3 aspects where the 'virtual world' interacts now and in the future with us in a very real way.
. Thought Works Introduction to Blockchain
. Cyber Security
. Cloud Accounting
3. pkf-francisclark.co.uk
.
Presentations followed by discussion
Presenter Topic
Jim Barritt
Thought Works, Principal Consultant
Introduction to Blockchain
Richard Wilding
PKF Francis Clark, Head of Cyber
Services
Cyber Security
Lucy Mace
PKF Francis Clark, Cloud Accounting
Specialist
Cloud Accounting
7. THE WORLD HAS GONE BLOCKCHAIN CRAZY!
As the first person to have launched a “code
sprint” out of the White House and fight to use
words like “hacking” on the White House blog,
I can tell you that getting words like
“blockchain” into an announcement was
challenging.
https://techcrunch.com/2016/07/07/hillary-clinton-and-the-blockchain/
https://www.hillaryclinton.com/briefing/factsheets/2016/06/27/hillary-
clintons-initiative-on-technology-innovation/
http://a.abcnews.com/images/Politics/AP_hillary_clinton_jt_151030_12x5_1600.jpg
8. THE WORLD HAS GONE BLOCKCHAIN CRAZY!
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/492972/gs-16-1-distributed-ledger-technology.pdf
22. DISTRIBUTED LEDGER TECHNOLOGY
Break down the elements of bitcoin
Apply them to business scenarios
Allows shared agreement between parties
Automation of contracts
May not be public
Can provide ability to redact data (right to be
forgotten)
22
23. THINGS YOU MIGHT WANT TO KNOW
Cryptography – Secure payments, the Web,
hashes
Distributed Ledger Technology (DLT)
Merkle Trees
Consensus and Proof of work
Smart Contracts vs Legal Contracts
Privacy and Identity (Zero Knowledge Proofs)
23
25. WHY SHOULD I CARE?
LOOKING FOR ANYWHERE WHERE THERE
IS COORDINATION BETWEEN PARTIES
AS PLATFORMS MATURE MORE AND MORE
ORGANISATIONS WILL EXPLORE
POTENTIAL TO BECOME A NEW
FOUNDATIONAL INFRASTRUCTURE, LIKE
THE WEB
25
26. WHY SHOULD I CARE?
LIKELY WILL BE COMMODITISED SO THAT IT
WILL BE TRANSPARENT
GDPR
26
27. WHY SHOULD I CARE?
INVESTMENTS
SETTLEMENTS
EFFICIENT TRADING
AUTOMATED AGREEMENTS
SYSTEMS OF RECORD
DISRUPTION OF FIAT CURRENCIES?
27
35. Why is Cyber Security so important?
Primarily to reduce the risk of cyber crime against you, your family and
your workplace
The Internet has become the primary means of communication
Cyberspace is an indispensable component of our work and social
environment
Information and Communication Technology is an integral part of our
lives from the moment we wake up until we go to bed
It makes us more efficient, more connected, and more VULNERABLE!
We have multiple devices with constant internet connectivity. Physical
presence is no longer a requirement for crime
36. • present at the crime scene
• one offence at a time
• high risk/low reward
• local enquiries
• victim reports to Police
Traditional
crime
• not present at the scene
• multiple offences at the same times
• low risk/high rewards
• international enquiries
• victim reputation
Cyber
crime
Old dogs – New tricks
37. SMEs suffer around
7 million cybercrimes
a year
37% of SMEs believe
they are too small to
be of interest to cyber
attackers
You’re
20 times more likely to
be the victim of
cybercrime than you
are to be mugged
60% of SME
employees use the
exact same password
for everything they
access
95% of security
breaches involve
human error
Only 41% of SMEs
have a secure WiFi
router
Cyber crime and SME’s - some shocking stats!
38. Threats & Vulnerabilites - Social Engineering
Social engineering is the act of manipulating
people into performing actions or divulging
confidential information by way of social
interaction
via voice
e-mail
social media
39. Threats & Vulnerabilites - Phishing
• asks via e-mail or websites for sensitive information such as
social security number (SSN), credit card numbers, login IDs
and/or passwords; or
• tries to lure you into clicking a malicious link, downloading a
malicious file, or performing any other malicious activity
Phishing is
when an entity
• Several recent phishing attacks have been directed
specifically at senior executives and other high net worth
individuals
Phishing for
Executives:
Whaling
• Urgent requests for payments made using seemingly
legitimate emails and/or telephone calls
“Friday
afternoon”
attacks
40. Threats & Vulnerabilites - Phishing Defense
If you don’t know the sender and they are asking you to perform an action, e.g. click on a
link, download a file, supply sensitive information…
I G N O R E I T, D E L E T E I T, I N F O R M I T
– Hover over links
– Lookout for requests asking you for an immediate action
– Pay attention to the senders grammar and spelling
– Pay attention to the senders domain name e.g. pkf.com vs pfk.com
– Lookout for messages focused on fear and greed; “account locked”; “free money”
– Be wary of delivery emails “your package has arrived” – don’t use work email for
packages and personal online orders
41. • either call your IT team
• or go to the website directly and login to your account.
• or contact the sender by a different means
If the message is
specific to an
account you have
• do not open e-mail attachments unless you are expecting
the e-mail with the attachment and you trust the sender
• Microsoft Office or Adobe documents can be malicious
• If in doubt, always contact your IT team
Beware of all
attachments
Threats & Vulnerabilites - Phishing Defense
42. Avoid questionable Web
sites
Avoid clicking ads
directly in the web
pages. If a product
interests you, search for
it and go directly to the
vendors website
Avoid clicking links in e-
mails you do not trust
Type in a trusted URL in
the address bar for a
company's site to bypass
links in an e-mail or
instant message
Use antivirus and
antispyware protection
Use a local firewall
Threats & Vulnerabilites - Web Browsing Defense
43. Cyber Extortion is on the
rise (e.g. Wannacry,
Petya)
It’s a big industry
Companies and
individuals are being held
ransom
Holding data hostage.
Data may be encrypted
and made unusable,
placing the company in
limbo
Releasing protected or
personal data. Threats
may be placed to expose
pay details or health
information
There is a ransomware
variant that can place
child pornography on
your system and threaten
to alert the authorities
Threats & Vulnerabilites - Ransomware
45. • Be careful what websites you visit
• Be careful what e-mails you open, links you click, and
attachments you download
• Do not use USB sticks unless you know they are safe
• Ensure Antivirus is active and up to date
• Ensure operating system and third party patches are
up to date and installed on a consistent basis
• Perform frequent backups (If infected you can either
revert to the backup or you may be forced to pay)
The best
defense
against
Ransomware
is to:
Threats & Vulnerabilites - Ransomware Defence
46. • Intercept text messages and forward (specifically as more
providers rely on sending text messages with one time
codes to log in).
• Record phone calls, turn on microphone to record
conversations
• Track GPS location remotely
• Send text messages to premium services increasing fees
• Requests to dial a premium rate number
• Destroy the phone or components
• Data Leak through Bluetooth
What have
attacks
accomplished
so far?
Threats & Vulnerabilites - Mobile Devices Examples
47. Have a password. Don’t rely on the
4 digit pin!
If you connect
to FC for your
email then a
pin/password
will be enforced
– as will the
option for
remote data
wipe
Password
should be a
minimum of 5
characters,
consisting of a
letter, number
and special
character
(!@#$%)
The phone
should lock
after no more
than 15
minutes of
inactivity
Enable iCloud
services (or
alternative) to
remotely lock
and find your
device
Keep your
phones up to
date with
vendor
released
patches.
Specific to
Androids
Do not
download apps
from any
source other
than Google
Play
Privacy
Considerations
- Your phones
can store and
track a lot of
information
about your
movements
and practices
Privacy settings
should always
be reviewed
and enabled as
relevant
Threats & Vulnerabilites - Mobile Devices Defence
48. Top three causes of cyber-attacks
• Easy passwords
• Lack of training
• Accidents
The human factor Out of date systems
• No regular updates
• Patch installation or
mission-critical applications
Gaps in defences
• No authentication
on new devices
• Unsecure WiFi
• Loss of passwords
49. What we are seeing
• insider threat
• social engineering - leading to
scams
• phishing attacks
• CEO spoofing
• ransomware
• viruses
• fraud
• computer service fraud
• grooming
• identity theft
• revenge porn/sextortion
• DDOS attacks
• dating/romance fraud
• bullying
• pension fraud
• hacking
• online extremism/hate
crime
• stalking
51. Common Accounting Software
We have a significant number of clients and
there are many businesses that use one of
the following desktop packages for their
bookkeeping:
• Sage L50
• QuickBooks
• Excel
• Other bespoke software
pkf-francisclark.co.uk
52. pkf-francisclark.co.uk
.
The Future Is Cloud
The advantages of a cloud based system as
opposed to a desktop based system:
• Machine learning – it remembers and makes
suggestions of where transactions should be posted
• No upgrade needed/ support included
• Mitigates risk of hardware failure
• Reduces cost of IT infrastructure
• Access from anywhere at anytime
53. pkf-francisclark.co.uk
.
Efficient Bookkeeping!
Desktop based systems are generally less
efficient these days, these cloud features can
save you time which you can use to focus on your
business:
• Bank feeds – bank rules – machine learning
• Invoice scanning software
• Mobile app
• Dashboards
• Open API – you can connect other apps
54. pkf-francisclark.co.uk
.
There are many cloud based software products in the
market, here are a few that PKF Francis Clark are
Platinum Partners with:
• Xero – Up to £27.50pm + VAT RRP
• QuickBooks Online – Up to £25pm + VAT RRP
• Sage One – Up to £20pm + VAT RRP
• FreeAgent – Up to £29pm + VAT RRP (Free with a
NatWest business account)
• They are not suitable for all businesses so your
requirements should always be scoped out before moving
software package
Cloud Software
55. pkf-francisclark.co.uk
Another reason to bite the bullet and go cloud based:
From April 2019 VAT registered businesses will have to
file their VAT through their software (14 Months away!)
HMRC’s vision is that paper tax returns will be abolished
and digital records will enable taxpayers to update HMRC
frequently on their income position, thus have a ‘real-
time’ idea of their tax liabilities presented to them in their
digital tax account.
The intention is that a taxpayer should not have to tell
HMRC something that HMRC should already know.
Making Tax Digital
56. pkf-francisclark.co.uk
.
If you want to go cloud based you can:
• Move to QuickBooks Online and migrate your current
data into the cloud
• Move to another cloud software i.e. Xero and use
MoveMyBooks to bring your data across.
• Start afresh on new cloud software with just opening
balances, customers, suppliers brought in
If You Currently Use QuickBooks…
57. pkf-francisclark.co.uk
If you want to go cloud based you can:
• Move to Sage One which is their cloud based software, it
is much more basic than Sage L50 but a lot of clients
don’t use Sage L50 to its potential anyway
• Move to another cloud software using MoveMyBooks to
migrate data
If you want to stick with Sage L50 you would be better off
upgrading to Sage 50c which is the same program but it
connects to the cloud using Microsoft 365
NB. If you file VAT through Sage and are on an older
version, you will need to upgrade before 14 February 2018!
If You Currently Use Sage L50…
63. Tomorrow’s World for Accounting here now
Breakfast Briefings: Winter 2017/18 Wrap up: Duncan Leslie, Francis Clark
6th February 2018
64. Next…
Q&A and/ or discussion
• With opportunity for Q&A for presenters
• Discussion
Future presentations
• “EU Funding – Use it or Lose it!” (07/03/2018) –
invite in pack
• “GDPR – are you ready?” (03/04/2018)
• Finance in Cornwall (18/04/18)
• Start Up Cornwall (18/04/18)
pkf-francisclark.co.uk
65. (c) copyright PKF Francis Clark, 2016
You shall not copy, make available, retransmit, reproduce, sell, disseminate, separate, licence, distribute, store electronically, publish, broadcast or otherwise
circulate either within your business or for public or commercial purposes any of (or any part of) these materials and / or any services provided by PKF Francis
Clark in any format whatsoever unless you have obtained prior written consent from PKF Francis Clark to do so and entered into a licence.
To the maximum extent permitted by applicable law PKF Francis Clark excludes all representations, warranties and conditions (including, without limitation,
the conditions implied by law) in respect of these materials and /or any services provided by PKF Francis Clark.
These materials and /or any services provided by PKF Francis Clark are designed solely for the benefit of delegates of PKF Francis Clark.
The content of these materials and / or any services provided by PKF Francis Clark does not constitute advice and whilst PKF Francis Clark endeavours to
ensure that the materials and / or any services provided by PKF Francis Clark are correct, we do not warrant the completeness or accuracy of the materials
and /or any services provided by PKF Francis Clark; nor do we commit to ensuring that these materials and / or any services provided by PKF Francis Clark
are up-to-date or error or omission-free.
Where indicated, these materials are subject to Crown copyright protection. Re-use of any such Crown copyright-protected material is subject to current law
and related regulations on the re-use of Crown copyright extracts in England and Wales.
These materials and / or any services provided by PKF Francis Clark are subject to our terms and conditions of business as amended from time to time, a
copy of which is available on request.
Our liability is limited and to the maximum extent permitted under applicable law PKF Francis Clark will not be liable for any direct, indirect or consequential
loss or damage arising in connection with these materials and / or any services provided by PKF Francis Clark, whether arising in tort, contract, or otherwise,
including, without limitation, any loss of profit, contracts, business, goodwill, data, income or revenue. Please note however, that our liability for fraud, for
death or personal injury caused by our negligence, or for any other liability is not excluded or limited.
PKF Francis Clark is a trading name of Francis Clark LLP. Francis Clark LLP is a limited liability partnership, registered in England and Wales with registered
number OC349116. The registered office is Sigma House, Oak View Close, Edginswell Park, Torquay TQ2 7FF where a list of members is available for
inspection and at www.pkf-francisclark.co.uk. The term ‘Partner’ is used to refer to a member of Francis Clark LLP or to an employee. Registered to carry on
audit work in the UK and Ireland, regulated for a range of investment business activities and licensed to carry out reserved legal activity of non-contentious
probate in England and Wales by the Institute of Chartered Accountants in England and Wales. Partners acting as insolvency practitioners are licensed in the
UK by the Institute of Chartered Accountants in England and Wales. A partner appointed as Administrator or Administrative Receiver acts only as agent of the
insolvent entity and without personal liability. Francis Clark LLP is a member firm of the PKF International Limited network of legally independent firms and
does not accept responsibility or liability for the actions or inactions on the part of any other individual member firm or firms.
Disclaimer & copyright
pkf-francisclark.co.uk
Notes de l'éditeur
Ask the audience
Concentrate on the ubiquity and physical presence aspects
Emphasis on the sadness of the Human Nature Image
Friday afternoon Urban myth: The grateful MD to the FD
“Have a nice day”
Don’t hold to the idealised version of the young schoolboy in his bedroom playing pranks on the rest of the world - these people are organised criminals
Up and running from scratch in 60 minutes
We had a small infection – luckily we spotted it quickly and backup saved us.
That’s what we mean about, as well as our biggest threat, “you” are also our best defence – if you spot something acting odd – let IT know!