conjunction with several other Chinese nationals. The other highly publicized case involved three scientists at Genetech transferring trade secrets to a Taiwannese competitor.
These cases illustrate how easily proprietary information can get into the wrong hands. The good news is that there are ways to make sure this doesn’t happen. In the final section of this piece, we’ll talk about how to protect yourself against such threats.
Interested in getting the entire 3 part series in your inbox? Enter your details below:
