A A A

EisnerAmper Blog

Technology and Life Sciences Blog

A Cyber Security Breach Can Happen to Any Size Company, At Any Time

 Permanent link

December 12, 2014
By Marc Fogarty, CPA, CFE

Fogarty,MarcIt is a misconception that if your company or organization doesn’t store financial information, then you aren’t at risk for a cyber-attack. The recent Sony Pictures data breach clearly shows that this is not the case. The fallout from this scandal will be different than a financial security breach like the ones that happened this year with Target and Home Depot.
 
With a financial security breach, customer data is exposed and can be used for identify theft or credit card fraud. What makes this situation unique is the type of data that was exposed and the reputational and possible legal implications from this exposure.

Here is the crux of what's in the news: It was originally postulated that the Sony cyber-attack occurred due to a disgruntled employee. Later, the attack was attributed to sympathizers with the North Korean government. The group claimed to be protesting the contents of a specific film which showed an assassination attempt on the North Korean dictator, Kim Jong Un. A separate online posting threatened physical attacks on theaters that show the film, which were credible enough to be considered a threat by homeland security and caused Sony to cancel the film's release.

Regardless of who committed the offense, companies of all sizes are at risk from a malicious attack that may have nothing to do with money. The Sony data breach exposed sensitive data such as internal and external communications, employee social security numbers, birth dates, health records and salaries.
 
It is one thing to expose customer's financial information, but quite another to expose sensitive data and the private communications of employees upon whom the company relies. A privacy breach may make employees feel a lack of care and respect for their personal information, and the feeling that their employer betrayed them. Reputational problems aside, there are also legal implications to the data that was exposed. In mid-December, it was announced that two former employees are suing Sony over privacy issues related to the data breach. This could have much more serious consequences since, in the state of California, it is a company’s legal responsibility to secure employee medical information.  If that isn’t bad enough, Sony is also an international company and could face legal ramifications in other regions like Europe, which have their own version of data protection laws.

Internal and external company communications were also exposed that involved business partners, celebrities and others. These leaked emails and correspondence could consequently cause physical, reputation or financial damage to those third parties, who could then have a possible legal claim.

In the end, it is highly probable that Sony Pictures will survive this fiasco and return to business as usual because of their size and financial resources. Their defense is also bolstered by the U.S. government, who wants to pursue the attackers, since the breach accompanied a terrorist threat to theaters and an attack on Sony's ‘freedom of speech’ rights to make the movie.  But it begs the question: What would happen to a small or mid-size company under similar circumstances? Could they survive the fallout from such a serious data breach?

If you think your company’s data isn’t at risk, think again. Every company has internal and external emails and records that contain confidential information and sensitive employee information such as addresses, social security numbers, dates of birth, performance reviews, salaries, resignation letters and more. The Sony data breach is a wakeup call for all companies to re-examine their cyber risk and take appropriate measures to minimize that risk as much as possible.

Holiday Shopping Stats Show Clear Internet Trend

 Permanent link

December 10, 2014

Fogarty,MarcBy Marc Fogarty, CPA, CFE

As the economic statistics for Black Friday and Cyber Monday came in, there was a wide range of opinion on its success depending on which news channel you paid attention to. Despite a prediction of growth in holiday shopping, the National Retail Federation's preliminary retail report quoted an 11% drop in sales; however, they still predict an increase in overall sales for the holiday season.

A major factor that may have affected the holiday economic reports was that many retailers offered discounts days and weeks before the Thanksgiving weekend. Many shoppers may have started shopping earlier, so Thanksgiving and Black Friday specific sales results may have been diluted.

Regardless, there are several favorable economic indicators for this holiday season: 

  • The Consumer Electronics Association reported 45% of shoppers bought electronics which was an increase over the past 3 years. 
  • Target reported that Thanksgiving was the best online shopping day ever.
  • Wal-Mart reported Thanksgiving as its second highest ever. 
  • According to ComScore, there was an increase of over 25% in online sales on both Thanksgiving Day and Black Friday. 
  • IBM reported an online sales increase of a little over 14% on Thanksgiving and an almost 10% on Black Friday when compared to the numbers from last year.

These statistics, as well as commentary from several analysts, seem to support a significant shift toward online shopping, and a decline in in-store traffic.

Without even looking at the Cyber Monday economic stats, it is apparent this year that online shopping is seeing a sharper incline in the percentage of holiday sales business. This reinforces the premise that, more than ever, retailers need a strong Internet sales presence to compete in our ever-increasingly technology-driven world.

A Boom in Technology Public Company Spin Offs – Will Investors Get Dizzy?

 Permanent link
December 8, 2015

Fogarty,MarcBy Marc Fogarty, CPA, CFE

A new trend popping up in public companies is the spinning off of their technology products to become two publicly traded companies. Within a short period of time this fall, eBay announced a spin-off of PayPal, Symantec publicized a planned split of their security and information divisions and Hewlett-Packard announced a spin-off of its personal computer and printer business.

So what’s up with all the breakups, and is breaking up a good thing? With technology changing so rapidly and divisions within a business wishing to pursue their own direction, from my perspective, this seems to be a natural progression.

By spinning off and becoming two distinct companies, leaders of each part of the original company now have the flexibility to better compete within their specific market and each have the ability to show individual profit to further their appeal to investors. From an investor perspective, someone might like the idea of just buying stock in the one part of a company that seems to be doing better than the other, or they may have more confidence in that technology sector as a whole.

For example, PayPal’s IPO was in 2002, and they were acquired by eBay soon after. At the time, the two products worked hand-in-hand, and it may have been a good business move to have both companies under one umbrella. Now, as the technology landscape has continued to quickly evolve, they could be worth more apart than together. PayPal as a separate publicly traded company could possibly compete with Apple’s new ApplePay product. This might give PayPal the ability to raise capital specifically for them which could make them more agile in maneuvering the digital payments market.

Only time will tell if breaking up is a good thing. In the meantime, it will give some publicity to the tech companies and should give investors plenty to consider.

ApplePay vs. Competitor CurrentC – What it Means for Consumers

 Permanent link

November 25, 2014

By Marc Fogarty, CPA, CFE

Fogarty,MarcApplePay made its debut at the end of October and has encountered its first interesting obstacle. Rite Aid and CVS blocked ApplePay from working in their stores. Why? Speculation is that they are in favor of a competing system (CurrentC) that hasn’t yet been released. It is being developed by a merchant consortium known as Merchant Customer Exchange, to which Rite Aid and CVS belong.

The heart of this conflict actually runs much deeper than what it appears on the surface. ApplePay doesn’t track consumer behavior – that is their selling feature to the consumer. The possible future competitor that CVS and Rite Aid support wants to do the opposite. Their selling feature is to the retailer who wants to track consumer behavior so they can better market to their target audience. If retailers choose one payment method over the other for their own purposes, then it wouldn’t matter what the consumer wants. The consumer’s only recourse would be to stop patronizing stores that accept a payment source application that tracks their behavior. (or pay cash?)

What seems like a quick win for retailers could hurt them in the long run if it lowers consumer confidence. For example, if a town increases their rate for parking meters, some customers may decide to shop elsewhere because it’s easier and/or more affordable. Retailers dissatisfied with the decrease in the amount of traffic to their stores may decide to petition a change to get the parking meter rates reduced. This is a clear example of how a proactive reaction in consumer behavior can set change in motion, especially if it is supported by the retailers on a local level.

In the case of ApplePay, the outcome is not quite as clear. Consumers might go to the stores that they are near, or that fit into their schedule, rather than worrying about privacy concerns. Plus, there is the possibility that CurrentC will have the added advantage of loyalty rewards and discounts to shoppers going to the retailers they support. This is clearly the case with current shopper club cards that consumers have used for many years to get store discounts. Even though they know their behavior is being tracked, they are enticed by the discount in exchange.

To Apple’s advantage, they have solved a lot of issues that prior payment systems have had such as ease of use and security.  People speaking against CurrentC say it is more difficult to use than ApplePay and does not require a user to unlock their phone to use it, which could be a security disadvantage.

CurrentC will not be available until 2015. In the meantime, ApplePay has time to gain a little ground.

COSO Update

 Permanent link

November 21, 2014

By Marc Fogarty, CPA, CFE

Fogarty,MarcOn May 14, 2013, COSO issued an updated Internal Control-Integrated Framework (Framework) and related illustrative documents. The update replaced COSO's original Framework, which was published in 1992.  When it was issued, the COSO Board believed that the continued use of the original Framework during the transition period of May 14, 2013 to December 15, 2014 was appropriate. However, for external reporting subsequent to December 15, 2014, the COSO Board believes the old 1992 framework will be considered superseded and therefore no longer available. 
 

Because the 1992 framework will be superseded prior to the calendar year-end for most public clients, auditors and audit committees should ask public registrants whether they have implemented the new 2013 framework and discuss with them any changes that may result from the update.   Although the 1992 framework will be technically superseded by December 14, 2014, the SEC has not officially stated that 2013 COSO is the only acceptable framework for 404(a) purposes for annual filings after that date.  Given this, and related SEC comments on the subject, it is our belief that registrants should defend why there are still using the superseded 1992 COSO methodology for the current year-end (December 31, 2014).  Additionally, for accelerated and large accelerated filers, both the management and the auditors’ reports should indicate the framework utilized.

A Shift in Perception Could Bring Capital Flooding Back to Science Companies

 Permanent link

November 19, 2015

 

By: Marc Fogarty, CPA, CFE


Fogarty,MarcMarket psychology can turn quickly with major headlines, and the Ebola epidemic’s effect on the stock market is no exception. With the Ebola outbreak unfortunately progressing, the stock market is seeing negative fluctuations in areas such as travel; but some life sciences companies are seeing a benefit that is helping to raise capital.

For example, Tekmira Pharmaceuticals, which made headlines with their Ebola drug, saw a share increase of 200% this year. Lakeland Industries, a company that makes Hazmat suits, has seen an increase of almost 300%. Inovio Pharmaceuticals’ shares saw an increase after the company announced collaboration with GeneOne Life Science in the development of a DNA-based Ebola vaccine that, based on pre-clinical studies, might not only work as a preventative but as a treatment for multiple strains of the virus.

But what about science and technology companies that are not developing Ebola drugs? The good news is that venture capitalists are starting to have renewed interest in science companies, including a wide range of technologies. For example, Google announced the intent to buy Lift Labs, a biotechnology start-up that makes a high-tech spoon for people with hand tremors.  John Sorenson, a chief executive at Vestaron, makers of an eco-friendly pesticide, was quoted as saying, “Thankfully, venture funders are starting to invest again in real, hard-core science and innovation.”  In fact, investment in biotechnology start-ups saw a 26% increase in the first half of 2014 and is on a trajectory to exceed the peak experienced in 2008.

While investment in non-concrete products like Twitter, Facebook and Uber may be appealing in a tech-feverish stock market, there is something to be said for true innovation in the tangible goods markets. A quote from Adam Draper, the chief executive and founder of Boost VC, sums it up. “I’m just so interested in anything that gets me closer to an Iron Man suit.... V.C. funding is supposed to be about funding what comes next.”
 

 

The Google Product Pipeline -- An Example of Where to Go After the IPO

 Permanent link

November 5, 2014

By Marc Fogarty, CPA, CFE

Fogarty,MarcContinuing to produce new, innovative products that are in public demand is a great way to retain or attract investors. We recently covered Apple's latest product offerings and the impact on investor confidence. But, as I was using another company's products the other day, it occurred to me they are equally shaping the future. The company I am talking about is Google.

Most people know the search engine giant’s brand name so well that it has become a household verb: when someone needs an answer to a question, they 'Google' it. But the company is more than just a search engine and a company that sells ads. They are also innovators and masters of marketing new technologies.

Since their IPO, which raised $1.2 billion in 2004, Google has continually added products and services (such as Google Nexus cell phones and tablets and Chromecast television service) to diversify the company into the behemoth it is today. Some of their most newsworthy products are Google Glass and the Google Self-Driving Car. It's uncertain whether both of these products will become firmly entrenched in future society, but the company also has a knack for bringing us "products" that many people now take for granted. I'm talking about Google search, Google Maps, Gmail, YouTube and Chrome. These web-based services are all embedded into our everyday lives, and one of the most notable things about them is that they are all free.
 

The past ten years as a public company on the NASDAQ exchange has shown significant stock growth for Google. Despite a dip in stock price during the 2008 recession, Google has shown a steady incline from its opening price of a little over $53 a share in 2004 to its current price of over $591 a share. Google's product development pipeline has continued to stimulate investor confidence and in return that has helped Google continue to create the products many of us rely on every day.

EisnerAmper is an independent member of PKF North America.
PKF North America is an independent member of PKF International.