professional development workshop › pdf › january-20-2018-presentation-material.pdfprofessional...

The Institute of Chartered

Accountants of India

Toronto Chapter

Professional Development Workshop: How CPAs Can Help Organizations Adapt to the

Impacts of Climate Change

January 20, 2018

Presented by

Gordon Beal, CPA, CA, M.Ed

Vice President - Research, Guidance & Support

CPA Canada

2

How CPAs Can Help OrganizationsAdapt to the Impacts of Climate Change

This PD session is the result of a 3-year

project:

1. Explore and engage: Round table discussions,

review of research and practice

2. Develop and test: Case studies, overview briefs,

and Viewpoints on specific competencies

3. Deliver and transform: Professional development

Resources available at:

www.cpacanada.ca/climatechange

http://www.cpacanada.ca/climatechange

Workshop Learning Objectives

1. Gain a basic understanding of climate change and

climate change adaptation (and how it differs from

climate change mitigation);

2. Understand risks and opportunities that climate

change poses to different organizations (general

types and specific examples); and

3. Understand how CPA competencies can be used to

help organizations plan for and manage climate

change-related risks and opportunities

Agenda

1. Facts about climate change

2. Risks and opportunities

3. Framework for action

4. CPA Canada adaptation resources

Part 1: Facts about Climate Change

The Greenhouse Effect— Illustrated

CO2 Cooperative Research Centre, www.reefnation.com/wp-content/uploads/2015/11/greenhouse-effect.jpg

http://www.reefnation.com/wp-content/uploads/2015/11/greenhouse-effect.jpg

Climate Change — Defined

Climate change refers to a long-term shift in

weather conditions. It is measured by changes

in a variety of climate indicators (e.g.

temperature, precipitation, wind) including both

changes in average and extreme conditions.

Climate change can be the result of natural

processes and/or human activity.

Environment and Climate Change Canada, http://www.climatechange.gc.ca/default.asp?lang=En&n=F2DB1FBE-1

http://www.climatechange.gc.ca/default.asp?lang=En&n=F2DB1FBE-1

Effects of Climate Change in Canada

Some Predicted Changes in Canada

• Increased occurrences of extreme weather events

• Rising sea levels

• More frequent and more intense hot days and nights

• More intense downpours

• Warmer temperatures

• Fewer days with snow cover

• Increased wildfires

• Increased drought

• Thawing permafrost and ice

Impacts will vary regionallyBush et al, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Chapter2-Overview_Eng.pdf

http://www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Chapter2-Overview_Eng.pdf

10

Canadian Temperature Trends – 1948-2012

Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1

http://www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1

11

Winter Warming Trend

Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/default.asp?lang=En&n=55965A8C-1

http://www.ec.gc.ca/sc-cs/default.asp?lang=En&n=55965A8C-1

12

Key Messages from Environment and Climate Change Canada

• “Warming over the 20th century is indisputable

and largely due to human activities.

• Canada’s rate of warming is about twice the

global rate: a 2ºC increase globally means a 3ºC

to 4ºC increase for Canada.

• Effects will persist for centuries because

greenhouse gases (GHGs) are long-lived and the

oceans are warming.”

Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1

http://www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1

Predicted Impacts by Sector

• Infrastructure: Increased occurrence of extreme weather

events poses risks

• Agriculture / aquaculture: More pests and diseases;

transportation challenges

• Industrial/ economic activity: Changing and extreme

weather may affect production, operations and revenue

• Human health: Diseases shift range; possible increased

air pollution

• Natural resources: More complex management; issues

vary by resource

• Ecosystems / biodiversity: Species shift range

Warren et al, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf

http://www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf

Ways to Respond to Climate Change (1)

Mitigation

• Taking action to slow climate change by

reducing greenhouse gas emissions

• For organizations, this means taking

actions to reduce the greenhouse gas

emissions attributable to operations,

products and services

Adapted from Desjardins and Willis, www.transformgcc.com/resources/CICA_Briefings/Climate%20Change.pdf

http://www.transformgcc.com/resources/CICA_Briefings/Climate Change.pdf

Ways to Respond to Climate Change (2)

Adaptation

• Taking action to respond to the effects of

changes in climate

• For organizations, this means taking

actions to minimize and respond to the

effects of climate change on the

organization

Our workshop today will focus on…

ADAPTATIONAdapted from Desjardins and Willis, www.transformgcc.com/resources/CICA_Briefings/Climate%20Change.pdf

http://www.transformgcc.com/resources/CICA_Briefings/Climate Change.pdf

16

Responses to a Changing Climate

Economic Impacts to Canada

“Climate change costs for Canada could escalate from

roughly $5 billion per year in 2020…to between $21

billion and $43 billion per year by the 2050s”

.

National Round Table on the Environment and Economy,http://collectionscanada.gc.ca/webarchives2/20130322143132/http:/nrtee-trnee.ca/wp-content/uploads/2011/09/paying-the-price.pdf

http://collectionscanada.gc.ca/webarchives2/20130322143132/http:/nrtee-trnee.ca/wp-content/uploads/2011/09/paying-the-price.pdf

Bank of England Governor Mark Carney said climate change can

affect financial stability in multiple ways, including through physical

risks, liability risks and transition (adjustment) risks.

“The challenges currently posed by climate change pale in

significance compared with what might come…

…Once climate change becomes a defining issue for financial

stability, it may already be too late.”

Financial Impacts

Bank of England, www.bankofengland.co.uk/publications/Pages/speeches/2015/844.aspx

http://www.bankofengland.co.uk/publications/Pages/speeches/2015/844.aspx

19

World Economic Forum, www3.weforum.org/docs/Media/TheGlobalRisksReport2016.pdf

20

Each country

• has targets for mitigation (emissions reduction)

• is encouraged to develop a national adaptation plan

“The Paris Agreement establishes a global goal of

enhancing adaptive capacity, strengthening resilience and

reducing vulnerability to climate change”

Government of Canada, www.climatechange.gc.ca/default.asp?lang=En&n=24700154-1

United Nations Conference: International Pressure

http://www.climatechange.gc.ca/default.asp?lang=En&n=24700154-1

Part 2: Risks and Opportunities

22

Case Study – Frontiers North Adventures

Key Risks to Organizations

• Physical risks

• Risks related to business model

• Reputational risks

• Legal and regulatory risks

Canadian Securities Administrators (CSA) Staff Notice 51-333, www.osc.gov.on.ca/documents/en/Securities-Category5/csa_20101027_51-333_environmental-reporting.pdf

http://www.osc.gov.on.ca/documents/en/Securities-Category5/csa_20101027_51-333_environmental-reporting.pdf

Physical Risks

- Physical risks (e.g. increased extreme

weather) may impact property, employee

health and operations (including those of

customers and suppliers)

- Agricultural yields are affected by drought

or unseasonable storms

- Climate change can threaten business

operations, e.g. through unavailable

resources, increased or unpredictable

costs and business closures

- The viability of an annual outdoor cultural

festival is threatened by unpredictable

changes to seasonal weather patterns

Risks Related to the Business Model

- How environmental matters are addressed

can affect core intangible assets such as

brand value, consumer confidence,

employee loyalty, ability to attract financial

capital and regulatory approval of projects

- When customers lose power after an

extreme weather event, perceived lack of

preparedness by a utility can threaten its

reputation

Reputational Risks

• There are potential regulatory risks associated with

climate change within:

• Statutory law

• Common law/ Private law (i.e. focus on tort:

negligence and nuisance)

• Fiduciary and other duties of directors and officers

• A mining company identifies risk around regulation

(e.g. by increasing the design standard for storm

water management on retention ponds)

NBS, http://nbs.net/wp-content/uploads/Adaptation-to-Climate-Change-Primer.pdf

Legal and Regulatory Risks

http://nbs.net/wp-content/uploads/Adaptation-to-Climate-Change-Primer.pdf

Key Opportunities for Organizations

- New product opportunities / revenue

streams

- Cost savings / efficiencies (e.g. via

innovation)

• As climate conditions change,

organizations may be able to engage in

new activities and meet new needs

• In the medium term, a longer growing

season will allow higher value, warmer

weather crops to be grown further north

New Product Opportunities/Revenue Streams

Warren and Lemmen, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf

http://www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf

• Actions taken to adapt to climate change

can benefit an organization more broadly,

e.g. by improving processes and

infrastructure

• Water scarcity, in part related to climate

change, drives the creation of less water-

intensive technologies and processes, e.g.

by Coca Cola

NRTEE, http://collectionscanada.gc.ca/webarchives2/20130322185440/http://nrtee-trnee.ca/coca-cola-canada-case-study

Cost Savings/Efficiencies

http://collectionscanada.gc.ca/webarchives2/20130322185440/http:/nrtee-trnee.ca/coca-cola-canada-case-study

31

Case Study – MEC

Part 3: Framework for Action

33

I’m not a scientist nor am I an expert on Climate

Change. How could I possibly make a difference?

Why CPAs?

“Accountants really understand numeracy and numerical

analysis. We also know we excel at big picture thinking;

that is, seeing an issue from many angles and coming at

it from diverse directions, as well as understanding

business issues from the top line to the bottom line.”

--George Hardy, CPA, CA, vice president, Personal Lines and Underwriting,

The Co-operators

CPA Canada, https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/the-cooperators-adapting-to-climate-change

https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/the-cooperators-adapting-to-climate-change

Why CPAs? (Cont’d)

“Controllers and CFOs have an expansive view of an organization’s

operations. They add value by embedding their understanding of the

organization’s strategy, risk profile and operational imperatives into

their decision making.

“In other words, they’re not just focused on numbers. They have a

key role to play in determining an organization’s risk to a changing

climate and evaluating the cost-benefit of different strategic options

for climate change adaptation.

“Audit partners also need to consider the risks of climate change

adaptation, and consider whether organizations are meeting

disclosure guidance under financial reporting standards.”

--Cathy Cobey, CPA, CA, partner, Advisory Services, EY

CPA Canada, https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/climate-change-adaptation-and-accountants-roles

https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/climate-change-adaptation-and-accountants-roles

35

CPA Competency Map

Financial

Reporting

Strategy and

Governance

Audit and

Assurance

Management

AccountingFinance Taxation

Professional

and Ethical

Behaviour

Problem Solving

and

Decision Making

Communication Self-ManagementTeamwork and

Leadership

Enabling Competency Areas

Technical Competency Areas

35

36

Framework for Action

5 Stages of Climate Change Adaptation

- Motivate action

- Plan action

- Implement action

- Assess performance

- Respond to market and stakeholders

Each stage has multiple roles for CPAs at all levels

Stage 1: Motivate Action

An organization assesses the importance of

adaptation, by identifying how climate change

could affect it

39

A role for CPAs

Support identification of risks and

opportunities of future climate change

impacts

Example: Frontiers North Adventures

The finance team, led by a CPA, used

scenario planning to understand how

possible changes in the polar bear population

would affect their offerings

Motivate Action

Stage 2: Plan Action

An organization decides how to adapt,

determining which actions are most

appropriate

Plan Action

A role for CPAs

Estimate the cost and benefits of alternative

solutions

Example: City of Montréal

CPAs perform cost-benefit analysis on a host of

adaptation efforts, such as installing pipes that

withstand greater water flows

Stage 3: Implement Action

Here the organization puts adaptation efforts

into practice, often drawing on teams of

specialists

Implement Action

A role for CPAs

Support creation of new products and

services

Example: The Co-operators

A CPA was a key participant in development

of a new flood insurance product:

“Comprehensive Water”

Stage 4: Assess Performance

The organization determines the

effectiveness of adaptation efforts

Assess Performance

A role for CPAs

Develop indicators and targets

Example: Horizon Utilities Corporation

Horizon is monitoring and collecting data

in order to develop adaptation Key

Performance Indicators (KPIs); CPAs are

core to the data control and analysis

Stage 5 – Respond to Market and Stakeholders

Organizations must determine what the

market and other stakeholders need to

know and provide that information

Respond to Market and Stakeholders

A role for CPAs

Meet regulatory disclosure requirements (if listed public

company)

Example: CP Rail

CP Rail includes climate change risk as material in its 2014

MD&As. They detail physical risks and identify their

response.

“Potential physical risks associated with climate change

include damage to railway infrastructure due to extreme

weather effects…The Company maintains flood plans,

winter operating plans…and geotechnical monitoring of

slope stability.”

Respond to Market and Stakeholders

A role for CPAs

Contribute to voluntary sustainability reports and

climate change disclosures

Example: Centerra Gold

Centerra reports on “Financial impacts of climate

change” in its 2013 Corporate Responsibility Report.

“These risks are particularly tangible [for a mine in]

the Kyrgyz Republic.” Glaciers near the mine are

melting. Centerra must remove meltwater and

reinforce dams.

These roles cut across all five stages

Roles for CPAs in Leadership Positions


A role for CPAs

Establish accountability structures

Example: TransLink

The finance department has responsibility for

sustainability. The CFO is responsible for seeing

that climate change risks are part of TransLink’s

capital review process


A role for CPAs

Integrate climate change considerations into

organizational strategy

Example: The City of Montreal

Montreal included climate change adaptation in

its Sustainable Development Plan (development

of which was led by a CPA)

Part 4: CPA Canada Adaptation Resources

Overview of Case StudiesCase Study Sector Adaptation Issues Highlighted

Frontiers North

Adventures

Tourism • Infrastructure investment planning

• Delivery planning

• Supply chain planning

• Forecasting

TransLink Transportation • Risk management

• Capital planning / resource allocation

• Reporting

Mountain

Equipment Co-op

Retail • Demand and sales forecasting

• Supply chain planning

• Inventory management

The Co-operators Insurance • Business modelling

• New product development / pricing

• Stakeholder engagement

Horizon Utilities Electric Utility • Vulnerability assessment

• Infrastructure investment planning

• Outage management planning

City of Montreal Municipality • Vulnerability assessment

• Adaptation planning

• Accounting for investments in green infrastructure

54

Project Outputs – Guidance for CPAs• Case studies and videos

Frontiers North Adventures

Mountain Equipment Co-op

TransLink

The Co-operators

Horizon Utilities

City of Montreal

• Briefs Brief #1: A primer on climate change

mitigation and adaptation

Brief #2: How organizations can adapt to

climate change

Brief #3: How Chartered Professional

Accountants can help organizations

adapt to climate change

• Professional DevelopmentResources available at:

www.cpacanada.ca/

climatechange

http://www.cpacanada.ca/climatechange

55

Call to Action

Contact Information

Gordon Beal, CPA,CA, M.Ed

VP - Research, Guidance and Support

CPA Canada

Phone: 416-204-3432

Email: [email protected]

www.cpacanada.ca/climatechange

ECONOMICS I RESEARCH

The Economic Outlook for Canada and Ontario

January 20, 2018

Paul Ferley (Assistant Chief Economist) (416) 974-7231 [email protected]

Presentation to The Institute of Chartered Accountants of India – Toronto Chapter

mailto:[email protected]

ECONOMICS I RESEARCH 2

Our forecast assumes that oil prices will resume a slight upward trend through the forecast

20

40

60

80

100

120

140

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

$US/bbl

West Texas Intermediate (WTI)

Source: Energy Information Administration/Wall Street Journal, RBC Economics Research

Forecast

Annual Levels

WTI 2018f$54

2015$49

2016$43

2017$51

2019f$56


Higher oil prices are a marginal negative factor for global growth though it is expected to be more than offset by strengthening U.S. growth this year and generally accommodative monetary policy by most central banks

Global GDP Output Summary As of 2018/01/10

2014 2015 2016 2017 2018 2019

2.1 2.3 1.7 2.1 2.1 1.9

U.S. 2.6 2.9 1.5 2.2 2.6 2.2

Canada 2.9 1.0 1.4 2.9 1.9 1.6

Japan* 0.3 1.4 0.9 1.5 0.7 0.8

UK 3.1 2.3 1.9 1.8 1.4 1.4

euro area 1.4 2.0 1.8 2.3 2.2 1.9

Germany* 1.9 1.5 1.9 2.1 1.8 1.5

France* 0.9 1.1 1.2 1.6 1.8 1.9

Italy* 0.1 0.8 0.9 1.5 1.1 0.9

Spain* 1.4 3.2 3.2 3.1 2.5 2.0

Other Advanced Economies* 2.9 2.2 2.4 2.6 2.5 2.5

4.6 4.3 4.3 4.6 4.9 5.0

China 7.3 6.9 6.7 6.8 6.5 6.3

World GDP Growth 3.4 3.4 3.2 3.6 3.7 3.7

*Based on the most recent IMF World Economic Outlook Forecast

Sources: RBC Economics Research, IMF World Economic Outlook

Advanced Economies

Emerging and Developing Economies


Accommodative monetary policy and stimulative fiscal policy are expected to return U.S. growth to an

above-average pace despite rising oil prices

U.S. Economic Outlook:


After a disappointing Q1 2017 growth rate activity bounced back in Q2 and growth remained strong in Q3 despite a number of hurricane-related disruptions

-10

-8

-6

-4

-2

0

2

4

6

8

10

97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17

Quarter-over-quarter annualized % change

Year-over-year % change

Source: Bureau of Economics Analysis, RBC Economics Research

U.S real GDP growthQuarter-over-quarter annualized % change

Forecasted Values:

Annual Growth Rates

2016

1.5Real GDP

2013

1.7

2014

2.6

2015

2.9


The impact from the hurricanes weighed on September payrolls though hiring recovered strongly through the remainder of 2017, with the average over the three months continuing a pattern of solid gains

-100

-50

0

50

100

150

200

250

300

350

400

2010 2011 2012 2013 2014 2015 2016 2017

Source: Bureau of Labor Statistics, RBC Economics Research

U.S. payroll employment growthChange from previous month (Thous.)

'Steady State?'


In addition to solid job gains, GDP growth will also be supported by stimulative Fed monetary policy along with the prospect of, subsequently realized the end of 2017, a boost from fiscal policy

-10

-8

-6

-4

-2

0

2

4

6

8

10

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Source: Bureau of Economic Analysis, RBC Economics Research

U.S. real GDP Quarter-over-quarter annualized % change

Annual Growth Rates

2017f

2.2Real GDP

2018f

2.62019f

2.2

Forecast:

2016

1.5


The persistence of above-average growth will put further modest downward pressure on the unemployment rate at a time when it is already at historically low levels

2

3

4

5

6

7

8

9

10

11

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Source: Bureau of Labor Statistics, RBC Economics Research

Forecast

%

Unemployment rate: U.S.


Strengthening growth and tightening labour markets has contributed, and is expected to continue to contribute, to the Fed tightening monetary policy

1

2

3

4

5

6

7

2000 2002 2004 2006 2008 2010 2012 2014 2016 2018

Source: Federal Reserve Board, RBC Economics Research

Forecast

%

Fed Funds Rate


Sustained tightening by the Fed will put continued upward pressure on 10-year bond yields

1.0

1.5

2.0

2.5

3.0

3.5

4.0

4.5

5.0

5.5

6.0

2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

%

10 year bond yield: U.S.

Source: Reuters, RBC Economics Research

Forecast


Canadian Economic Outlook:

Higher oil prices and strengthening U.S. growth will provide a lift to the Canadian

economy though increased U.S. trade protectionism presents a downside risk to

growth


Growth was restrained in both 2015 and 2016 by weak oil prices though that restraint has started to reverse through 2017. In fact growth over the past year has in our view pushed the economy to its capacity limit.

-10

-8

-6

-4

-2

2

4

6

8

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

Quarter-over-quarter, annualized

rateYear-over-year

Source: Statistics Canada, RBC Economics Research

Canada's real GDP % change


Annual Growth Rates

Real GDP2013

2.5

2014

2.62016

1.4

2015

1.0

Forecast:


The drop in oil prices had weighed on GDP growth through declining investment though the projected recovery in these prices is expected to return business investment to sustained positive growth over the forecast

-30

-25

-20

-15

-10

-5

5

10

15

20

25

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Non-residential investment in Canada

Forecast

Annual Growth Rates

Non-residential



GDP (YoY)

2017f

1.6

2016

-9.4

2019f

2.12018f

3.6


Growth in business investment is expected to reflect modest gains both within and outside of the oil and gas sector both this year and next

-4.0

-3.5

-3.0

-2.5

-2.0

-1.5

-1.0

-0.5

0.0

0.5

1.0

1.5

2009 2010 2011 2012 2013 2014 2015 2016 2017 2018

Ex o&g investment

Oil & gas investment

Total business capital

spending

Percentage point contribution to annual GDP growth

Canada Business Investment by Industry

Projection



Export growth has been gradually trending higher though around a very volatile quarterly pattern

100

104

108

112

116

120

124

128

2011 2012 2013 2014 2015 2016 2017

Exports Imports

Billion constant 2007 $

Real merchandise trade: Canada

* Q4 2017 is an estimateSource: Statistics Canada, RBC Economics Research


The growth in Canadian exports will continue to be restrained by a general slowing in global trade

16

10

15

20

25

30

35

1980

1982

1984

1986

1988

1990

1992

1994

1996

1998

2000

2002

2004

2006

2008

2010

2012

2014

2016

Global exports as

percent of global…

%

World Exports Share of World GDP

Source: OECD, IMF, RBC Economics Research


Export growth is expected to benefit from a still weak Canadian dollar and strengthening U.S. growth though with trade protectionism presenting a clear downside risk

-20

-15

-10

-5

5

10

15

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019


Canadian Exports and GDP


GDP (YoY)

Forecast

Annual Growth Rates

2018f

1.72017f

0.9

2016

1.0

2019f

2.5Exports


In terms of household spending, still accommodative monetary policy is supporting interest rate-sensitive sectors of the economy though poor affordability and tightening mortgage lending regulations have recently started to weigh on housing

200

250

300

350

400

450

500

550

600

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

Thousands of Units, saar

Canada: Housing Resales

Source: CREA, RBC Economics Research

1.3

1.4

1.5

1.6

1.7

1.8

1.9

2.0

2.1

2.2

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

(Millions)

Auto sales in Canada



This spending has resulted in both household debt levels and debt servicing costs (including principal repayments) high

70

90

110

130

150

170

190

1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 2016

Statistics Canada's published figure Comparable figure to U.S. United States

Credit market debt as a % of personal disposable income

Household debt-to-income ratio


2

4

6

8

10

12

14

16

1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 2016

Principal

Interest

Debt service payments on mortgage and non-mortgage debt as % of PDI, seasonally adjusted

Debt service ratio - Canada



We are assuming that these balance sheet constraints in the face of rising interest rates will lower consumer spending growth through the forecast from unsustainably strong gains over the first three quarters of 2017

-6

-4

-2

2

4

6

8

10

2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Quarter-over-quarter % change, annualized

Consumer expenditures in Canada


Annual Growth Rates

2018f2017f 2019f2016ConsumerSpending

GDP(YoY)

Forecast

2.1 1.42.4 3.7


Low interest rates have been keeping housing activity stronger than expected though a tightening by both the Canadian and U.S. central banks along with recent mortgage lending rule changes are expected to slow new residential construction over the forecast

196198

220

195 185

0

50

100

150

200

250

90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19

Source: Canada Mortgage and Housing Corporation, RBC Economics Research

Thousands of units

Housing starts: Canada

Forecast:


The strength in the housing market measures has been particularly apparent in Toronto and Vancouver with a marked deterioration in housing affordability. Recent housing policy changes have only contributed to a temporary correction in the Vancouver market.

22

20

40

60

80

100

1985 1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007 2009 2011 2013 2015 2017

Ownership costs as % of median household income

RBC Housing Affordability Measure - aggregate

Vancouver

Toronto

Canada

Source:Brookfield RPS, Royal LePage, Statistics Canada, Bank of Canada, RBC Economics Research


Residential investment is expected to trend lower through the forecast as rising lending costs, a tightening in lending standards and poor affordability weigh on activity

-30

-20

-10

10

20

30

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

Residential investment in Canada

Forecast

Annual Growth Rates

2018f

-1.9

2017f

2.9

2016

3.3Residential

2019f

-2.1


Quarter-over-quarter % change, annualized rate

GDP (QoQ)


Expansionary fiscal policy federally is expected to result in modestly rising government spending through the forecast

-6

-4

-2

2

4

6

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019


Government Spending and GDP

Forecast


Annual Growth Rates

Government Spending

2018f

2.5

2017f

1.8

2016

2.2

2019f

2.2 GDP (YoY)


Strong growth in 2017 pushed the Canadian economy close to capacity limiting growth this year and next

-10

-8

-6

-4

-2

0

2

4

6

8

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019


Canada's real GDP growth

Quarter-over-quarter % change, annualized rate

Forecast:

Annual Growth Rates

2016

1.42018f

1.9

2017f

2.9Real GDP2019f

1.6


Economic growth is expected to keep the unemployment rate low through the forecast

5.5

6.0

6.5

7.0

7.5

8.0

8.5

9.0

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

CanadaUnemployment rate: Canada


%

Annual Rates

2018f

5.92019f

5.9

2017

6.4

2016

7.0Unemployment rate

Forecast


Well- anchored inflationary expectations are expected to keep inflation close to the 2% target

-4.0

-3.0

-2.0

-1.0

0.0

1.0

2.0

3.0

4.0

5.0

93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19

Annual Rate

2018f

2.02.1

2016

1.91.4

Core*

2019f

2.02.0

% change, year-over-year

CPI inflation: Canada

Forecast

2017f

1.61.6

Headline

Inflation Target 2%

*CPI excluding Food and EnergySource: Statistics Canada, RBC Economics Research


Recent strong growth is expected to prompt the Bank of Canada to continue tightening following the hike earlier this month with another 100 basis points of tightening expected by 2019 Q1

0

1

2

3

4

5

02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19

Source: Bank of Canada, RBC Economics Research

Bank of Canada overnight rate%

Forecast


Further tightening by both the Bank of Canada and the Fed will continue to put sustained upward pressure on bond yields

0.0

1.0

2.0

3.0

4.0

5.0

6.0

2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

%

10 year bond yield: Canada

Source: Bank of Canada, RBC Economics Research

Forecast


The Canadian dollar received a boost from the recent Bank of Canada tightening though this is expected to be tempered by our expectation that the Fed will continue to hike through 2018 and 2019

0.6

0.7

0.8

0.9

1.0

1.1

95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19

Forecast

Source: Bank of Canada, RBC Economics Research Forecasts

Parity

Canadian dollar forecastUS$/C$

End of period

2019f

0.792018f

0.81US$/C$

2016

0.74

2017

0.80


Ontario Economic Outlook:

Rising oil prices imply higher energy costs for the Ontario economy though it should be

more than offset by a strengthening U.S. economy…assuming no major trade

restrictions emerge.


Rising oil prices are expected to support growth in Alberta and Saskatchewan with Ontario benefitting more from a strengthening U.S. economy

2.7

2.3

2.2

2.1

2.1

2.0

1.9

1.8

1.5

0.7

0.6

2.1

4.1

3.2

2.9

-1.4

2.6

2.9

2.8

2.2

1.7

0.8

-2 -1 1 2 3 4 5

SASK.

ALTA.

B.C.

ONT.

N.& L.

MAN.

CANADA

QUE.

P.E.I

N.B.

N.S.

2018f 2017f

Sources: Statistics Canada, RBC Economics Research

Provincial real GDP growthAnnual % change, ranked by 2018 growth


Ontario is expected to grow at a solid pace that is generally in line with the national average benefiting from a strengthening U.S. economy. However, the emergence of trade protection does present a downside risk to both the Canadian and Ontario outlook

-4

-2

2

4

6

8

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

% change, year-over-year

Real GDP: Ontario and Canada


Forecast

Annual Growth Rates

2018f

2.11.9

2017f2.92.9

2016

2.61.4

Ontario

Canada

2019f

1.81.6


This growth outlook is expected to result in Ontario’s unemployment rate staying below the national average this year and next after remaining above through most of the current business cycle

3

4

5

6

7

8

9

10

11

12

00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19


Canada

Ontario

%

Unemployment rate: Ontario and Canada

Forecast

Annual Rate

2017 2019f6.4 5.9

6.0 5.8Ontario

Canada

2018f

5.9

5.7

2016

7.0

6.5


Solid growth has kept housing starts in Ontario strong in 2017 though Bank of Canada tightening, rising longer-term interest rates and recent mortgage-lending rule changes will likely weigh on 2018 housing starts

70

7579

69 70

0

10

20

30

40

50

60

70

80

90

90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19

Source: Canada Mortgage and Housing Corporation, RBC Economics Research

SAAR, Thousands of units

Housing starts: Ontario

Forecasted Values:


These factors are also expected to send home resales in Ontario lower through the forecast…

9.5 9.5

-7.9

-4.0

-1.3

0

50

100

150

200

250

300

-20

-15

-10

-5

5

10

15

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

% Unit sales actual (LHS) Unit sales actual (RHS)


Home resales: OntarioLevel, Thousands

Forecast

Source: CREA, RBC Economics Research


…and are projected to limit the rise in housing prices this year after indications last year of another double digit increase

5.2

7.2

13.1

18.5

1.00.1

0

100

200

300

400

500

600

700

2

4

6

8

10

12

14

16

18

20

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019

% Average price (LHS) Average price (RHS)


Housing prices: Ontario

Level, Thousands of dollars

Forecast

Source: Royal LePage, Statistics Canada, RBC Economics Research


An easing in the housing market will help reverse the steady deterioration in affordability in Ontario in recent years

20

30

40

50

60

70

1985 1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007 2009 2011 2013 2015 2017

Single-detached

Condo

Ownership costs as % of household income

RBC Housing Affordability Measure- Ontario

Source: Statistics Canada, CMHC, Royal LePage, RBC Economics Research

Aggregate


Please visit our website:

www.rbc.com/economics

http://www.rbc.com/economics


Disclaimer

The material contained in this report is the property of Royal Bank of Canada and may not be reproduced in any way, in whole or in part, without express authorization of the copyright holder in

writing. The statements and statistics contained herein have been prepared by RBC Economics Research based on information from sources considered to be reliable. We make no

representation or warranty, express or implied, as to its accuracy or completeness. This publication is for the information of investors and business persons and does not constitute an offer to

sell or a solicitation to buy securities.

®Registered trademark of Royal Bank of Canada.©Royal Bank of Canada.

January 2018

ICAI - Toronto Chapter Professional Development Workshop

January 20, 20181

Blockchain, Cryptocurrency & ICOs

ICAI Workshop

With you today...

2

Behram FarooghBLOCKCHAIN &

TECHNICAL ACCOUNTING

Behram is a Risk Assurance Services Partner and the national practice leader of Emerging Technology Assurance group in PwC Canada. A Chartered Accountant by profession, with over 25 years of experience that spans from the shop floor to the Board room, Behram has conducted assignments that consider the interplay, optimization and oversight of strategy, people, systems and processes. He is a subject matter specialist on a number of emerging technologies, including Blockchain, Cryptocurrency & ICOs.

Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC

Matt HinkleyCRYPTOCURRENCY

& ICOs

Matt analyses all emerging technologies that could affect Canadian Businesses and works within a team that helps identify, consult and adapt to these technologies with the best possible outcome. Matt's main focus and passion is around the introduction of the new cryptocurrency framework being built, and how this looks to change all aspects of a business life-cycle from capital fund raising to financial reporting.

01Opening RemarksWhy is this important for you?

Broadindustry impact...

… has created largedemand for services ...

… that can translate to significant opportunities

3Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC

ICAI Workshop 4

Our PerspectiveThe internet revolutionized the way weexchange information

Blockchain is revolutionizing the way weexchange value

It’s time for another revolution


02Understanding the FundamentalsWhat is blockchain? How does it work?

Blockchain Technology

Cryptocurrencies & Digital Assets

Initial Coin Offerings


ICAI Workshop

What is blockchain?

Blockchain is a distributed shared ledger that enables transacting amongst untrusted participants, without the need

for a trusted intermediary“

”


ICAI Workshop

Key attributes of a blockchain

7

Peer to Peer In a peer to peer network users are connected to each other without a central point of authority or control

Distributed ledgerEvery participant in the network has simultaneous access to a

view of the ledger

CryptographyIntegrity and security of the blockchain

ledger are enforced through cryptographic technology

ConsensusValidity of this ledger is achieved by participants

confirming changes with one another, replacing the need for a third party to authorize transactions

Smart contractsThe ability to run additional business logic means that

agreement on the expected behaviour, such as financial instruments, can be embedded within the blockchain and

run autonomously

Blockchain is a distributed ledger of transactions in a business network. Using blockchain technology, participants in the network can confirm transactions without the need for a trusted intermediary.


ICAI Workshop

How blockchain technology evolved?

The first use case of blockchain was a cryptocurrency known as Bitcoin. As blockchain technology continues to develop, we continue to find new use cases for it.

8

Using cryptocurrencies in cash-related applications

e.g. currency transfer, remittance, digital payment systems

Blockchain 1.0 Currency

Deploying blockchains in economic, market and

financial applications e.g. bonds, stocks, loans

mortgages, titles, smart property

Blockchain 2.0 Contracts

Employing blockchains in broader industry

applications e.g. supply chain, transportation,

health, cloud storage, etc.

Blockchain 3.0 Applications $4.7bn

invested in bitcoin &

blockchain startups

since 2017


ICAI Workshop

Applications of blockchain technology

Asset Records

Verifiable records of property ownership allow individuals security in knowing their

investments will be safe. But in some areas, breakdown in these systems allow central parties to commandeer personal assets.

Blockchains provide an engine for collecting and maintaining these verifiable records out

of the hands of unreliable organizations.

Digital Currencies

Blockchain allows groups of people to maintain a list of accounts between them.

These accounts can represent currency entirely contained as digital assets.

Decentralized currency crosses borders and eliminates intermediaries.

9

Many different uses for blockchains have been theorized. Here are a few examples which suggest the different categories in which blockchains are intended to be used.

EfficientProcesses

Agreements between parties which take place commonly still require drafting and enforcement by human intermediaries.

Agreements can be written into a shared ledger to control digital assets on the

blockchain and executed per agreed upon guidelines. These are commonly referred to

as “Smart Contracts”.


ICAI Workshop

What are smart contracts?

10

Smart contracts are computer programs that can automatically execute business logic when pre-programmed conditions are triggered.

The smart contract executes corresponding transactions, such as transfer of ownership.

Smart contracts are modular, repeatable, and autonomous scripts designed for use on blockchains.

Traditional Smart

❏ The distributed layout of a blockchain ecosystem means that multiple parties are processing and verifying any record or transaction that is placed on the ledger.

❏ Because the contract logic is run concurrently on all participating computers, parties need to develop consensus before executing any contract terms or activities.

Traditional Contracts Smart Contracts

Days Minutes

Manual remittance

Automatic remittance

Escrow necessary

Escrow may not be necessary

Expensive Fraction of the cost

Physical Presence

(ink signature)

Virtual Presence(digital signature)

Lawyers necessary

Lawyers may not be necessary

What are the benefits?


ICAI Workshop

How book-keeping evolved?


1. Barter System

2. Single-Entry

3. Double-Entry

4. Triple-Entry

Possible Future ...Today ...

03Cryptocurrencies and Digital AssetsWhat is this new digital ecosystem?



Initial Coin Offerings


ICAI Workshop

Abstract - “A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.” - Satoshi Nakamoto

13

The history of crypto

Dec 2008The white paper is released

Sept 2007Satoshi starts the Bitcoin project

July 2010Bitcoin exchange MtGox is established

Jan 2009Satoshi and Hal Finney, a developer and cryptographic activist complete first bitcoin transaction.

May 2010The first real world transaction is completed – 10,000 BTC for 1 pizza

July 2010In 5 days, Bitcoin value increase 10x due to popular demand

Nov 2010Market Cap hits $1m

June 2011Mt Gox Breached, 60,000 accounts hacked

2012Many Wallets and exchanges start to set up such as Coinbase

Mar 2013Market cap reaches $1bn

Jan 2014China bans bitcoin and slumps growth and price

2015 Market cap stays stagnant at around $3bn

2016Markets pick up and finish the year on $12bn MC

2017The rise of Altcoins and ICOs

2018to dateTurmoil


ICAI Workshop

Cryptocurrencies, a new way to transact

AltCoins

AltCoins are designed after bitcoin, such as Ethereum.

Transparency

All transactions with cryptocurrencies are

transparent.

Digital Identity

Identity on the blockchain is stored is encrypted.

14

Cryptocurrencies are digital assets which are stored and transacted in a decentralized manner. Cryptocurrencies were the first use-case for blockchain and allow transfer of value between a network of untrusted participants.

Decentralized

Stored and transacted in a decentralized manner.


ICAI Workshop

Metric Sept 2015 Sept 2016 Sept 2017 Oct 2017 Nov 2017 Dec 2017 Jan 2018

Number of Currencies 562 626 1128 1097 1239 1340 1385

Industry Market Cap $3.9bn $12.1bn $140bn $174bn $302bn $550bn $750bn

24 Hour volume $17m $55m $4bn $7bn $13bn $30bn $50bn

BTC dominance 85% 70% 48% 50% 53% 63% 35%

Number of ICOs (YTD) - 46 140 190 228 235 n/a

Amount Raised through ICO (YTD) $ - $96m $2.2bn $3bn $3.6bn $3.7bn n/a

The cryptocurrency market today

15

Currency Platform Application


ICAI WorkshopBlockchain, Cryptocurrency & ICOs - Workshop conducted by PwC

Current market prices; top dozen as of Jan 16th, 2018

16

Currency

Platform

Application

16

ICAI Workshop

Accounting classification of cryptocurrencies

17

Classification Explanation

Cash and Cash equivalents

At present, cryptocurrencies are not issued or backed by any government or state. They are not readily convertible to a known amount of cash and are volatile; hence there is a significant risk of changes in value. Today, they are not considered legal tender by governments and do not have widespread acceptance. This holds true unless it is a cyprtocurrency issued by a state or government, that some are contemplating.

✗

Financial instruments Holding a unit of a cryptocurrency does not give the holder a contractual right or obligation to receive cash or another financial asset.

✗

PPE or Investment Property

Cryptocurrency has no physical form, are not tangible, and are not held for use in the production or supply of goods or services.

✗

Inventory Inventories do not need to be in a physical form, but do need to be held for sale in the ordinary course of business. However, cryptocurrencies may not be traded frequently enough such that trading activity would be an entity’s ‘ordinary course of business’. Cryptocurrencies would fail the definition of inventory unless this test is met.

?

Intangible assets Cryptocurrencies appear to meet the definition of an intangible asset: identifiable as can be sold, exchanged or transferred individually; not cash and non-monetary asset; have no physical form.

✓


04Initial Coin Offering What is tokenization?



Initial Coin Offering


PwC Canada - OneChain

What is an ICO/ITO?

19

In many ways, an ICO/ITO can be very similar to an initial public offering (IPO). The coins/tokens can be similar to traditional shares of a company because their value may increase or decrease depending on how successfully the business executes its business plan using the capital raised. However, capital is usually raised before a project commences and the project is then built on the amount of capital raised, a lot like equity or reward based crowdfunding.

Is a token a security?The Canadian Securities Administrators recently released a four-prong test to determine whether or not a coin/token will be considered a security. They are: Does an ICO/ITO consist of ... a) an investment of money b) in a common enterprise c) with the expectation of profit d) to come significantly from the efforts of others

Source: The CSA Report

https://drive.google.com/open?id=0B4VSGTjI7nUZbHVaYWFOZWZaS00

20

Build a white paper

Create a token

Raise investment


ICAI Workshop

From Jan 2014 to Nov 2017


http://www.youtube.com/watch?v=ac1P3GXkFxc

07The Canadian Marketplace

Industry Impacts

Big Bets


ICAI Workshop

Global Blockchain Platform


ICAI Workshop 24

Payments


ICAI Workshop

Identity Management


ICAI Workshop 26

Utilities


ICAI Workshop

Food and Beverages


ICAI WorkshopBlockchain, Cryptocurrency & ICOs - Workshop conducted by PwC

ICO

28

PwC’s Digital Services

Thank You!Questions?

29

Danny Timmins - National Leader Cyber Security

Cyber Security and Vulnerability Impact for ICAI Toronto Chapter

Cyber Security MNP Technology Solutions

MNP Cyber Security Presentation

Cyber Security OverviewCyber Crime Tactics and Techniques

• Hacking (Penetration Testing)• Social Engineering (Malware/Crimeware)• Red Teaming

Considerations

• Canada’s 5th largest Accounting, Tax and Consulting firm

• 4500 team members• 80 offices coast to coast• 54 Cyber Security

professionals nationally

Lessons from the Field

➢99% of vulnerabilities exploited will continue to be the ones known by security/IT professionals.

➢The single most impactful enterprise activity to improve security will be patching.

➢The second most impactful enterprise activity to improve security will be removing web server vulnerabilities.

What’s the problem?

➢Internet of Things will grow to an installed base of 20.4 billion.

➢A third of successful attacks experienced will be on their shadow IT resources.

➢Companies are using more than 15 times more cloud services to store critical company data than CIOs were aware of.

➢Nearly eight in ten (77%) of decision makers admit to using a third-party cloud application without approval.

What’s the problem?

Canada’s new privacy laws will require breach notice and affect private sector operations in Canada. (Digital Privacy Act)… do you know how safe your client data is?

What’s Happening…

Damages have started to increase in Canada – Class Action Suits are here – ie: Casino Rama is an example 30+ Million

Cyber Insurance… how much do you need… is it focused on the correct areas?

Payment Card Industry (PCI) already has compliancy. IE: Best Western Motels - have been targeted-very limited security

What’s Happening in the Industry?

Mandatory cyber audits coming for publicly traded companies in Canada… US is pushing hard for this….

In the US coming here soon ie: “A bill introduced by Senate Democrats in 2018 would establish new cybersecurity regulations”

Equifax 140M plus - 100+ thousand in Canada… patch management said to be the issue… mishandled from the start of the breach… directing clients to a phishing site

What’s Happening in the Industry?

• Nation States• Organized Hackers• Non-Organized Hacker• Employee: Technical• Employee: Business• Malicious Former Employee

**89% of breaches had financial or espionage motive

Who are Behind Cyber Attacks?

• Brand and reputation• Unable to fulfill service commitments• Strategic plans, engineering drawings, RFPs, proposals, etc.• Supply Chain/Vendor Management• New Automation deployments - IoT (Internet of Things)

– Life Safety Systems – automated systems, elevators, exhaust• Privacy - Personal Identification Information (PII)• Regulator Compliance• Intellectual Property (IP)• Payment Systems (Ecommerce or Point of Sale)

Some Risks to Consider

In Canada virtually nobody discloses but breaches are

happening ever week – what happens once you have too?

Who’s Making the Decisions?

14

Let’s take a closer look!

The EXPLOIT of a technical vulnerability- Human error (still a vulnerability)- Can involve chaining together a series of weaknesses- Performed without owner permission

What is Hacking?

What is Penetration Testing?

- Similar to hacking except owner gives permission- Attempt to gain access to sensitive information or

resources- Steps can include:

- Information gathering- Vulnerability enumeration- Vulnerability exploitation / Privilege Escalation - Exploration / Lateral Movements

- Performed against defined scope- Measures Network(s) and Application(s) resiliency - Overall goal to improve security posture

Almost ALWAYS Starts with a Vulnerability

Example 1: Penetration Test

What Can You Do with a Hash?

“Hashinator”

26 lower case letters (a-z)26 upper case letters (A-Z)10 digits (0-9)8 Characters

26+26+10 = 62

62 ^ 8 = 218,340,105,584,896

…or < 2 days

Example 2: Programming Error

What is Social Engineering?

- An act that influences a person to take an action - Used by attackers as it consistently works- There is no patch for untrained users- Performed against defined scope- Three types of Social Engineering:

- Phishing- Vishing- Impersonation

- Measures how well People identify SE attacks

Example Phishing

Use the Hover TechniqueNever click on URL’s sent in emails…if you must, make sure you “hover” over the URL to see the REAL destination

Hello, my name is XXXXX. Resume

attached. I look forward to seeing you.

Sincerely yours, XXXXX

29

Executive Wire Fraud

- Social Engineering w/o Malware

30

Social Engineering Attackers Deploy Fake Social Media Profiles

Tip #3 – Google Images

- Use Google Images to verify and validate pictures

• Contains aspects of Penetration Testing and Social Engineering• Performed with the permission of the owner• Typically full-scope, multi-layered attack simulation

– Penetration Testing– Social Engineering– Physical Security Controls

• Designed to measure resiliency of People, Network(s), and Application(s) during a real-life attack

• Attacks are performed simultaneously • Overall goal to identify gaps and improve Incident Response

What is Red Teaming?

“Security Fatigue”

“…a majority of users experienced security fatigue that often leads users to risky

computing behavior at work and in their personal lives”

• How do people get hacked?• Wouldn’t it be great if we could do something

live at an event?• How can we build awareness?

Technical Walk Through

You folks

Who put these here?• Printing Facts.

– Average cost of a wasted page $0.06

– We spent approximately $0.60

Paper Facts Printing Factscua6.urban.csuohio.edu/~sanda/syl/envpol/materials/GREEN%20FACTS.pdf

http://cua6.urban.csuohio.edu/~sanda/syl/envpol/materials/GREEN FACTS.pdf

Splash Screen

Terms & Conditions

Seriously who gets hacked?

• All the people sitting beside you

Sony Passwords (Most common)• seinfeld• password• winer• 123456• purple• sweeps• contest• princess• george• summer• taylor• abc123n

• maggie• 9452• peanut• shadow• ginger• michael• buster• sunshine• tigger• cookie• bosco• ashley• bailey

Statistics

• 32 unique logins• Approx. 32% of individuals submitted

credentials

• 40% 8 characters or less

• 30% contained a non-alphanumeric character

• IICA Toronto • Sony Breach• 1 million passwords recovered

• 50% 8 characters or less

• <1% contained a non-alphanumeric character

Great Job!!

Two Step Verification

Take Away

• It can happen to you and maybe it did today

• Be careful when using public WiFi• Never give credentials (like google) when logging into WIFI• Turn on 2-step authentication• Use a strong password with at least one non-alphanumeric

character

• Re-engage and Prioritize Security

Considerations

Top 10 Considerations

Have you and your executives quantified business risk? What is the impact to those assets if breached? How to

better prioritize budget & resources?

Have you developed and implemented the appropriate cyber security infrastructure. Have you considered threat detection (AI) to help protect your organization. Do you

have IoT devices how are they being managed?

Have you understood your potential exposure by engaging cyber security consultants “ethical hackers” to hack your organization? (Networks, Applications, Mobile)


Can you demonstrate a solid Cyber Incidence Response plan which enables you to respond to a breach? If yes,

have you tested it by doing a table top exercise?

Have you ever considered a Cyber Security Advisor (Virtual Chief Information Security Officer-VCISO) to help set

standards and policies?

Do you have a clear understanding of your Supply Chain/Vendor/Third Party Management Strategy &

Contracts; beginning with the IT focused contracts?


Have you considered purchasing cyber security-specific insurance to protect against the

ramifications of any major breaches? Is it focused on the key business risks identified if breached?

Is your information reinforced by a business continuity plan including data backup & data recovery. Is the data stored offline & offsite?

Have you tried restoring it?


How sophisticated are your Cyber Security Educational Training, practices and procedures?

Are you making it personal?

Do you have a patching and shadow IT strategy? Two of the biggest problems that exist in Cyber

Security today. Can Threat Detection Help?

Personal Cyber Security Check List

✓Create strong PW – use a minimum of 8 characters(Capitals, numbers, special characters).

✓Use two factor or two step verification where ever able.

✓Keep you systems updated with latest software. ✓Run Anti-Virus, Anti-Malware. ✓Back Up your systems (local, cloud..)✓Have a Firewall

Personal Cyber Security Check List

✓Have your computer or mobile set to auto lock out. ✓Never click on something you don’t know. ✓Don’t add people to your profiles that you don’t know. ✓Sensitive browsing should only be done from a

trusted network. ie: banking✓Use Google Images to verify certain images✓Use VirusTotal (Google Service) to validate files

Cyber Security ServicesOffensive Security (Red Team)• Penetration Testing• Blended Threat Attack Exercises• Social Engineering• Vulnerability Assessments

Payment Card Industry (PCI) Compliance• Scope Discovery• Gap Analysis and Readiness Review• On Demand Consulting and Remediation• PCI Report on Compliance Validation (ROC)• PCI SAQ Review and Sign Off• External ASV Scanning• Annual Maintenance (Business as Usual)

Forensics• Data Retrieval from hard drives, servers, laptops, cell

phones, etc.• E-Discovery Service for Court Admissibility

Risk Management• Quantitative Threat and Risk Assessment (based on probabilities

and industry statistics• Qualitative Threat and Risk Assessment (based on matrix

approach)• Cloud Security Checklist• Privacy Impact Assessments• MTA (Maturity Threat Analysis)• Information Security Framework Development• Assessment and Review against ISO27k, NIST, CSF or CSC 20• Policy, Process, Procedure and Documentation Development

Defensive Security (Blue Team)• Enterprise Network Security• Network, Wireless and Security Architectural Design• Perimeter and Data Center Security• Data Loss Prevention and Data Encryption• Email / Web Content Filtering and Malware Protection• Secure Access and Authentication• End Point Security and Encryption• Wireless, BYOD and Network Access Control• Security Hardening Standards and Guidelines• Virtualization and Cloud Computing Standards and Guidance• Security Awareness Training

Managed Services• Cyber Security Administration• Perimeter Threat Prevention (firewall, IPS, anti-virus,

web application firewalls, etc.)• 2-Factor Authentication• Log Management

57

Questions?

Danny TimminsNational Leader Cyber Security

[email protected]

professional development workshop › pdf › january-20-2018-presentation-material.pdfprofessional...

Documents