This document provides an overview of a half-day conference on blockchain and cybersecurity for CFOs and controllers. It includes summaries of presentations on blockchain technology and how it enables distributed ledgers and smart contracts. Cybersecurity topics discussed include notable data breaches, vulnerability assessments, penetration testing, and social engineering. Contact information is provided for the speaker, Jason Cope, and details are given on the sponsor and agenda for the CFO and Controller conference focused on helping financial leaders gain a broader business perspective.

1. 1
WELCOME
CFO/Controller
Half-Day Conference
Premier Sponsor
Guest Speakers

26. Blockchain
&
Cybersecurity
Presented by
Jason R. Cope

28. What Is Blockchain?
A technology that:
• Permits transactions to be gathered into
blocks and recorded
• Cryptographically chains blocks in
chronological order creating a “Trustless
system”
• Allows the resulting ledger to be accessed
by different servers (i.e. a distributed
ledger)

29. What Is A Distributed Ledger?
Centralized Ledger Distributed Ledger
• There are multiple ledgers, but Bank holds the “Master
Copy”
• Each client must reconcile its own ledger against that of
the Bank, and must convince Bank of the “true state” of
the Bank ledger if discrepancies arise
• There is one ledger. All Nodes have some level of access
to that ledger.
• All Nodes agree to a protocol that determines the “true
state” of the ledger at any point in time. The application of
this protocol is sometimes called “achieving consensus”

30. Trustless System?
• Doesn’t mean it’s a system you can’t trust
• No trust is required between participants in
a transaction
• How is this accomplished?
– Data is mined into blocks
– Together these blocks form a chain
– Each block in the chain includes data from the
previous block
– The resulting “blockchain” is a ledger of
transactions that automatically verifies itself

31. How Does It Work?

32. Using Blockchains
Smart contracts
• Flexible mechanism that serves as the
middleman for all manner of agreements and
data exchanges
– Identity management
– Voting
– Digital rights management
– Supply chain management
– Point-of-sale applications
– Healthcare
– Currency exchange
– Ride sharing

33. How Is Blockchain
RelatedTo Bitcoin?
•Blockchain enables the existence of
cryptocurrency
•There are more than 1,600 cryptocurrencies
today
•Bitcoin is the name of the best-know
cryptocurrency
•Facebook is actively working on creating a
cryptocurrency

34. Cryptocurrency
Benefits and Issues
Benefits:
• Offers cheaper and faster peer-to-peer
payment options
• No need to provide personal details
• Gaining acceptance as a payment option
Issues:
• Price volatility
– Less buying and selling of goods and services
– More speculative trading of the currency itself

35. Benefits of Blockchain
• Increased transparency
• Accurate tracking
• Permanent unmodifiable ledger
• Cost reduction

36. Blockchain Unknowns
• Complex technology
• Regulatory implications
• Implementation challenges
• Competing platforms
• Cybersecurity

37. CYBERSECURITY

38. Notable Breaches
• Target (2013)
– 110 million customers credit/debit card
information compromised
– Hackers gained access through a third-party
HVAC vendor to the point-of-sale card readers
– Cost the company $18.5 million, plus additional
compliance requirements

39. Notable Breaches
• Uber (2016)
– 57 million Uber users and 600 thousand drivers
personal information exposed
– Uber failed to disclose the breach for more than
one year
– Paid the hackers a “bug bounty” fee of $100
thousand to destroy the data with no way to
verify the destruction occurred
– Valuation dropped from $68 billion to $48 billion

40. Notable Breaches
• Equifax (2017)
– Personal information (including Social Security
Numbers, birthdates, addresses, drivers’ license
numbers) of 143 million consumers compromised
– Caused by a website application vulnerability; using old
outdated systems
– Setup a dedicated website to take care of consumers
– Provided free credit monitoring for one year for all
consumers affected
– Cost the Company $700 million after reaching a
settlement with the government

41. Notable Breaches
• Capital One (July 30, 2019)
– Personal information of 100 million consumers
compromised (names, addresses, phone numbers,
email addresses, dates of birth, annual income
disclosures)
– Outside individual gained access to the network
by exploiting a misconfigured web application
firewall
– Will provide free credit monitoring for one year
for all consumers affected

42. Local Incidents
• Texas Lawbook survey states four out of five law
firms operating in Texas in 2017 and 2018 were
victimized by a cyber attack.
• 40% of small and mid-sized companies that
experience data breaches are out of business
within six months.
• Smaller businesses that devote fewer resources
to cybersecurity end up with information that is
more accessible to cyber attacks

43. Vulnerability Assessment
• Intended to identify and assign a criticality
rating to potential security weaknesses in an
organization’s technical environment, but not
to exploit the weaknesses
• External
• Internal

44. Vulnerability Assessment
• External
– Checks for vulnerabilities between the external
network and the internet.
• Internal
– In-depth analysis of the organization’s internal
network.
– Estimated that approximately 80% of security
breaches occur from inside the internal network.

45. Vulnerability Assessment
• Deliverables
– Technical vulnerability assessment report
– Recommendations for remediation

46. PenetrationTesting
• Identifies the ease and likelihood with which a
malicious attacker could compromise the
target environment
• Finds weaknesses in the target environment
and attempts to exploit them.

47. Social Engineering Assessment
• Consist of various methods to determine
susceptibility to common people-based attacks
to obtain credentials, convince users to
circumvent security controls, install
unauthorized software, disclose sensitive
information, or enable assess to unauthorized
areas.
• Focus is on humans rather than weaknesses in
the IT infrastructure.

48. Social Engineering Assessment
• Common scams:
– Phishing
– Ransomware
– Media drops
– Tailgating

50. CONTACT US
Jason R. Cope
Goldin Peiser & Peiser, LLP
(214) 635-2508
Jcope@GPPcpa.com

51. 51
Goldin, Peiser & Peiser, LLP
CFO & Controller Conference
Helping Financial Leaders Gain a
Broader Perspective on Their Business
November 6, 2019

52. 52
FRUSTRATIONS
• Control
• Profit
• People
• Hitting the Ceiling
• Nothing’s Working

53. 53

54. 54
▪ 8 Questions

55. 55
8 QUESTIONS
1. Core Values?
2. Core Focus?
3. 10-Year Target?
4. Marketing Strategy?
5. 3-Year Picture?
6. 1-Year Plan?
7. Quarterly Rocks?
8. Issues?

56. 56
V/TO Vision Page

57. 57
V/TO Traction Page

58. 58
▪ 8 Questions
▪ Shared by all

59. 59
▪ Right People

60. 60
THE PEOPLE ANALYZER
Name
The Bar
Sally Jones
John Smith
George Wilson
+ + + + +
– – – – –
+/– +/– +/– +/– +/–
+ + + +/– +/–

61. 61
▪ Right People
▪ Right Seats

62. 62
Integrator
Sales/Marketing Operations Finance
Visionary
THE ACCOUNTABILITY CHART

63. 63
100% Strong
❑ Core Values
❑ Accountability Chart
❑ People Analyzer
▪ Core Values (Right People)
▪ GWC (Right Seat)
❑ Two Issues –
▪ Right Person, Wrong Seat
▪ Right Seat, Wrong Person

64. 64
GWC
Get It
Want It
Capacity to Do It
G
W
C
Function
Name
• ––––––––––––––––––––––––––––––
• ––––––––––––––––––––––––––––––
• ––––––––––––––––––––––––––––––
• ––––––––––––––––––––––––––––––
• ––––––––––––––––––––––––––––––

65. 65
THE PEOPLE ANALYZER
Name
The Bar
Sally Jones
John Smith
George Wilson
+ + + + +
– – – – –
+/– +/– +/– +/– +/–
+ + + +/– +/– Y Y Y

66. 66
▪ Scorecard

67. 67
YOUR SCORECARD

68. 68
SCORECARD MEASURABLES
• Weekly Revenue
• Cash Balance
• Sales Calls
• Sales Meetings
• Proposals
• Closed Business
• Customer Satisfaction
• Accounts Receivable
• Accounts Payable
• Errors
• Utilization/Capacity

69. 69
▪ Scorecard
▪ Measurables

70. 70

71. 71
▪ Issues List
▪ IDS

72. 72
THE ISSUES SOLVING TRACK
Identify
Discuss
Solve
I
D
S

73. 73
▪ Documented

74. 74
CORE PROCESSES
• People
• Marketing
• Sales
• Operations
• Accounting
• Customer Retention

75. 75
▪ Documented
▪ Followed by All

76. 76
▪ Rocks
▪ Meetings

77. 77
THE LEVEL 10 MEETING
Good News 5 Mins
Scorecard 5 Mins
Rock Review 5 Mins
People Headlines 5 Mins
To-Do List 5 Mins
IDS 60 Mins
Conclude 5 Mins

78. 78
● 8 Questions
● Shared By All
● Scorecard
● Measurables
● Documented
● Followed By All
● Rocks
● Meetings
● Issues List
● IDS
● Right People
● Right Seats

79. 79
FOUNDATIONAL TOOLS
• V/TO
• Accountability Chart
• Rocks
• Level 10 Meeting
• Scorecard

80. 80
THANK YOU!
Email me at
david@boyettmanagement.com and I
will send you a free E-Book- “Decide”
Draft Your First Scorecard
Let me know how I can help!

81. Tax & Accounting Update
Panel Discussion
Allan Peiser
Moderator
Angie Walters Kevin Harris Richard Stepler