professional development workshop › pdf › january-20-2018-presentation-material.pdfprofessional...
TRANSCRIPT
The Institute of Chartered
Accountants of India
Toronto Chapter
Professional Development Workshop: How CPAs Can Help Organizations Adapt to the
Impacts of Climate Change
January 20, 2018
Presented by
Gordon Beal, CPA, CA, M.Ed
Vice President - Research, Guidance & Support
CPA Canada
2
How CPAs Can Help OrganizationsAdapt to the Impacts of Climate Change
This PD session is the result of a 3-year
project:
1. Explore and engage: Round table discussions,
review of research and practice
2. Develop and test: Case studies, overview briefs,
and Viewpoints on specific competencies
3. Deliver and transform: Professional development
Resources available at:
www.cpacanada.ca/climatechange
Workshop Learning Objectives
1. Gain a basic understanding of climate change and
climate change adaptation (and how it differs from
climate change mitigation);
2. Understand risks and opportunities that climate
change poses to different organizations (general
types and specific examples); and
3. Understand how CPA competencies can be used to
help organizations plan for and manage climate
change-related risks and opportunities
Agenda
1. Facts about climate change
2. Risks and opportunities
3. Framework for action
4. CPA Canada adaptation resources
Part 1: Facts about Climate Change
The Greenhouse Effect— Illustrated
CO2 Cooperative Research Centre, www.reefnation.com/wp-content/uploads/2015/11/greenhouse-effect.jpg
Climate Change — Defined
Climate change refers to a long-term shift in
weather conditions. It is measured by changes
in a variety of climate indicators (e.g.
temperature, precipitation, wind) including both
changes in average and extreme conditions.
Climate change can be the result of natural
processes and/or human activity.
Environment and Climate Change Canada, http://www.climatechange.gc.ca/default.asp?lang=En&n=F2DB1FBE-1
Effects of Climate Change in Canada
Some Predicted Changes in Canada
• Increased occurrences of extreme weather events
• Rising sea levels
• More frequent and more intense hot days and nights
• More intense downpours
• Warmer temperatures
• Fewer days with snow cover
• Increased wildfires
• Increased drought
• Thawing permafrost and ice
Impacts will vary regionallyBush et al, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Chapter2-Overview_Eng.pdf
10
Canadian Temperature Trends – 1948-2012
Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1
11
Winter Warming Trend
Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/default.asp?lang=En&n=55965A8C-1
12
Key Messages from Environment and Climate Change Canada
• “Warming over the 20th century is indisputable
and largely due to human activities.
• Canada’s rate of warming is about twice the
global rate: a 2ºC increase globally means a 3ºC
to 4ºC increase for Canada.
• Effects will persist for centuries because
greenhouse gases (GHGs) are long-lived and the
oceans are warming.”
Environment and Climate Change Canada, www.ec.gc.ca/sc-cs/Default.asp?lang=En&n=A5F83C26-1
Predicted Impacts by Sector
• Infrastructure: Increased occurrence of extreme weather
events poses risks
• Agriculture / aquaculture: More pests and diseases;
transportation challenges
• Industrial/ economic activity: Changing and extreme
weather may affect production, operations and revenue
• Human health: Diseases shift range; possible increased
air pollution
• Natural resources: More complex management; issues
vary by resource
• Ecosystems / biodiversity: Species shift range
Warren et al, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf
Ways to Respond to Climate Change (1)
Mitigation
• Taking action to slow climate change by
reducing greenhouse gas emissions
• For organizations, this means taking
actions to reduce the greenhouse gas
emissions attributable to operations,
products and services
Adapted from Desjardins and Willis, www.transformgcc.com/resources/CICA_Briefings/Climate%20Change.pdf
Ways to Respond to Climate Change (2)
Adaptation
• Taking action to respond to the effects of
changes in climate
• For organizations, this means taking
actions to minimize and respond to the
effects of climate change on the
organization
Our workshop today will focus on…
ADAPTATIONAdapted from Desjardins and Willis, www.transformgcc.com/resources/CICA_Briefings/Climate%20Change.pdf
16
Responses to a Changing Climate
Economic Impacts to Canada
“Climate change costs for Canada could escalate from
roughly $5 billion per year in 2020…to between $21
billion and $43 billion per year by the 2050s”
.
National Round Table on the Environment and Economy,http://collectionscanada.gc.ca/webarchives2/20130322143132/http:/nrtee-trnee.ca/wp-content/uploads/2011/09/paying-the-price.pdf
Bank of England Governor Mark Carney said climate change can
affect financial stability in multiple ways, including through physical
risks, liability risks and transition (adjustment) risks.
“The challenges currently posed by climate change pale in
significance compared with what might come…
…Once climate change becomes a defining issue for financial
stability, it may already be too late.”
Financial Impacts
Bank of England, www.bankofengland.co.uk/publications/Pages/speeches/2015/844.aspx
19
World Economic Forum, www3.weforum.org/docs/Media/TheGlobalRisksReport2016.pdf
20
Each country
• has targets for mitigation (emissions reduction)
• is encouraged to develop a national adaptation plan
“The Paris Agreement establishes a global goal of
enhancing adaptive capacity, strengthening resilience and
reducing vulnerability to climate change”
Government of Canada, www.climatechange.gc.ca/default.asp?lang=En&n=24700154-1
United Nations Conference: International Pressure
Part 2: Risks and Opportunities
22
Case Study – Frontiers North Adventures
Key Risks to Organizations
• Physical risks
• Risks related to business model
• Reputational risks
• Legal and regulatory risks
Canadian Securities Administrators (CSA) Staff Notice 51-333, www.osc.gov.on.ca/documents/en/Securities-Category5/csa_20101027_51-333_environmental-reporting.pdf
Physical Risks
- Physical risks (e.g. increased extreme
weather) may impact property, employee
health and operations (including those of
customers and suppliers)
- Agricultural yields are affected by drought
or unseasonable storms
- Climate change can threaten business
operations, e.g. through unavailable
resources, increased or unpredictable
costs and business closures
- The viability of an annual outdoor cultural
festival is threatened by unpredictable
changes to seasonal weather patterns
Risks Related to the Business Model
- How environmental matters are addressed
can affect core intangible assets such as
brand value, consumer confidence,
employee loyalty, ability to attract financial
capital and regulatory approval of projects
- When customers lose power after an
extreme weather event, perceived lack of
preparedness by a utility can threaten its
reputation
Reputational Risks
• There are potential regulatory risks associated with
climate change within:
• Statutory law
• Common law/ Private law (i.e. focus on tort:
negligence and nuisance)
• Fiduciary and other duties of directors and officers
• A mining company identifies risk around regulation
(e.g. by increasing the design standard for storm
water management on retention ponds)
NBS, http://nbs.net/wp-content/uploads/Adaptation-to-Climate-Change-Primer.pdf
Legal and Regulatory Risks
Key Opportunities for Organizations
- New product opportunities / revenue
streams
- Cost savings / efficiencies (e.g. via
innovation)
• As climate conditions change,
organizations may be able to engage in
new activities and meet new needs
• In the medium term, a longer growing
season will allow higher value, warmer
weather crops to be grown further north
New Product Opportunities/Revenue Streams
Warren and Lemmen, www.nrcan.gc.ca/sites/www.nrcan.gc.ca/files/earthsciences/pdf/assess/2014/pdf/Synthesis_Eng.pdf
• Actions taken to adapt to climate change
can benefit an organization more broadly,
e.g. by improving processes and
infrastructure
• Water scarcity, in part related to climate
change, drives the creation of less water-
intensive technologies and processes, e.g.
by Coca Cola
NRTEE, http://collectionscanada.gc.ca/webarchives2/20130322185440/http://nrtee-trnee.ca/coca-cola-canada-case-study
Cost Savings/Efficiencies
31
Case Study – MEC
Part 3: Framework for Action
33
I’m not a scientist nor am I an expert on Climate
Change. How could I possibly make a difference?
Why CPAs?
“Accountants really understand numeracy and numerical
analysis. We also know we excel at big picture thinking;
that is, seeing an issue from many angles and coming at
it from diverse directions, as well as understanding
business issues from the top line to the bottom line.”
--George Hardy, CPA, CA, vice president, Personal Lines and Underwriting,
The Co-operators
CPA Canada, https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/the-cooperators-adapting-to-climate-change
Why CPAs? (Cont’d)
“Controllers and CFOs have an expansive view of an organization’s
operations. They add value by embedding their understanding of the
organization’s strategy, risk profile and operational imperatives into
their decision making.
“In other words, they’re not just focused on numbers. They have a
key role to play in determining an organization’s risk to a changing
climate and evaluating the cost-benefit of different strategic options
for climate change adaptation.
“Audit partners also need to consider the risks of climate change
adaptation, and consider whether organizations are meeting
disclosure guidance under financial reporting standards.”
--Cathy Cobey, CPA, CA, partner, Advisory Services, EY
CPA Canada, https://www.cpacanada.ca/en/business-and-accounting-resources/other-general-business-topics/sustainability/publications/climate-change-adaptation-and-accountants-roles
35
CPA Competency Map
Financial
Reporting
Strategy and
Governance
Audit and
Assurance
Management
AccountingFinance Taxation
Professional
and Ethical
Behaviour
Problem Solving
and
Decision Making
Communication Self-ManagementTeamwork and
Leadership
Enabling Competency Areas
Technical Competency Areas
35
36
Framework for Action
5 Stages of Climate Change Adaptation
- Motivate action
- Plan action
- Implement action
- Assess performance
- Respond to market and stakeholders
Each stage has multiple roles for CPAs at all levels
Stage 1: Motivate Action
An organization assesses the importance of
adaptation, by identifying how climate change
could affect it
39
A role for CPAs
Support identification of risks and
opportunities of future climate change
impacts
Example: Frontiers North Adventures
The finance team, led by a CPA, used
scenario planning to understand how
possible changes in the polar bear population
would affect their offerings
Motivate Action
Stage 2: Plan Action
An organization decides how to adapt,
determining which actions are most
appropriate
Plan Action
A role for CPAs
Estimate the cost and benefits of alternative
solutions
Example: City of Montréal
CPAs perform cost-benefit analysis on a host of
adaptation efforts, such as installing pipes that
withstand greater water flows
Stage 3: Implement Action
Here the organization puts adaptation efforts
into practice, often drawing on teams of
specialists
Implement Action
A role for CPAs
Support creation of new products and
services
Example: The Co-operators
A CPA was a key participant in development
of a new flood insurance product:
“Comprehensive Water”
Stage 4: Assess Performance
The organization determines the
effectiveness of adaptation efforts
Assess Performance
A role for CPAs
Develop indicators and targets
Example: Horizon Utilities Corporation
Horizon is monitoring and collecting data
in order to develop adaptation Key
Performance Indicators (KPIs); CPAs are
core to the data control and analysis
Stage 5 – Respond to Market and Stakeholders
Organizations must determine what the
market and other stakeholders need to
know and provide that information
Respond to Market and Stakeholders
A role for CPAs
Meet regulatory disclosure requirements (if listed public
company)
Example: CP Rail
CP Rail includes climate change risk as material in its 2014
MD&As. They detail physical risks and identify their
response.
“Potential physical risks associated with climate change
include damage to railway infrastructure due to extreme
weather effects…The Company maintains flood plans,
winter operating plans…and geotechnical monitoring of
slope stability.”
Respond to Market and Stakeholders
A role for CPAs
Contribute to voluntary sustainability reports and
climate change disclosures
Example: Centerra Gold
Centerra reports on “Financial impacts of climate
change” in its 2013 Corporate Responsibility Report.
“These risks are particularly tangible [for a mine in]
the Kyrgyz Republic.” Glaciers near the mine are
melting. Centerra must remove meltwater and
reinforce dams.
These roles cut across all five stages
Roles for CPAs in Leadership Positions
Roles for CPAs in Leadership Positions
A role for CPAs
Establish accountability structures
Example: TransLink
The finance department has responsibility for
sustainability. The CFO is responsible for seeing
that climate change risks are part of TransLink’s
capital review process
Roles for CPAs in Leadership Positions
A role for CPAs
Integrate climate change considerations into
organizational strategy
Example: The City of Montreal
Montreal included climate change adaptation in
its Sustainable Development Plan (development
of which was led by a CPA)
Part 4: CPA Canada Adaptation Resources
Overview of Case StudiesCase Study Sector Adaptation Issues Highlighted
Frontiers North
Adventures
Tourism • Infrastructure investment planning
• Delivery planning
• Supply chain planning
• Forecasting
TransLink Transportation • Risk management
• Capital planning / resource allocation
• Reporting
Mountain
Equipment Co-op
Retail • Demand and sales forecasting
• Supply chain planning
• Inventory management
The Co-operators Insurance • Business modelling
• New product development / pricing
• Stakeholder engagement
Horizon Utilities Electric Utility • Vulnerability assessment
• Infrastructure investment planning
• Outage management planning
City of Montreal Municipality • Vulnerability assessment
• Adaptation planning
• Accounting for investments in green infrastructure
54
Project Outputs – Guidance for CPAs• Case studies and videos
Frontiers North Adventures
Mountain Equipment Co-op
TransLink
The Co-operators
Horizon Utilities
City of Montreal
• Briefs Brief #1: A primer on climate change
mitigation and adaptation
Brief #2: How organizations can adapt to
climate change
Brief #3: How Chartered Professional
Accountants can help organizations
adapt to climate change
• Professional DevelopmentResources available at:
www.cpacanada.ca/
climatechange
55
Call to Action
Contact Information
Gordon Beal, CPA,CA, M.Ed
VP - Research, Guidance and Support
CPA Canada
Phone: 416-204-3432
Email: [email protected]
www.cpacanada.ca/climatechange
ECONOMICS I RESEARCH
The Economic Outlook for Canada and Ontario
January 20, 2018
Paul Ferley (Assistant Chief Economist) (416) 974-7231 [email protected]
Presentation to The Institute of Chartered Accountants of India – Toronto Chapter
ECONOMICS I RESEARCH 2
Our forecast assumes that oil prices will resume a slight upward trend through the forecast
20
40
60
80
100
120
140
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
$US/bbl
West Texas Intermediate (WTI)
Source: Energy Information Administration/Wall Street Journal, RBC Economics Research
Forecast
Annual Levels
WTI 2018f$54
2015$49
2016$43
2017$51
2019f$56
ECONOMICS I RESEARCH 3
Higher oil prices are a marginal negative factor for global growth though it is expected to be more than offset by strengthening U.S. growth this year and generally accommodative monetary policy by most central banks
Global GDP Output Summary As of 2018/01/10
2014 2015 2016 2017 2018 2019
2.1 2.3 1.7 2.1 2.1 1.9
U.S. 2.6 2.9 1.5 2.2 2.6 2.2
Canada 2.9 1.0 1.4 2.9 1.9 1.6
Japan* 0.3 1.4 0.9 1.5 0.7 0.8
UK 3.1 2.3 1.9 1.8 1.4 1.4
euro area 1.4 2.0 1.8 2.3 2.2 1.9
Germany* 1.9 1.5 1.9 2.1 1.8 1.5
France* 0.9 1.1 1.2 1.6 1.8 1.9
Italy* 0.1 0.8 0.9 1.5 1.1 0.9
Spain* 1.4 3.2 3.2 3.1 2.5 2.0
Other Advanced Economies* 2.9 2.2 2.4 2.6 2.5 2.5
4.6 4.3 4.3 4.6 4.9 5.0
China 7.3 6.9 6.7 6.8 6.5 6.3
World GDP Growth 3.4 3.4 3.2 3.6 3.7 3.7
*Based on the most recent IMF World Economic Outlook Forecast
Sources: RBC Economics Research, IMF World Economic Outlook
Advanced Economies
Emerging and Developing Economies
ECONOMICS I RESEARCH 4
Accommodative monetary policy and stimulative fiscal policy are expected to return U.S. growth to an
above-average pace despite rising oil prices
U.S. Economic Outlook:
ECONOMICS I RESEARCH 5
After a disappointing Q1 2017 growth rate activity bounced back in Q2 and growth remained strong in Q3 despite a number of hurricane-related disruptions
-10
-8
-6
-4
-2
0
2
4
6
8
10
97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17
Quarter-over-quarter annualized % change
Year-over-year % change
Source: Bureau of Economics Analysis, RBC Economics Research
U.S real GDP growthQuarter-over-quarter annualized % change
Forecasted Values:
Annual Growth Rates
2016
1.5Real GDP
2013
1.7
2014
2.6
2015
2.9
ECONOMICS I RESEARCH 6
The impact from the hurricanes weighed on September payrolls though hiring recovered strongly through the remainder of 2017, with the average over the three months continuing a pattern of solid gains
-100
-50
0
50
100
150
200
250
300
350
400
2010 2011 2012 2013 2014 2015 2016 2017
Source: Bureau of Labor Statistics, RBC Economics Research
U.S. payroll employment growthChange from previous month (Thous.)
'Steady State?'
ECONOMICS I RESEARCH 77
In addition to solid job gains, GDP growth will also be supported by stimulative Fed monetary policy along with the prospect of, subsequently realized the end of 2017, a boost from fiscal policy
-10
-8
-6
-4
-2
0
2
4
6
8
10
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Source: Bureau of Economic Analysis, RBC Economics Research
U.S. real GDP Quarter-over-quarter annualized % change
Annual Growth Rates
2017f
2.2Real GDP
2018f
2.62019f
2.2
Forecast:
2016
1.5
ECONOMICS I RESEARCH 8
The persistence of above-average growth will put further modest downward pressure on the unemployment rate at a time when it is already at historically low levels
2
3
4
5
6
7
8
9
10
11
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Source: Bureau of Labor Statistics, RBC Economics Research
Forecast
%
Unemployment rate: U.S.
ECONOMICS I RESEARCH 9
Strengthening growth and tightening labour markets has contributed, and is expected to continue to contribute, to the Fed tightening monetary policy
1
2
3
4
5
6
7
2000 2002 2004 2006 2008 2010 2012 2014 2016 2018
Source: Federal Reserve Board, RBC Economics Research
Forecast
%
Fed Funds Rate
ECONOMICS I RESEARCH 10
Sustained tightening by the Fed will put continued upward pressure on 10-year bond yields
1.0
1.5
2.0
2.5
3.0
3.5
4.0
4.5
5.0
5.5
6.0
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
%
10 year bond yield: U.S.
Source: Reuters, RBC Economics Research
Forecast
ECONOMICS I RESEARCH 11
Canadian Economic Outlook:
Higher oil prices and strengthening U.S. growth will provide a lift to the Canadian
economy though increased U.S. trade protectionism presents a downside risk to
growth
ECONOMICS I RESEARCH 12
Growth was restrained in both 2015 and 2016 by weak oil prices though that restraint has started to reverse through 2017. In fact growth over the past year has in our view pushed the economy to its capacity limit.
-10
-8
-6
-4
-2
2
4
6
8
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
Quarter-over-quarter, annualized
rateYear-over-year
Source: Statistics Canada, RBC Economics Research
Canada's real GDP % change
Source: Statistics Canada, RBC Economics Research
Annual Growth Rates
Real GDP2013
2.5
2014
2.62016
1.4
2015
1.0
Forecast:
ECONOMICS I RESEARCH 13
The drop in oil prices had weighed on GDP growth through declining investment though the projected recovery in these prices is expected to return business investment to sustained positive growth over the forecast
-30
-25
-20
-15
-10
-5
5
10
15
20
25
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Non-residential investment in Canada
Forecast
Annual Growth Rates
Non-residential
Source: Statistics Canada, RBC Economics Research
Year-over-year % change
GDP (YoY)
2017f
1.6
2016
-9.4
2019f
2.12018f
3.6
ECONOMICS I RESEARCH 14
Growth in business investment is expected to reflect modest gains both within and outside of the oil and gas sector both this year and next
-4.0
-3.5
-3.0
-2.5
-2.0
-1.5
-1.0
-0.5
0.0
0.5
1.0
1.5
2009 2010 2011 2012 2013 2014 2015 2016 2017 2018
Ex o&g investment
Oil & gas investment
Total business capital
spending
Percentage point contribution to annual GDP growth
Canada Business Investment by Industry
Projection
Source: Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH 15
Export growth has been gradually trending higher though around a very volatile quarterly pattern
100
104
108
112
116
120
124
128
2011 2012 2013 2014 2015 2016 2017
Exports Imports
Billion constant 2007 $
Real merchandise trade: Canada
* Q4 2017 is an estimateSource: Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH
The growth in Canadian exports will continue to be restrained by a general slowing in global trade
16
10
15
20
25
30
35
1980
1982
1984
1986
1988
1990
1992
1994
1996
1998
2000
2002
2004
2006
2008
2010
2012
2014
2016
Global exports as
percent of global…
%
World Exports Share of World GDP
Source: OECD, IMF, RBC Economics Research
ECONOMICS I RESEARCH 17
Export growth is expected to benefit from a still weak Canadian dollar and strengthening U.S. growth though with trade protectionism presenting a clear downside risk
-20
-15
-10
-5
5
10
15
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Year-over-year % change
Canadian Exports and GDP
Source: Statistics Canada, RBC Economics Research
GDP (YoY)
Forecast
Annual Growth Rates
2018f
1.72017f
0.9
2016
1.0
2019f
2.5Exports
ECONOMICS I RESEARCH 18
In terms of household spending, still accommodative monetary policy is supporting interest rate-sensitive sectors of the economy though poor affordability and tightening mortgage lending regulations have recently started to weigh on housing
200
250
300
350
400
450
500
550
600
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
Thousands of Units, saar
Canada: Housing Resales
Source: CREA, RBC Economics Research
1.3
1.4
1.5
1.6
1.7
1.8
1.9
2.0
2.1
2.2
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
(Millions)
Auto sales in Canada
Source: Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH 19
This spending has resulted in both household debt levels and debt servicing costs (including principal repayments) high
70
90
110
130
150
170
190
1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 2016
Statistics Canada's published figure Comparable figure to U.S. United States
Credit market debt as a % of personal disposable income
Household debt-to-income ratio
Source: Statistics Canada, RBC Economics Research
2
4
6
8
10
12
14
16
1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 2016
Principal
Interest
Debt service payments on mortgage and non-mortgage debt as % of PDI, seasonally adjusted
Debt service ratio - Canada
Source: Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH 20
We are assuming that these balance sheet constraints in the face of rising interest rates will lower consumer spending growth through the forecast from unsustainably strong gains over the first three quarters of 2017
-6
-4
-2
2
4
6
8
10
2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Quarter-over-quarter % change, annualized
Consumer expenditures in Canada
Source: Statistics Canada, RBC Economics Research
Annual Growth Rates
2018f2017f 2019f2016ConsumerSpending
GDP(YoY)
Forecast
2.1 1.42.4 3.7
ECONOMICS I RESEARCH 21
Low interest rates have been keeping housing activity stronger than expected though a tightening by both the Canadian and U.S. central banks along with recent mortgage lending rule changes are expected to slow new residential construction over the forecast
196198
220
195 185
0
50
100
150
200
250
90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Source: Canada Mortgage and Housing Corporation, RBC Economics Research
Thousands of units
Housing starts: Canada
Forecast:
ECONOMICS I RESEARCH
The strength in the housing market measures has been particularly apparent in Toronto and Vancouver with a marked deterioration in housing affordability. Recent housing policy changes have only contributed to a temporary correction in the Vancouver market.
22
20
40
60
80
100
1985 1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007 2009 2011 2013 2015 2017
Ownership costs as % of median household income
RBC Housing Affordability Measure - aggregate
Vancouver
Toronto
Canada
Source:Brookfield RPS, Royal LePage, Statistics Canada, Bank of Canada, RBC Economics Research
ECONOMICS I RESEARCH 23
Residential investment is expected to trend lower through the forecast as rising lending costs, a tightening in lending standards and poor affordability weigh on activity
-30
-20
-10
10
20
30
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Residential investment in Canada
Forecast
Annual Growth Rates
2018f
-1.9
2017f
2.9
2016
3.3Residential
2019f
-2.1
Source: Statistics Canada, RBC Economics Research
Quarter-over-quarter % change, annualized rate
GDP (QoQ)
ECONOMICS I RESEARCH 24
Expansionary fiscal policy federally is expected to result in modestly rising government spending through the forecast
-6
-4
-2
2
4
6
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Year-over-year % change
Government Spending and GDP
Forecast
Source: Statistics Canada, RBC Economics Research
Annual Growth Rates
Government Spending
2018f
2.5
2017f
1.8
2016
2.2
2019f
2.2 GDP (YoY)
ECONOMICS I RESEARCH 25
Strong growth in 2017 pushed the Canadian economy close to capacity limiting growth this year and next
-10
-8
-6
-4
-2
0
2
4
6
8
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
Source: Statistics Canada, RBC Economics Research
Canada's real GDP growth
Quarter-over-quarter % change, annualized rate
Forecast:
Annual Growth Rates
2016
1.42018f
1.9
2017f
2.9Real GDP2019f
1.6
ECONOMICS I RESEARCH 26
Economic growth is expected to keep the unemployment rate low through the forecast
5.5
6.0
6.5
7.0
7.5
8.0
8.5
9.0
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
CanadaUnemployment rate: Canada
Source: Statistics Canada, RBC Economics Research
%
Annual Rates
2018f
5.92019f
5.9
2017
6.4
2016
7.0Unemployment rate
Forecast
ECONOMICS I RESEARCH 2727
Well- anchored inflationary expectations are expected to keep inflation close to the 2% target
-4.0
-3.0
-2.0
-1.0
0.0
1.0
2.0
3.0
4.0
5.0
93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Annual Rate
2018f
2.02.1
2016
1.91.4
Core*
2019f
2.02.0
% change, year-over-year
CPI inflation: Canada
Forecast
2017f
1.61.6
Headline
Inflation Target 2%
*CPI excluding Food and EnergySource: Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH 28
Recent strong growth is expected to prompt the Bank of Canada to continue tightening following the hike earlier this month with another 100 basis points of tightening expected by 2019 Q1
0
1
2
3
4
5
02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Source: Bank of Canada, RBC Economics Research
Bank of Canada overnight rate%
Forecast
ECONOMICS I RESEARCH 29
Further tightening by both the Bank of Canada and the Fed will continue to put sustained upward pressure on bond yields
0.0
1.0
2.0
3.0
4.0
5.0
6.0
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
%
10 year bond yield: Canada
Source: Bank of Canada, RBC Economics Research
Forecast
ECONOMICS I RESEARCH 30
The Canadian dollar received a boost from the recent Bank of Canada tightening though this is expected to be tempered by our expectation that the Fed will continue to hike through 2018 and 2019
0.6
0.7
0.8
0.9
1.0
1.1
95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Forecast
Source: Bank of Canada, RBC Economics Research Forecasts
Parity
Canadian dollar forecastUS$/C$
End of period
2019f
0.792018f
0.81US$/C$
2016
0.74
2017
0.80
ECONOMICS I RESEARCH 31
Ontario Economic Outlook:
Rising oil prices imply higher energy costs for the Ontario economy though it should be
more than offset by a strengthening U.S. economy…assuming no major trade
restrictions emerge.
ECONOMICS I RESEARCH 32
Rising oil prices are expected to support growth in Alberta and Saskatchewan with Ontario benefitting more from a strengthening U.S. economy
2.7
2.3
2.2
2.1
2.1
2.0
1.9
1.8
1.5
0.7
0.6
2.1
4.1
3.2
2.9
-1.4
2.6
2.9
2.8
2.2
1.7
0.8
-2 -1 1 2 3 4 5
SASK.
ALTA.
B.C.
ONT.
N.& L.
MAN.
CANADA
QUE.
P.E.I
N.B.
N.S.
2018f 2017f
Sources: Statistics Canada, RBC Economics Research
Provincial real GDP growthAnnual % change, ranked by 2018 growth
ECONOMICS I RESEARCH 33
Ontario is expected to grow at a solid pace that is generally in line with the national average benefiting from a strengthening U.S. economy. However, the emergence of trade protection does present a downside risk to both the Canadian and Ontario outlook
-4
-2
2
4
6
8
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
% change, year-over-year
Real GDP: Ontario and Canada
Source: Statistics Canada, RBC Economics Research
Forecast
Annual Growth Rates
2018f
2.11.9
2017f2.92.9
2016
2.61.4
Ontario
Canada
2019f
1.81.6
ECONOMICS I RESEARCH 34
This growth outlook is expected to result in Ontario’s unemployment rate staying below the national average this year and next after remaining above through most of the current business cycle
3
4
5
6
7
8
9
10
11
12
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Source: Statistics Canada, RBC Economics Research
Canada
Ontario
%
Unemployment rate: Ontario and Canada
Forecast
Annual Rate
2017 2019f6.4 5.9
6.0 5.8Ontario
Canada
2018f
5.9
5.7
2016
7.0
6.5
ECONOMICS I RESEARCH 35
Solid growth has kept housing starts in Ontario strong in 2017 though Bank of Canada tightening, rising longer-term interest rates and recent mortgage-lending rule changes will likely weigh on 2018 housing starts
70
7579
69 70
0
10
20
30
40
50
60
70
80
90
90 91 92 93 94 95 96 97 98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19
Source: Canada Mortgage and Housing Corporation, RBC Economics Research
SAAR, Thousands of units
Housing starts: Ontario
Forecasted Values:
ECONOMICS I RESEARCH 36
These factors are also expected to send home resales in Ontario lower through the forecast…
9.5 9.5
-7.9
-4.0
-1.3
0
50
100
150
200
250
300
-20
-15
-10
-5
5
10
15
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
% Unit sales actual (LHS) Unit sales actual (RHS)
Year-over-year % change
Home resales: OntarioLevel, Thousands
Forecast
Source: CREA, RBC Economics Research
ECONOMICS I RESEARCH 37
…and are projected to limit the rise in housing prices this year after indications last year of another double digit increase
5.2
7.2
13.1
18.5
1.00.1
0
100
200
300
400
500
600
700
2
4
6
8
10
12
14
16
18
20
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019
% Average price (LHS) Average price (RHS)
Year-over-year % change
Housing prices: Ontario
Level, Thousands of dollars
Forecast
Source: Royal LePage, Statistics Canada, RBC Economics Research
ECONOMICS I RESEARCH 38
An easing in the housing market will help reverse the steady deterioration in affordability in Ontario in recent years
20
30
40
50
60
70
1985 1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007 2009 2011 2013 2015 2017
Single-detached
Condo
Ownership costs as % of household income
RBC Housing Affordability Measure- Ontario
Source: Statistics Canada, CMHC, Royal LePage, RBC Economics Research
Aggregate
ECONOMICS I RESEARCH 3939
Please visit our website:
www.rbc.com/economics
ECONOMICS I RESEARCH 40
Disclaimer
The material contained in this report is the property of Royal Bank of Canada and may not be reproduced in any way, in whole or in part, without express authorization of the copyright holder in
writing. The statements and statistics contained herein have been prepared by RBC Economics Research based on information from sources considered to be reliable. We make no
representation or warranty, express or implied, as to its accuracy or completeness. This publication is for the information of investors and business persons and does not constitute an offer to
sell or a solicitation to buy securities.
®Registered trademark of Royal Bank of Canada.©Royal Bank of Canada.
January 2018
ICAI - Toronto Chapter Professional Development Workshop
January 20, 20181
Blockchain, Cryptocurrency & ICOs
ICAI Workshop
With you today...
2
Behram FarooghBLOCKCHAIN &
TECHNICAL ACCOUNTING
Behram is a Risk Assurance Services Partner and the national practice leader of Emerging Technology Assurance group in PwC Canada. A Chartered Accountant by profession, with over 25 years of experience that spans from the shop floor to the Board room, Behram has conducted assignments that consider the interplay, optimization and oversight of strategy, people, systems and processes. He is a subject matter specialist on a number of emerging technologies, including Blockchain, Cryptocurrency & ICOs.
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
Matt HinkleyCRYPTOCURRENCY
& ICOs
Matt analyses all emerging technologies that could affect Canadian Businesses and works within a team that helps identify, consult and adapt to these technologies with the best possible outcome. Matt's main focus and passion is around the introduction of the new cryptocurrency framework being built, and how this looks to change all aspects of a business life-cycle from capital fund raising to financial reporting.
01Opening RemarksWhy is this important for you?
Broadindustry impact...
… has created largedemand for services ...
… that can translate to significant opportunities
3Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop 4
Our PerspectiveThe internet revolutionized the way weexchange information
Blockchain is revolutionizing the way weexchange value
It’s time for another revolution
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
02Understanding the FundamentalsWhat is blockchain? How does it work?
Blockchain Technology
Cryptocurrencies & Digital Assets
Initial Coin Offerings
5Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
What is blockchain?
Blockchain is a distributed shared ledger that enables transacting amongst untrusted participants, without the need
for a trusted intermediary“
”
6Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Key attributes of a blockchain
7
Peer to Peer In a peer to peer network users are connected to each other without a central point of authority or control
Distributed ledgerEvery participant in the network has simultaneous access to a
view of the ledger
CryptographyIntegrity and security of the blockchain
ledger are enforced through cryptographic technology
ConsensusValidity of this ledger is achieved by participants
confirming changes with one another, replacing the need for a third party to authorize transactions
Smart contractsThe ability to run additional business logic means that
agreement on the expected behaviour, such as financial instruments, can be embedded within the blockchain and
run autonomously
Blockchain is a distributed ledger of transactions in a business network. Using blockchain technology, participants in the network can confirm transactions without the need for a trusted intermediary.
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
How blockchain technology evolved?
The first use case of blockchain was a cryptocurrency known as Bitcoin. As blockchain technology continues to develop, we continue to find new use cases for it.
8
Using cryptocurrencies in cash-related applications
e.g. currency transfer, remittance, digital payment systems
Blockchain 1.0 Currency
Deploying blockchains in economic, market and
financial applications e.g. bonds, stocks, loans
mortgages, titles, smart property
Blockchain 2.0 Contracts
Employing blockchains in broader industry
applications e.g. supply chain, transportation,
health, cloud storage, etc.
Blockchain 3.0 Applications $4.7bn
invested in bitcoin &
blockchain startups
since 2017
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Applications of blockchain technology
Asset Records
Verifiable records of property ownership allow individuals security in knowing their
investments will be safe. But in some areas, breakdown in these systems allow central parties to commandeer personal assets.
Blockchains provide an engine for collecting and maintaining these verifiable records out
of the hands of unreliable organizations.
Digital Currencies
Blockchain allows groups of people to maintain a list of accounts between them.
These accounts can represent currency entirely contained as digital assets.
Decentralized currency crosses borders and eliminates intermediaries.
9
Many different uses for blockchains have been theorized. Here are a few examples which suggest the different categories in which blockchains are intended to be used.
EfficientProcesses
Agreements between parties which take place commonly still require drafting and enforcement by human intermediaries.
Agreements can be written into a shared ledger to control digital assets on the
blockchain and executed per agreed upon guidelines. These are commonly referred to
as “Smart Contracts”.
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
What are smart contracts?
10
Smart contracts are computer programs that can automatically execute business logic when pre-programmed conditions are triggered.
The smart contract executes corresponding transactions, such as transfer of ownership.
Smart contracts are modular, repeatable, and autonomous scripts designed for use on blockchains.
Traditional Smart
❏ The distributed layout of a blockchain ecosystem means that multiple parties are processing and verifying any record or transaction that is placed on the ledger.
❏ Because the contract logic is run concurrently on all participating computers, parties need to develop consensus before executing any contract terms or activities.
Traditional Contracts Smart Contracts
Days Minutes
Manual remittance
Automatic remittance
Escrow necessary
Escrow may not be necessary
Expensive Fraction of the cost
Physical Presence
(ink signature)
Virtual Presence(digital signature)
Lawyers necessary
Lawyers may not be necessary
What are the benefits?
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
How book-keeping evolved?
11Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
1. Barter System
2. Single-Entry
3. Double-Entry
4. Triple-Entry
Possible Future ...Today ...
03Cryptocurrencies and Digital AssetsWhat is this new digital ecosystem?
Blockchain Technology
Cryptocurrencies & Digital Assets
Initial Coin Offerings
12Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Abstract - “A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.” - Satoshi Nakamoto
13
The history of crypto
Dec 2008The white paper is released
Sept 2007Satoshi starts the Bitcoin project
July 2010Bitcoin exchange MtGox is established
Jan 2009Satoshi and Hal Finney, a developer and cryptographic activist complete first bitcoin transaction.
May 2010The first real world transaction is completed – 10,000 BTC for 1 pizza
July 2010In 5 days, Bitcoin value increase 10x due to popular demand
Nov 2010Market Cap hits $1m
June 2011Mt Gox Breached, 60,000 accounts hacked
2012Many Wallets and exchanges start to set up such as Coinbase
Mar 2013Market cap reaches $1bn
Jan 2014China bans bitcoin and slumps growth and price
2015 Market cap stays stagnant at around $3bn
2016Markets pick up and finish the year on $12bn MC
2017The rise of Altcoins and ICOs
2018to dateTurmoil
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Cryptocurrencies, a new way to transact
AltCoins
AltCoins are designed after bitcoin, such as Ethereum.
Transparency
All transactions with cryptocurrencies are
transparent.
Digital Identity
Identity on the blockchain is stored is encrypted.
14
Cryptocurrencies are digital assets which are stored and transacted in a decentralized manner. Cryptocurrencies were the first use-case for blockchain and allow transfer of value between a network of untrusted participants.
Decentralized
Stored and transacted in a decentralized manner.
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Metric Sept 2015 Sept 2016 Sept 2017 Oct 2017 Nov 2017 Dec 2017 Jan 2018
Number of Currencies 562 626 1128 1097 1239 1340 1385
Industry Market Cap $3.9bn $12.1bn $140bn $174bn $302bn $550bn $750bn
24 Hour volume $17m $55m $4bn $7bn $13bn $30bn $50bn
BTC dominance 85% 70% 48% 50% 53% 63% 35%
Number of ICOs (YTD) - 46 140 190 228 235 n/a
Amount Raised through ICO (YTD) $ - $96m $2.2bn $3bn $3.6bn $3.7bn n/a
The cryptocurrency market today
15
Currency Platform Application
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI WorkshopBlockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
Current market prices; top dozen as of Jan 16th, 2018
16
Currency
Platform
Application
16
ICAI Workshop
Accounting classification of cryptocurrencies
17
Classification Explanation
Cash and Cash equivalents
At present, cryptocurrencies are not issued or backed by any government or state. They are not readily convertible to a known amount of cash and are volatile; hence there is a significant risk of changes in value. Today, they are not considered legal tender by governments and do not have widespread acceptance. This holds true unless it is a cyprtocurrency issued by a state or government, that some are contemplating.
✗
Financial instruments Holding a unit of a cryptocurrency does not give the holder a contractual right or obligation to receive cash or another financial asset.
✗
PPE or Investment Property
Cryptocurrency has no physical form, are not tangible, and are not held for use in the production or supply of goods or services.
✗
Inventory Inventories do not need to be in a physical form, but do need to be held for sale in the ordinary course of business. However, cryptocurrencies may not be traded frequently enough such that trading activity would be an entity’s ‘ordinary course of business’. Cryptocurrencies would fail the definition of inventory unless this test is met.
?
Intangible assets Cryptocurrencies appear to meet the definition of an intangible asset: identifiable as can be sold, exchanged or transferred individually; not cash and non-monetary asset; have no physical form.
✓
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
04Initial Coin Offering What is tokenization?
Blockchain Technology
Cryptocurrencies & Digital Assets
Initial Coin Offering
18Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
PwC Canada - OneChain
What is an ICO/ITO?
19
In many ways, an ICO/ITO can be very similar to an initial public offering (IPO). The coins/tokens can be similar to traditional shares of a company because their value may increase or decrease depending on how successfully the business executes its business plan using the capital raised. However, capital is usually raised before a project commences and the project is then built on the amount of capital raised, a lot like equity or reward based crowdfunding.
Is a token a security?The Canadian Securities Administrators recently released a four-prong test to determine whether or not a coin/token will be considered a security. They are: Does an ICO/ITO consist of ... a) an investment of money b) in a common enterprise c) with the expectation of profit d) to come significantly from the efforts of others
Source: The CSA Report
20
Build a white paper
Create a token
Raise investment
20Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
From Jan 2014 to Nov 2017
21Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
07The Canadian Marketplace
Industry Impacts
Big Bets
22Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Global Blockchain Platform
23Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop 24
Payments
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Identity Management
25Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop 26
Utilities
Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI Workshop
Food and Beverages
27Blockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICAI WorkshopBlockchain, Cryptocurrency & ICOs - Workshop conducted by PwC
ICO
28
PwC’s Digital Services
Thank You!Questions?
29
Danny Timmins - National Leader Cyber Security
Cyber Security and Vulnerability Impact for ICAI Toronto Chapter
Cyber Security MNP Technology Solutions
MNP Cyber Security Presentation
Page 2
Cyber Security OverviewCyber Crime Tactics and Techniques
• Hacking (Penetration Testing)• Social Engineering (Malware/Crimeware)• Red Teaming
Considerations
Page 3
• Canada’s 5th largest Accounting, Tax and Consulting firm
• 4500 team members• 80 offices coast to coast• 54 Cyber Security
professionals nationally
Lessons from the Field
Page 4
➢99% of vulnerabilities exploited will continue to be the ones known by security/IT professionals.
➢The single most impactful enterprise activity to improve security will be patching.
➢The second most impactful enterprise activity to improve security will be removing web server vulnerabilities.
What’s the problem?
Page 5
➢Internet of Things will grow to an installed base of 20.4 billion.
➢A third of successful attacks experienced will be on their shadow IT resources.
➢Companies are using more than 15 times more cloud services to store critical company data than CIOs were aware of.
➢Nearly eight in ten (77%) of decision makers admit to using a third-party cloud application without approval.
What’s the problem?
Page 6
Canada’s new privacy laws will require breach notice and affect private sector operations in Canada. (Digital Privacy Act)… do you know how safe your client data is?
What’s Happening…
Page 7
Damages have started to increase in Canada – Class Action Suits are here – ie: Casino Rama is an example 30+ Million
Cyber Insurance… how much do you need… is it focused on the correct areas?
Payment Card Industry (PCI) already has compliancy. IE: Best Western Motels - have been targeted-very limited security
What’s Happening in the Industry?
Page 8
Page 9
Mandatory cyber audits coming for publicly traded companies in Canada… US is pushing hard for this….
In the US coming here soon ie: “A bill introduced by Senate Democrats in 2018 would establish new cybersecurity regulations”
Equifax 140M plus - 100+ thousand in Canada… patch management said to be the issue… mishandled from the start of the breach… directing clients to a phishing site
What’s Happening in the Industry?
Page 10
• Nation States• Organized Hackers• Non-Organized Hacker• Employee: Technical• Employee: Business• Malicious Former Employee
**89% of breaches had financial or espionage motive
Who are Behind Cyber Attacks?
Page 11
• Brand and reputation• Unable to fulfill service commitments• Strategic plans, engineering drawings, RFPs, proposals, etc.• Supply Chain/Vendor Management• New Automation deployments - IoT (Internet of Things)
– Life Safety Systems – automated systems, elevators, exhaust• Privacy - Personal Identification Information (PII)• Regulator Compliance• Intellectual Property (IP)• Payment Systems (Ecommerce or Point of Sale)
Some Risks to Consider
Page 12
In Canada virtually nobody discloses but breaches are
happening ever week – what happens once you have too?
Page 13
Who’s Making the Decisions?
Page 14
14
Let’s take a closer look!
Page 15
- The EXPLOIT of a technical vulnerability- Human error (still a vulnerability)- Can involve chaining together a series of weaknesses- Performed without owner permission
What is Hacking?
Page 16
What is Penetration Testing?
- Similar to hacking except owner gives permission- Attempt to gain access to sensitive information or
resources- Steps can include:
- Information gathering- Vulnerability enumeration- Vulnerability exploitation / Privilege Escalation - Exploration / Lateral Movements
- Performed against defined scope- Measures Network(s) and Application(s) resiliency - Overall goal to improve security posture
Page 17
Almost ALWAYS Starts with a Vulnerability
Page 18
Page 19
Example 1: Penetration Test
Page 20
What Can You Do with a Hash?
Page 21
“Hashinator”
26 lower case letters (a-z)26 upper case letters (A-Z)10 digits (0-9)8 Characters
26+26+10 = 62
62 ^ 8 = 218,340,105,584,896
…or < 2 days
Page 22
Example 2: Programming Error
Page 23
What is Social Engineering?
- An act that influences a person to take an action - Used by attackers as it consistently works- There is no patch for untrained users- Performed against defined scope- Three types of Social Engineering:
- Phishing- Vishing- Impersonation
- Measures how well People identify SE attacks
Page 24
Example Phishing
Page 25
Page 26
Use the Hover TechniqueNever click on URL’s sent in emails…if you must, make sure you “hover” over the URL to see the REAL destination
Page 27
Hello, my name is XXXXX. Resume
attached. I look forward to seeing you.
Sincerely yours, XXXXX
Page 28
Page 29
29
Executive Wire Fraud
- Social Engineering w/o Malware
Page 30
30
Social Engineering Attackers Deploy Fake Social Media Profiles
Page 31
Tip #3 – Google Images
- Use Google Images to verify and validate pictures
Page 32
Page 33
• Contains aspects of Penetration Testing and Social Engineering• Performed with the permission of the owner• Typically full-scope, multi-layered attack simulation
– Penetration Testing– Social Engineering– Physical Security Controls
• Designed to measure resiliency of People, Network(s), and Application(s) during a real-life attack
• Attacks are performed simultaneously • Overall goal to identify gaps and improve Incident Response
What is Red Teaming?
Page 34
“Security Fatigue”
“…a majority of users experienced security fatigue that often leads users to risky
computing behavior at work and in their personal lives”
Page 35
• How do people get hacked?• Wouldn’t it be great if we could do something
live at an event?• How can we build awareness?
Page 36
Technical Walk Through
You folks
Page 37
Page 38
Page 39
Page 40
Who put these here?• Printing Facts.
– Average cost of a wasted page $0.06
– We spent approximately $0.60
Paper Facts Printing Factscua6.urban.csuohio.edu/~sanda/syl/envpol/materials/GREEN%20FACTS.pdf
Page 41
Splash Screen
Page 42
Terms & Conditions
Page 43
Page 44
Seriously who gets hacked?
• All the people sitting beside you
Page 45
Sony Passwords (Most common)• seinfeld• password• winer• 123456• purple• sweeps• contest• princess• george• summer• taylor• abc123n
• maggie• 9452• peanut• shadow• ginger• michael• buster• sunshine• tigger• cookie• bosco• ashley• bailey
Page 46
Statistics
• 32 unique logins• Approx. 32% of individuals submitted
credentials
• 40% 8 characters or less
• 30% contained a non-alphanumeric character
• IICA Toronto • Sony Breach• 1 million passwords recovered
• 50% 8 characters or less
• <1% contained a non-alphanumeric character
Great Job!!
Page 47
Two Step Verification
Page 48
Take Away
• It can happen to you and maybe it did today
• Be careful when using public WiFi• Never give credentials (like google) when logging into WIFI• Turn on 2-step authentication• Use a strong password with at least one non-alphanumeric
character
• Re-engage and Prioritize Security
Page 49
Considerations
Page 50
Top 10 Considerations
Have you and your executives quantified business risk? What is the impact to those assets if breached? How to
better prioritize budget & resources?
Have you developed and implemented the appropriate cyber security infrastructure. Have you considered threat detection (AI) to help protect your organization. Do you
have IoT devices how are they being managed?
Have you understood your potential exposure by engaging cyber security consultants “ethical hackers” to hack your organization? (Networks, Applications, Mobile)
Page 51
Top 10 Considerations
Can you demonstrate a solid Cyber Incidence Response plan which enables you to respond to a breach? If yes,
have you tested it by doing a table top exercise?
Have you ever considered a Cyber Security Advisor (Virtual Chief Information Security Officer-VCISO) to help set
standards and policies?
Do you have a clear understanding of your Supply Chain/Vendor/Third Party Management Strategy &
Contracts; beginning with the IT focused contracts?
Page 52
Top 10 Considerations
Have you considered purchasing cyber security-specific insurance to protect against the
ramifications of any major breaches? Is it focused on the key business risks identified if breached?
Is your information reinforced by a business continuity plan including data backup & data recovery. Is the data stored offline & offsite?
Have you tried restoring it?
Page 53
Top 10 Considerations
How sophisticated are your Cyber Security Educational Training, practices and procedures?
Are you making it personal?
Do you have a patching and shadow IT strategy? Two of the biggest problems that exist in Cyber
Security today. Can Threat Detection Help?
Page 54
Personal Cyber Security Check List
✓Create strong PW – use a minimum of 8 characters(Capitals, numbers, special characters).
✓Use two factor or two step verification where ever able.
✓Keep you systems updated with latest software. ✓Run Anti-Virus, Anti-Malware. ✓Back Up your systems (local, cloud..)✓Have a Firewall
Page 55
Personal Cyber Security Check List
✓Have your computer or mobile set to auto lock out. ✓Never click on something you don’t know. ✓Don’t add people to your profiles that you don’t know. ✓Sensitive browsing should only be done from a
trusted network. ie: banking✓Use Google Images to verify certain images✓Use VirusTotal (Google Service) to validate files
Page 56
Cyber Security ServicesOffensive Security (Red Team)• Penetration Testing• Blended Threat Attack Exercises• Social Engineering• Vulnerability Assessments
Payment Card Industry (PCI) Compliance• Scope Discovery• Gap Analysis and Readiness Review• On Demand Consulting and Remediation• PCI Report on Compliance Validation (ROC)• PCI SAQ Review and Sign Off• External ASV Scanning• Annual Maintenance (Business as Usual)
Forensics• Data Retrieval from hard drives, servers, laptops, cell
phones, etc.• E-Discovery Service for Court Admissibility
Risk Management• Quantitative Threat and Risk Assessment (based on probabilities
and industry statistics• Qualitative Threat and Risk Assessment (based on matrix
approach)• Cloud Security Checklist• Privacy Impact Assessments• MTA (Maturity Threat Analysis)• Information Security Framework Development• Assessment and Review against ISO27k, NIST, CSF or CSC 20• Policy, Process, Procedure and Documentation Development
Defensive Security (Blue Team)• Enterprise Network Security• Network, Wireless and Security Architectural Design• Perimeter and Data Center Security• Data Loss Prevention and Data Encryption• Email / Web Content Filtering and Malware Protection• Secure Access and Authentication• End Point Security and Encryption• Wireless, BYOD and Network Access Control• Security Hardening Standards and Guidelines• Virtualization and Cloud Computing Standards and Guidance• Security Awareness Training
Managed Services• Cyber Security Administration• Perimeter Threat Prevention (firewall, IPS, anti-virus,
web application firewalls, etc.)• 2-Factor Authentication• Log Management