SlideShare a Scribd company logo

The Unseen Enemy - Protecting the Brand, the Assets and the Customers

BDO_Consulting
BDO_Consulting

Michael Barba and Jeff Hall discuss the most pressing cyber-threats facing retailers and what companies can do in the event of a cyber breach, data loss or claim. Mr. Barba is a managing director and Mr. Hall is a senior manager with BDO Consulting.

1 of 18
Download to read offline
THE UNSEEN ENEMY PROTECTING THE BRAND, THE ASSETS AND THE CUSTOMERS
Technology – Connecting the world…  9 billon connected devices predicted to rise to 24 billion by 2020  If Facebook were a country, it would be the 3rd largest in the world  Facebook kicks off over 1000 users per day because they are too young  In 2011, more video was uploaded to YouTube in a two month time period than if ABC, CBS, and NBC had been airing new content 24/7/365 since: 1948 Page 2
In the News Page 3
Recent Studies  2013 Trustwave Global Security Report • Retail industry made up 45% of data breach investigations studied (15% increase from 2011) • E-commerce sites were #1 targeted asset, accounting for 48% of all investigations  Symantec • Cumulative bill for cyber crimes in 24 countries totaled $388 billion last year • 431 million adults experienced some form of cyber crime last year, equating to nearly 1.2 million people per day or 14 per second Page 4
Why Should Retailers Be Concerned?  Retail industry is now the top target for cybercriminals  Annual U.S. retail e-commerce spending has surged 143% since 2004 to $161.52 billion last year. In fact, a report from IRMG indicates that internet/mobile shopping increased 15% in 2013.  Early estimates indicate that 20% of the upcoming holiday sales will be online  E-commerce attacks are emerging as a growing trend, surpassing the amount of point-of-sale attacks  Financial cost of a cyber attack is higher for businesses that sell products on the front-end, such as retailers  The SEC is pushing to require that companies disclose data breaches in their financial statements Page 5
What Must Retailers Protect? Page 6 Credit card information Private employee data Intellectual Property Customer Information Reputation and good will Confidential business information
How Breaches Occur Criminal Act by Outsider Vendor Error Human Error Page 7 Technology Failure Employee Misconduct
Case Studies Resource: Retail Fail: Walmart, Target Fared Worst In Def Con Social Engineering Contest Page 8
What are the options for handling the risk? Retain Allocate Transfer Page 9 Keep the risk within the organization Involve counsel to shift risk to suppliers and business partners Transfer the risk to another entity
Types of Insurable Risks Third Party Page 10 First Party
Costs  Types • Hard • Soft • Time  Retail companies see much more significant costs around cyber attacks  According to Neustar’s May 2012 report: • 65% of businesses said a site outage would cost them up to $10,000 an hour • 21% said it would cost $50,000/hour • 13% would lose $100,000/hour Page 11
What Do You Know About Your Data?  Location • Cloud • Physical environment • Is your data co-located?  Service Level Agreements • Breach notification  Law enforcement considerations need to be considered and addressed: • Requests to maintain secrecy or limit knowledge • Maintaining control of the investigation  Communications with insurers presumably are not privileged Page 12
Actions Following a Breach Functional Steps Deploy Preserve Identify Notify DEPLOY AN INCIDENT RESPONSE TEAM PRESERVE SYSTEM LOGS  IT Director  CIO  Human Resources  Legal  Internal or external security experts  Date, time, duration, and location of Page 13 breach
Actions Following a Breach (Continued) Functional Steps Deploy Preserve Identify IDENTIFY THE FOLLOWING NOTIFY  How was the breach discovered?  By whom?  Any additional details: • Entry and exit points • Compromised systems • Data deleted vs. modified vs.  Public relations  Insurance carrier viewed  Identify and understand details of the affected data Page 14 Notify
Insurance Recovery Considerations in the Face of a Security Breach or Data Loss or Claim  Timely notice of claim (claims made and reported?)  Involvement of counsel (internal & external) to review how coverage may respond. Consent to incur prudent or necessary expenses may be required: • Costs of crisis stage or legal compliance such as breach notification, credit monitoring, call center, forensics are vast majority of the expense on per record figures ($194 /record) • Defense expenses (private claims, regulatory claims)  Communications with insurers presumably are not privileged  “Labeling” of first party costs/categorization Page 15
Who Provides Services Around Cyber Risk? Preventative/ Proactive Assessment Technology/ Data Analytics Legal Page 16 Data Hosting/ Monitoring Forensic Accounting Public Relations
CONTACT Michael Barba, CISSP, CPP, DFCP, CNE, EnCE Managing Director, BDO USA, LLP mbarba@bdo.com 212-885-8120 Jeff Hall Senior Manager, BDO USA, LLP jhall@bdo.com 212-885-7339 Page 17
BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 40 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multinational clients through a global network of 1,204 offices in 138 countries. BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. www.bdo.com To ensure compliance with Treasury Department regulations, we wish to inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding tax-related penalties under the Internal Revenue Code or applicable state or local tax or (ii) promoting, marketing or recommending to another party any tax-related matters addressed herein. Material discussed in this publication is meant to provide general information and should not be acted on without professional advice tailored to your individual needs. © 2013 BDO USA, LLP. All rights reserved. www.bdo.com Page 18

Recommended

George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
EamonnORagh
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020
Shufti Pro
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
IJSRED
 
3 ways to respond to a records request
3 ways to respond to a records request3 ways to respond to a records request
3 ways to respond to a records request
Smarsh
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk management
Grant Thornton LLP
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial Services
Echoworx
 

Recommended

George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
EamonnORagh
 
Global Identity Fraud Report 2020
Global Identity Fraud Report 2020Global Identity Fraud Report 2020
Global Identity Fraud Report 2020
Shufti Pro
 
Accounting
AccountingAccounting
Accountingjerryrabin
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
IJSRED
 
3 ways to respond to a records request
3 ways to respond to a records request3 ways to respond to a records request
3 ways to respond to a records request
Smarsh
 
Chief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk managementChief Audit Execs speak out: Cybersecurity & risk management
Chief Audit Execs speak out: Cybersecurity & risk management
Grant Thornton LLP
 
Solving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial ServicesSolving the Encryption Conundrum in Financial Services
Solving the Encryption Conundrum in Financial Services
Echoworx
 
Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Aspiration Software LLC
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paper
spencerharry
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015
Smarsh
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment banking
Smarsh
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
tomciolkosz
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wright
Paul Wright MSc
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
Shawn Tuma
 
Ppt by
Ppt by Ppt by
Ppt by hilalmir
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
William Gamble
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptom
mercatoradvisory
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your Company
IAB Canada
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityPaul Ferrillo
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Money 2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News Screening
TransparINT, LLC
 
Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPMonica Klunk
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market Monitor
BDO Spain
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta dirección
BDO Spain
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websites
TrueLime
 

More Related Content

What's hot

Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Aspiration Software LLC
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paper
spencerharry
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015
Smarsh
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment banking
Smarsh
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
tomciolkosz
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wright
Paul Wright MSc
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
Shawn Tuma
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
William Gamble
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptom
mercatoradvisory
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your Company
IAB Canada
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityPaul Ferrillo
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilityDFickett
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Money 2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News Screening
TransparINT, LLC
 

What's hot (18)

Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...Smarsh social media trends, insights, and best practices from 2015 compliance...
Smarsh social media trends, insights, and best practices from 2015 compliance...
 
Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)Law_Firm_Info_Security_Report_June2011 (1)
Law_Firm_Info_Security_Report_June2011 (1)
 
Data Breach White Paper
Data Breach White PaperData Breach White Paper
Data Breach White Paper
 
FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015FINRA's Record-Breaking Sanctions of 2015
FINRA's Record-Breaking Sanctions of 2015
 
Smarsh social media in investment banking
Smarsh social media in investment bankingSmarsh social media in investment banking
Smarsh social media in investment banking
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
 
Article global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wrightArticle global it systems are now even more vulnerable - paul wright
Article global it systems are now even more vulnerable - paul wright
 
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud SummitThe Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
The Legal Side of Data Breach and Third Party Risk - IIA 9th Annual Fraud Summit
 
Ppt by
Ppt by Ppt by
Ppt by
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
The Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a SymptomThe Enemy at the Gates: Payments Fraud Is a Symptom
The Enemy at the Gates: Payments Fraud Is a Symptom
 
Emerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your CompanyEmerging Privacy Themes That Will Impact Your Company
Emerging Privacy Themes That Will Impact Your Company
 
employee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurityemployee-awareness-and-training-the-holy-grail-of-cybersecurity
employee-awareness-and-training-the-holy-grail-of-cybersecurity
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
 
Sept 2012 data security & cyber liability
Sept 2012 data security & cyber liabilitySept 2012 data security & cyber liability
Sept 2012 data security & cyber liability
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
 
Effective Negative News Screening
Effective Negative News ScreeningEffective Negative News Screening
Effective Negative News Screening
 

Viewers also liked

Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPMonica Klunk
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market Monitor
BDO Spain
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta dirección
BDO Spain
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websites
TrueLime
 
BDO showcase
BDO showcase BDO showcase
BDO showcase
TrueLime
 
BDO Forensic Services
BDO Forensic ServicesBDO Forensic Services
BDO Forensic Services
BDO Indonesia
 
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
BDO IT Solutions
 
How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016
BDO IT Solutions
 

Viewers also liked (8)

Forensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLPForensic Technology Services-BDO USA, LLP
Forensic Technology Services-BDO USA, LLP
 
BDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market MonitorBDO Global Energy Middle Market Monitor
BDO Global Energy Middle Market Monitor
 
Informe de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta direcciónInforme de BDO sobre Consejeros y Alta dirección
Informe de BDO sobre Consejeros y Alta dirección
 
Showcase BDO global websites
Showcase BDO global websitesShowcase BDO global websites
Showcase BDO global websites
 
BDO showcase
BDO showcase BDO showcase
BDO showcase
 
BDO Forensic Services
BDO Forensic ServicesBDO Forensic Services
BDO Forensic Services
 
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
CRM Integration Options–Scribe, SmartConnect, Microsoft Connector. What's the...
 
How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016How to Manage Scope Change in Your Next Project | BDO Connections 2016
How to Manage Scope Change in Your Next Project | BDO Connections 2016
 

Similar to The Unseen Enemy - Protecting the Brand, the Assets and the Customers

Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Financial Poise
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
Next Dimension Inc.
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
HNI Risk Services
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
Sandra Fathi
 
Construction Cyber Risks
Construction Cyber RisksConstruction Cyber Risks
Construction Cyber Risks
Graeme Cross
 
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
Elizabeth Dimit
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1
Michael C. Keeling, Esq.
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...James Fisher
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
Piwik PRO
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Financial Poise
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
Grant Thornton LLP
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Financial Poise
 
The Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdfThe Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdf
BreachSiren
 
Privacy Issues in Networked Economy
Privacy Issues in Networked EconomyPrivacy Issues in Networked Economy
Privacy Issues in Networked Economy
Sonia Kaul Takoo
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
Financial Poise
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Financial Poise
 
Top Fraud Events & Scandals in The Payment Industry
Top Fraud Events & Scandals in The Payment IndustryTop Fraud Events & Scandals in The Payment Industry
Top Fraud Events & Scandals in The Payment Industry
itio Innovex Pvt Ltv
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
cliff_rudolph
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industryNumaan Huq
 

Similar to The Unseen Enemy - Protecting the Brand, the Assets and the Customers (20)

Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
 
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
 
Cyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation IndustryCyber Risks Looming in the Transportation Industry
Cyber Risks Looming in the Transportation Industry
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
Construction Cyber Risks
Construction Cyber RisksConstruction Cyber Risks
Construction Cyber Risks
 
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
The Digital Identity Network -- A Holistic Approach to Managing Risk in a Glo...
 
Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1Cloud security law cyber insurance issues phx 2015 06 19 v1
Cloud security law cyber insurance issues phx 2015 06 19 v1
 
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Bootcamp)
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
 
The Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdfThe Ugly Secret about Third Party Risk Management.pdf
The Ugly Secret about Third Party Risk Management.pdf
 
Privacy Issues in Networked Economy
Privacy Issues in Networked EconomyPrivacy Issues in Networked Economy
Privacy Issues in Networked Economy
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
 
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
 
Top Fraud Events & Scandals in The Payment Industry
Top Fraud Events & Scandals in The Payment IndustryTop Fraud Events & Scandals in The Payment Industry
Top Fraud Events & Scandals in The Payment Industry
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
wp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industrywp-analyzing-breaches-by-industry
wp-analyzing-breaches-by-industry
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 

Recently uploaded

Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
Cynthia Clay
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
Naaraayani Minerals Pvt.Ltd
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
tanyjahb
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
tjcomstrang
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
BBPMedia1
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
RajPriye
 
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop.com LTD
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
marketingjdass
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
taqyed
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
awaisafdar
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
NathanBaughman3
 
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Arihant Webtech Pvt. Ltd
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdf
Henry Tapper
 

Recently uploaded (20)

Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
 
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Project File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdfProject File Report BBA 6th semester.pdf
Project File Report BBA 6th semester.pdf
 
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Skye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto AirportSkye Residences | Extended Stay Residences Near Toronto Airport
Skye Residences | Extended Stay Residences Near Toronto Airport
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
 
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdf
 

The Unseen Enemy - Protecting the Brand, the Assets and the Customers

  • 1. THE UNSEEN ENEMY PROTECTING THE BRAND, THE ASSETS AND THE CUSTOMERS
  • 2. Technology – Connecting the world…  9 billon connected devices predicted to rise to 24 billion by 2020  If Facebook were a country, it would be the 3rd largest in the world  Facebook kicks off over 1000 users per day because they are too young  In 2011, more video was uploaded to YouTube in a two month time period than if ABC, CBS, and NBC had been airing new content 24/7/365 since: 1948 Page 2
  • 4. Recent Studies  2013 Trustwave Global Security Report • Retail industry made up 45% of data breach investigations studied (15% increase from 2011) • E-commerce sites were #1 targeted asset, accounting for 48% of all investigations  Symantec • Cumulative bill for cyber crimes in 24 countries totaled $388 billion last year • 431 million adults experienced some form of cyber crime last year, equating to nearly 1.2 million people per day or 14 per second Page 4
  • 5. Why Should Retailers Be Concerned?  Retail industry is now the top target for cybercriminals  Annual U.S. retail e-commerce spending has surged 143% since 2004 to $161.52 billion last year. In fact, a report from IRMG indicates that internet/mobile shopping increased 15% in 2013.  Early estimates indicate that 20% of the upcoming holiday sales will be online  E-commerce attacks are emerging as a growing trend, surpassing the amount of point-of-sale attacks  Financial cost of a cyber attack is higher for businesses that sell products on the front-end, such as retailers  The SEC is pushing to require that companies disclose data breaches in their financial statements Page 5
  • 6. What Must Retailers Protect? Page 6 Credit card information Private employee data Intellectual Property Customer Information Reputation and good will Confidential business information
  • 7. How Breaches Occur Criminal Act by Outsider Vendor Error Human Error Page 7 Technology Failure Employee Misconduct
  • 8. Case Studies Resource: Retail Fail: Walmart, Target Fared Worst In Def Con Social Engineering Contest Page 8
  • 9. What are the options for handling the risk? Retain Allocate Transfer Page 9 Keep the risk within the organization Involve counsel to shift risk to suppliers and business partners Transfer the risk to another entity
  • 10. Types of Insurable Risks Third Party Page 10 First Party
  • 11. Costs  Types • Hard • Soft • Time  Retail companies see much more significant costs around cyber attacks  According to Neustar’s May 2012 report: • 65% of businesses said a site outage would cost them up to $10,000 an hour • 21% said it would cost $50,000/hour • 13% would lose $100,000/hour Page 11
  • 12. What Do You Know About Your Data?  Location • Cloud • Physical environment • Is your data co-located?  Service Level Agreements • Breach notification  Law enforcement considerations need to be considered and addressed: • Requests to maintain secrecy or limit knowledge • Maintaining control of the investigation  Communications with insurers presumably are not privileged Page 12
  • 13. Actions Following a Breach Functional Steps Deploy Preserve Identify Notify DEPLOY AN INCIDENT RESPONSE TEAM PRESERVE SYSTEM LOGS  IT Director  CIO  Human Resources  Legal  Internal or external security experts  Date, time, duration, and location of Page 13 breach
  • 14. Actions Following a Breach (Continued) Functional Steps Deploy Preserve Identify IDENTIFY THE FOLLOWING NOTIFY  How was the breach discovered?  By whom?  Any additional details: • Entry and exit points • Compromised systems • Data deleted vs. modified vs.  Public relations  Insurance carrier viewed  Identify and understand details of the affected data Page 14 Notify
  • 15. Insurance Recovery Considerations in the Face of a Security Breach or Data Loss or Claim  Timely notice of claim (claims made and reported?)  Involvement of counsel (internal & external) to review how coverage may respond. Consent to incur prudent or necessary expenses may be required: • Costs of crisis stage or legal compliance such as breach notification, credit monitoring, call center, forensics are vast majority of the expense on per record figures ($194 /record) • Defense expenses (private claims, regulatory claims)  Communications with insurers presumably are not privileged  “Labeling” of first party costs/categorization Page 15
  • 16. Who Provides Services Around Cyber Risk? Preventative/ Proactive Assessment Technology/ Data Analytics Legal Page 16 Data Hosting/ Monitoring Forensic Accounting Public Relations
  • 17. CONTACT Michael Barba, CISSP, CPP, DFCP, CNE, EnCE Managing Director, BDO USA, LLP mbarba@bdo.com 212-885-8120 Jeff Hall Senior Manager, BDO USA, LLP jhall@bdo.com 212-885-7339 Page 17
  • 18. BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 40 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multinational clients through a global network of 1,204 offices in 138 countries. BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. www.bdo.com To ensure compliance with Treasury Department regulations, we wish to inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding tax-related penalties under the Internal Revenue Code or applicable state or local tax or (ii) promoting, marketing or recommending to another party any tax-related matters addressed herein. Material discussed in this publication is meant to provide general information and should not be acted on without professional advice tailored to your individual needs. © 2013 BDO USA, LLP. All rights reserved. www.bdo.com Page 18