Effective Solutions Through Partnership

KAI Partners Staff Profile: President & CEO, David Kendall

Certified Scrum Product Owner (CSPO), Certified ScrumMaster (CSM), Community Service, Corporate Training, Entrepreneurship, Front Street Animal Shelter, KAI Partners, KAI Partners Staff Profile, Learning, Managing/Leadership, Organizational Change Management (OCM), Professional Development, Program Management, Project Management, Project Management Professional (PMP), Sacramento, Sacramento Steps Forward, Servant Leadership, Small Business, Training, WEAVE, Workforce Development

There are many paths to success and while not everyone takes the same path, we often manage to arrive at the same destination. In our KAI Partners Staff Profile series, we share interviews and insight from some of our own employees here at KAI Partners. Our staff brings a diversity in education, professional, and life experience, all of which demonstrate that the traditional route is not necessarily the one that must be traveled in order to achieve success.

Today, we bring you the journey of our very own President & CEO, David Kendall! David founded KAI Partners in 2003. As our President & CEO, he is a managing director for the organization, as well as service delivery lead for a number of our clients.

KAI Partners, Inc.: How did you get into your line of work?

David: I spent nine years in the U.S. Air Force performing a technical role related to electronic warfare. At the same time, I was finishing up my undergraduate degree in Management Information Systems from University of Maryland University College. After the Air Force and graduating from college, I worked for several different companies in project manager and program manager roles.

KAI: Are there any certifications or trainings you’ve gone through that have helped in your career?

David: I have my Project Management Professional (PMP)®, Certified ScrumMaster (CSM®), and Certified Scrum Product Owner (CSPO®) certifications. I’ve found that certifications give us a common language to talk about a particular domain. They provide a framework to execute tasks in a specific order to achieve an outcome. They also provide a professional community and opportunities for community service.

KAI: What is your favorite part about your line of work and why?

David: For clients, my favorite part of my job is providing solutions to business problems. Helping solve problems means I can really see the value for our customers, partners, and our staff. My favorite part of being a small business President & CEO is individual and team development.

KAI: What is one of the most common questions you receive from clients and what counsel or advice do you give them?

David: I frequently get asked by clients, “How do I manage change across my organization?” I recommend building coalitions, identifying change agents, and including these people in the process early and often. Internally, I sometimes get the ‘What’s in it for me?’ question. I think it’s important to communicate why we do what we do and how this relates back to all aspects of a person’s work—their own development, the team’s development, our community, and our customers.

At the end of the day, our goal is to help provide more reliable services to Californians, so it’s important to keep this at the forefront.

Now that we’ve learned more about David’s background and current work as both consultant and KAI Partners’ President & CEO, here’s a little more about him!

Quick Q&A with David Kendall:

Daily, must-visit website: For work, I visit Asana.com. It’s a flexible work management tool that allows the team to create a set of business rules so everyone can work successfully. For news and information, I go to the New York Times, LinkedIn, and—of course—social media sites.

Preferred genre of music or podcast to listen to: The most recent audiobook I listened to was “Lab Rats: How Silicon Valley Made Work Miserable for the Rest of Us,” by Dan Lyons. I read this for the bi-monthly KAI Book Club. The book club is a newer endeavor for us internally. I’ve enjoyed the participation and a diversity of perspectives and thought-provoking discussion that comes out of our meetings. We also have a resident mixologist who creates thematic cocktails based on each book!

Best professional advice received: “Leaders are not appointed.” Another piece of advice I received is simply said (but not always simply done), and that is: Manage expectations. I’ve found that this applies to any management job at any level.

Book you can read over and over again: Principles: Life and Work by Ray Dalio.

Most-recent binge-watched show: “Letterkenny” on Hulu.

About David: Mr. Kendall’s career serving the public sector includes key consulting positions for various health and human services agencies. Mr. Kendall supports a number of community partners in the Sacramento region, including WEAVE, Sacramento Steps Forward, and Front Street Animal Shelter. In his spare time, David enjoys playing golf and cooking.

Understanding IT Security and Cybersecurity Laws

Conferences, Cyber Security, Data Privacy, Government, Information Security, Information Technology, IT Security, National Cyber Security Awareness Month, Public Sector, Ransomware, Sacramento, Technology

By Jamal Hartenstein, JD, CISSP, CGEIT, PMP

(ISC)², a leading cybersecurity and IT security professional organization, is holding their annual Security Congress event in Orlando in a few months. At the conference, I will be presenting a panel called “Behind the Text: Laws on Data Privacy, Consumer Rights and Cybersecurity, Deconstructed.” Today I am sharing a little bit of insight into what I will delve further into at the (ISC)² event.

Data privacy and cybersecurity laws shape many aspects of an organization, from influencing the operational decisions an organization makes to the way IT security professionals do their jobs.

The purpose of data privacy laws is to provide regulatory compliance measures to protect personal data—depending on the industry, this could be the data of consumers, customers, private citizens, or others. Typically, the laws align with IT security frameworks (often created by academics or other experts) and companies write their data privacy policies to comply with laws and adhere to frameworks.

But, what’s missing? When you deconstruct the text of the laws that govern an organization’s industry—think private sector financial, health insurance, banking, etc.—you may find loopholes or obligations you didn’t know existed. Organizations can save themselves a lot of time and money by understanding the scope of their legal obligations.

Legislation is increasingly shaping the IT security professional’s field. Some laws that currently govern IT security have been on the books for 100+ years, but only recently have been interpreted to cover data privacy and cybersecurity violations. These changing legal interpretations, along with the new laws being put on the books, means that there’s a level of legal understanding that can be daunting for organizations and the security professionals they employ. Collectively, we need to dissect the wording used in the popular data privacy and cybersecurity laws and break it down so IT professionals can truly understand what we’re working with.

As an IT Security professional, I understand the threats, technology, and strategies to mitigate threats. Having a legal background makes it easier for me to understand laws that determine exposure to compliance obligations and laws that influence how I develop strategies. For example, when organizations comply with a deletion request, or “the right to be forgotten” (aka: of your own personal data records held with an organization), this can be an expensive process, especially if the data is on offsite backups and housed with third party data processors. But the law is particularly tricky with explanations on why, how, and when an organization must process a deletion request, or even if the request must be performed at all. Consequently, a lot of time and money can be saved if IT Security professionals understand the text of the laws.

Interested in learning more? During my discussion at the (ISC)² Security Congress, we’ll cover the following:

  • Identifying loopholes in laws. For example, whether you must comply with a consumer’s request to be “forgotten”/deleted.
  • Identifying widely unknown obligations. For example, the requirement to appoint an EU Representative under GDPR, distinguished from the DPO.
  • Understanding the rights of the consumers regarding data privacy provisions and IT security obligations.
  • Understanding factors used to determine whether you must comply with data privacy and cybersecurity laws…and to what extent.

Want to find out how to deconstruct and understand security law? Attend my panel at the (ISC)² Security Congress in October—I hope you see you there!

About the Author: IT Security Program Manager at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.

Building a Business Community in Sacramento

Community Service, Conferences, Entrepreneurship, Event Recap, Innovation, Public Sector, Sacramento, Sacramento Metro Chamber, Small Business, Startup Company, Technology

Photo Credit: Sacramento Business Journal

By Lucie-Anne Radimsky, CSPO

KAI Partners is a community of diverse and talented individuals who believe in the value of service. We actively engage with our clients to find solutions that meet their goals and objectives. As a local small business, we are also involved in the Sacramento business community.

We recently attended business events hosted by the Sacramento Metro Chamber and the Sacramento Business Journal. We gathered alongside other local businesses at two unique and important events helping to raise the profile of doing business in the Sacramento region and celebrating local businesses’ successes.

It is truly mind-blowing what transpires in a room filled with people from disparate groups who enter quietly…and who are then asked to engage and lean into conversations that ultimately unite them. Not only does the volume seem to exponentially rise, but the feeling of hope and potential seems to take hold, permeating the room and the bloodstreams of those in attendance.

Competitors become partners, strangers become friends, and dreams become reality.

KAI Partners attended a members’ meeting at the Metro Chamber, which gathers local business representatives to reconnect with the Chamber and allows them to engage with other local business members and those looking to join. We participated in a group activity which sought to better understand the why regarding membership in the Chamber. The results are below, and I don’t think you’ll be surprised by the answers:

Most everyone in the room seemed to be searching for a more personal connection to others in the community—they wanted to be part of something bigger than themselves and realized that in order to benefit from this important resource, they needed to actively engage.

The Fastest Growing Companies event, sponsored by the Sacramento Business Journal, was slightly more glamorous and involved a sit-down lunch, but it too was built on community and focused on raising awareness around the success that many businesses—50 to be exact—are experiencing in the region.

It is interesting to note that the combined revenue generation of the top 50 companies exceeds $500 million—an accomplishment that we can all get behind considering these are mainly small- to medium-sized businesses.

This event was a reminder that we can all be successful. In the words of Bret Fair of 360 Risk Partners, one of the companies highlighted at the event, “Focus on what you do best and do it so well that people start to talk about you.”

On that note, let’s all get back to work and do what we do best—and let’s act on that. Did you attend either the Metro Chamber or Sacramento Business Journal events? What were your key takeaways?

About the Author: Lucie-Anne has over 15 years’ experience in communications and business development in the U.S. and Europe, on behalf of start-ups and non-profits. She has represented clients within the technology, energy, and telecommunications sectors to government agencies, press, and industry analysts throughout the world. Lucie-Anne has both American and E.U. citizenship. She is fluent in English and French. Lucie-Anne is an active community volunteer and has served on numerous non-profit boards and led alumni groups in Paris, Washington D.C., and San Francisco. She holds a B.A. in Economics from the University of California, Irvine. She currently resides in Sacramento with her Brazilian husband and two boys.

Why Process Improvement Is a Never-Ending Job…Thank Goodness

Best Practices, Continuous Improvement, Innovation, Lean Six Sigma, Process Improvement, Sacramento

By Stephen Alfano, PMP, CSM

Ice cream melting. Kids whining. Anger mounting. It’s a Saturday morning in the middle of summer. The lines at the local grocery store registers are six people deep. Patrons have been moving at a glacial pace for the last 10 minutes. Many are complaining to one another. Several have begun to shout out for the store manager. The store manager is not on duty. The shift manager is—so, the bottleneck is her problem. She needs to find another way to move these customers through the queue as quickly as possible or risk seeing dozens of negative (business-killing!) reviews posted on social media. Her job is at stake. If she’s unsuccessful, then the ice cream won’t be the only thing having a meltdown.

Of course, if the shift manager has been trained or has prior experience with this type of process problem, she will undoubtedly follow the store playbook or her gut and get the shoppers on their way in no time. But, what if the store didn’t have a playbook on how to handle this kind of situation? Or what if this was the shift manager’s first day on the job?

This check-out crisis at the corner store might seem a little cliché at first. However, it is a perfect example of a real-world (real-time) business process improvement opportunity, for example…

  • An opportunity where an individual or an organization can take a bad scenario—or “use case”—and turn it into a teaching moment that will drive value for customers;
  • An opportunity that highlights how critical addressing process flow problems are to the success of any business; and
  • Perhaps most important, an opportunity that demonstrates the need for making a plan, doing what the plan prescribes, studying the results or reaction to what was done, and actively identifying and pursuing any changes to the plan to improve the process on a continuous basis.

I like to use the Plan-Do-Study-Act (PDSA) cycle. Known as the Deming Wheel or Deming Cycle—named for Dr. W. Edwards Deming, an American engineer, professor, author, and management consultant—the PDSA is an organized approach to continual learning and improving products, processes, or services.

“If you can’t describe what you are doing as a process, you don’t know what you are doing” ― Dr. W. Edwards Deming

Here’s how the PDSA cycle is applied:

The Plan step starts the cycle:

  1. Establish a goal or outcome.
  2. Formulate a theory or an approach to achieving the desired results.
  3. Define success criteria, including actual activities and products necessary to execute the plan itself.

Then, in the Do step:

  1. The plan is implemented.
  2. Processes are executed.
  3. Products are generated.
  4. Services are delivered.

Next comes the Study step. The results—the outcomes—of the processes, products, and services are monitored and evaluated on their effectiveness and efficiency towards meeting the customers’ expectations and needs. The entire plan is examined: Progress and success are measured as much as problems—and areas for improvement are prioritized.

The Act step brings the cycle back to the planning or drawing table. Here, data and learning gained throughout the process are used to help make informed decisions—or at the very least, adjustments in goals, approaches, and value metrics.

If executed with discipline and intentions to drive continuous improvement, the PDSA cycle can be repeated over and over to the delight of customers and managers alike in any season or business scenario.

For more insight on process improvement, check out these links:

Whether it’s at the ice cream counter or on technical project, this model for process improvement can apply! Do you have questions or comments about Process Improvement or your preferred best practices? Comment below!

About the Author: Stephen Alfano is an Organizational Change Management Consultant and Communications Expert. He has over 30 years of experience leading and managing initiatives for both private and public-sector clients. His résumé includes providing both new business and business process improvement services to Apple, American Express, AT&T, California Department of Transportation, Chevron, Entergy, Levi Strauss & Co., Louisiana Office of Tourism, Mattel, Microsoft, Novell, SONY, Sutter Health, and Wells Fargo. Stephen currently works as an Executive Consultant—PMP®, CSM® with KAI Partners, Inc., providing change management and communications expertise and project management support services on several active contracts.

How to Hack into an IT Career (No hacker skills required!)

Cloud Computing, Corporate Training, Cyber Security, Digital Transformation, Government, Information Security, Information Technology, Innovation, Innovation in the Public Sector, IT Modernization, IT Security, KAI Partners, Professional Development, Project Management, Project Management Professional (PMP), Public Sector, Sacramento, Technology, Workforce Development

By Jamal Hartenstein, JD, CISSP, CGEIT, PMP

I recently had the opportunity to speak to a group of civil servants through the organization, NxtGov. NxtGov is a professional network for people working in California public service, and those who are interested in public service. According to NxtGov, “We want to develop this network into a platform for collaboration across government and other sectors to develop innovative ideas to improve government service and restore trust and pride in public service.”

To achieve their mission, NxtGov promotes training and advancement of current government workers and actively recruits new talent. NxtGov adds value with opportunities on how to find and apply to government positions and training on how to sharpen skills to promote within.

My discussion focused on improving understanding of the Information Technology workforce within the public sector, including information on the different certifications and skills-building that might be beneficial. With so many public sector agencies undertaking large system replacements and other innovation projects, skilled IT professionals are needed now more than ever. And, IT professionals with different backgrounds—like project management and change management—are just as much in demand.

Interested in learning more? Here are some Q&A on IT certifications and professional development:

  1. Do I need an IT certification? Considering all the letters behind my name, I definitely think certifications are valuable! Plus, certifications are often mandatory checkboxes when applying for government positions. Even if it’s not mandatory, a certification can indicate to employers your interest in and dedication to a particular industry. A certification can also validate years of experience and capability.
  2. Which certification do I need? First you need to determine which certification is most valuable to you and your goals. A certification is only as strong as the certificate authority and how you use your credential. Remember that earning a certification often allows you to gain access to and participate in a new online community with membership by the certification authority. Resources will become available that otherwise were not offered, which only aids in your continued development.
  3. Is a PMP® an IT certification? Short answer: Yes! Many of us have been involved in IT project management, but just didn’t know it. A PMP® credential is a valuable IT certification and as of July 2019, there are nearly 900 open project management jobs in the Sacramento region. (Bonus: The average IT Project Manager position pays upwards of $95K annually).

The future of IT in the public sector is great and growing. Whether it’s through cloud migrations, third party software replacements, or an innovation we haven’t even thought of yet, now is the time to start taking your professional development up a notch. For a sustainable IT career, you should keep up with new certification and training and make sure you don’t stay stagnant in a position that isn’t growing along with the speed of technology.

How are you navigating the IT changes in the public sector? Be sure to check out NxtGov to learn more about the important work they’re doing to help improve government services.

About the Author: IT Security Program Manager at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.

« previous page · next page »