News from Your Accounting Association
CPAmerica Advantage How to grow a niche: An interview with Lauren Joyce,
March 2017
partner at HPG and head of their Equity Solutions Team
This month we focus on the topic of business develop ment; developing a niche can be an organic way to generate new or additional revenue for your firm. CPAmerica member firms know this – we spoke to Lauren Joyce, partner with
in Raleigh, N.C., who manages HPG’s Equity Solutions Team about the process of building her niche. We asked Joyce about the Equity Solutions Team and how it came about. Her background is as an auditor and she said that she is still in transition when it comes to the team. “I still have my own audit clients and I am also the director of audit services here [at HPG]. It’s been more of just an expansion [of what I already do]. I’ve always sort of liked trying new things; I tend to get involved quickly and want to figure things out and this was an opportunity that really inspired me.” HPG is mainly centered around technology, biopharmaceuticals, and start-ups. Joyce said, “Back in 2006, when FAS 123R came out, stock options were a huge incentive for these companies and it became a real issue for our clients. They are difficult to track, the guidance is not always clear, and many people are using Excel to come up with the cal-
culations and disclosures. It was just cumbersome and prone to errors, so, over the years, we tried to come up with other solutions. We started looking at online databases that help with administration and we found a number of them, vetted them and figured out that we could actually partner with some of these groups to provide software [solutions] to our clients, and by bundling it under HPG and parceling it out to our clients, we could provide this set [very cost-efficiently for our clients].” She added, “To do the work and the administration, it tends to be a year-round process and I really needed a team that had the ability to [quickly respond to our clients]. Out of that we developed a team that has been trained on the software, standards, and awards so that they can help our clients.”
BOD visits Gainesville P. 2 Member News P. 3 From Member Services P. 4
CPAmerica's association services spotlight:
CPAmerica's RISE Inclusion Initiative quarterly sharing call is scheduled for March 9 at 4:00 p.m. ET. Participants will discuss successes and challenges found while utilizing this program and firms interested in enrolling can learn about the benefits of the RISE Inclusion Initiative.
For some time, the team consisted of only Joyce and as the amount of clients using this service increased, For more info, go to: https:// more staff was added. "Forming the tinyurl.com/gwtuoh3 team gave some different opportunities to people who enjoy the more technical aspect of the
Cybersecurity: Is Your Firm Under a Hack Attack?
See Niche, continued on page 2
This is part two of a two-part technology update article written by Randy Johnston CEO of Network Management Group, Inc.
What Are the Elements of a Cyberattack? We need to consider several factors that cyberattackers exploit, as well as understand what has to be protected to improve our cybersecurity. First, we have to protect our endpoints. These are frequently the target of the attack and include individual PCs, servers, networks or cloud providers. The purpose of this type of attack is
to control, corrupt, or disable the endpoint. Attackers are looking for vulnerabilities, or the weakness that permits endpoints to be penetrated. Vulnerabilities include: software flaws, system design weaknesses, insecure configurations, and human errors. Attackers use malware (malicious software); there are many different types of malware and attacks often involve more than one strategy. Finally, the method of execution (MoE) is the means by which attackers get the resources necessary (e.g., access, processing time, data) to execute an attack.
that was e-mailed to the user embedded in a file or accessible via a weblink. The malware program installs itself and then connects to a server run by the perpetrators which gives the ransomware a public key. This key is used to encrypt all Office files, database applications, pictures, etc., on a computer. Once data is encrypted, users are presented with an ultimatum and must pay within 72 hours or the private key (needed to unscramble the files) will be destroyed. A recent IBM study concluded that 70 percent of all businesses that have been infected have paid the ransom. Variants have been infecting Remote Data Services Common types of malware include: ran- (RDS/Terminal Servers) and/or Citrix servers somware, depositors, backdoors, credential in public and private cloud installations. stealers, viruses, worms, and vandalizers. For example, types of ransomware such as Numerous CPA firms, healthcare entities, CryptoLocker, CryptoWall and Locky are businesses and government agencies have designed to hold data hostage and have fallen victim to CryptoLocker. The ransoms been very active from late 2013 to the present. demanded range from $300 to $18,000. Users Typically, a user opens a program on a local PC must pay in bitcoin or by anonymous wire See Cybersecurity, continued on page 2