We are making sure our government integrates intelligence to combat Cyber Threats just as we have done to combat terrorism. Tonight, i urge this congress to finally pass the legislation we need to better meet the evolving threat of cyberattacks, combat identity theft, and protect our childrens information. That should be a bipartisan effort. But will Companies Support the legislation which mandates the sharing of information between businesses and the n. S. A. . Talk about a guy who has worked both in Law Enforcement and in big business, chad fulgham chief Strategy Officer of tanium and a former c. I. O. Of the f. B. I. He also worked at i. B. M. And lockheed martin. I asked him if the sony hack could change the way they look at Cyber Security. I think it has changed. The threat landscape, if you look back 10 years to 20 years ago, people tried to hack for notoriety and publicity. Today, it is about money. If you have information that is valuable to someone, they will come after you. Right now, organizations need to do everything they can to safeguard information and be able to react when they do experience a breach. What in the president s legislation is best about what could be found . It is a noble first step. I think the administration that means you think it stinks. Well, last night we heard the president talk about Cyber Security just a little bit. But to get into the state of the union, that is a big deal. When has that happened before . The president has to talk about all kinds of Different Things going on in the world and cyber finally got the first notice that this is important and we need to come after this as a team. Both the government and commercial. From a legislative standpoint, we have so Many Companies in Silicon Valley whose businesses have been harmed, they say, by the n. S. A. s policy of vacuuming up information and it has hurt their ability to sell internationally. Those companies dont want to have to share with the n. S. A. And f. B. I. And the president suggests they have to do that and it would help them protect themselves. What do you hear your customers starting to say about Cyber Security protection plans . I sat with the director for three and a half years and i remember when i would go out and visit companies or conferences and people would bring up the n. S. A. Or some type of information gathering would come up and i would say youve got to realize, think about being an f. B. I. Agent. You have to balance trying to stop bad things from happening and put bad people away. But its the only organization that is there to safeguard your civil liberties. Think about you being in that job and saying i want to try to stop that thing but we need access to information. If we are going to try to live in a safer world, we are going to have to empower some organizations to go after people who want to do harm to americans and allies and our businesses. There is an old new yorker story that says theres more new York City Police officers than f. B. I. Agents. I was starting to think about what their capabilities are to fight cyber terrorism. Does the f. B. I. Have enough resources . The new York City Police have more Police Officers in the city than all employees at the f. B. I. We are a very small group, but very dedicated. These men and women go out every day trying to protect our citizens, trying to do their best. I will tell you, i got run into programs i cant talk to you about the programs there but i got run into programs where i would sit there and look at the person briefly and go who thought that up . Some of the things you see in movies and tv, we have those tools. Tanium chief Strategy Officer chad fulgham. Talking about Net Neutrality, in the state of the union, the president also spoke about Net Neutrality. This comes as house and Senate Subcommittees hold hearings on the issue. The f. C. C. Is set to unveil its own Net Neutrality rules in weeks. I talked to michael beckerman, president and c. E. O. Of the internet lobbying group formed by google, facebook, yahoo and other tech giants. Here is what he had to say. The interesting thing from our conversation, maybe it was only two or three months ago. We were talking about are rules needed at all . Today the conversation is how do you put those rules in place . Now you have republicans and democrats agreeing that rules are needed. The question is what is the mechanism and the tools needed . Who has changed their mind in where elected officials have gone on both sides of the fence. It wasnt too long ago they were saying no change was needed. The republicans have taken real steps forward but the f. C. C. , chairman wheeler is five weeks away from voting on rules. I think we will have a chance to see what rules come out of the f. C. C. In five weeks. It is certainly heartening for all of us to hear republicans and democrats say enforceable rules are needed to protect an open internet. Spoken like a washington veteran. So what is it that made the republicans who were against this change their mind and decide there for some sort of regulation on the internet . The one piece you were talking about in the previous segment is should the f. C. C. Reclassify broadband providers as a Telecommunications Service versus an Information Service . Title ii let me paraphrase it it essentially says companies have a responsibility to the public and have to offer services in a fair and open way even though that might raise costs. Exactly. That is essentially right. That has been the Sticking Point for republicans and democrats. We saw in the hearing this morning, but i think paul mizer from amazon nailed it from the consumer standpoint and from our standpoint. We are results oriented, we want to make sure at the end of the day that the internet is open and for 99. 9 of Internet Users, they dont care about how it happens. It is congress or the f. C. C. What section of the statute it comes from. They want to make sure they are protected. There is no blocking and no discrimination. The internet is open. Applies to wireless as well as a wire line. That does raise the cost for Companies Like time warner and comcast and beyond. A lot of money has been lobbied on that side of it. Comcast spends more than any other company. The Internet Association theyve spent a lot of money lobbying as well with google spending 13 million and facebook spending 7. 4 million and right on down the line. Amazon, yahoo , ebay, all spending money on lobbying. Are they getting what they are after . Are they getting the attention of those lawmakers . Are we seeing the results in those hearings today . I think today the conversation has shifted. There is broad recognition that Internet Users need to be protected. I would rather have the conversation on how to we protect users rather than have the conversation be should we protect users . Michael beckerman, c. E. O. Of the Internet Association. Up next, were going to pivot back to securities talking about with one of ciscos top executives and cofounder of the Security Firm lookout. That is next on bloomberg west. This is the best of bloomberg west. Im cory johnson. Cisco has just released its 2015 annual security report. Here is a key takeaway. 75 of think their security tools or varied or effective and they use only standard protocols to prevent breaches. I talked about this paradox with ciscos john stewart. It is a combination of elements. The first is with an industry that is only about 25 years old, were looking at an experience that hasnt been built up through all the companies. There is a perception and reality gap where top leaders will see the strategies and operations will be concerned they have not gotten over the goal line. Is this bravado, or do they just want to say this because they do not dare tell anyone they think their systems are weak . Even i have got a little bit of that confidence factor where you do not want to start off by saying, hey, we got it all wrong, lets go from there. I think it is just a matter of where the gap has got to be closed. This is one of the things in the security report we published. There is widening gaps between a whole series of things. Partly the understandings at the top and the understanding at the operations level. So, the bosses do not get it less than they did not get it last year . Partly it is more bosses get it at all. It is starting to turn into a place where the board room is having conversations about cyber which is relatively new. I think the sony hack has there is a lot of reasons. One is the embarrassment factor, the notion that the corporation became the target of a powerful nationstate. North korea is a joke in many governments. There was a New York Times story yesterday. They invested a lot of money in going after attacks like this. That must have scared the beejezus out of the board that pays attention to these things. I think it is a combination of factors. I will say it this way. There has been a series of elements that the Corporate Directors have talked to boards about the f. C. C. And has weighed in and said there is a particular risk factor for these businesses and it is increasing. The volume of the attacks, the number of companies, the number of situations receiving press, and the fact we are having a National Dialogue about it completely tells you that boards are getting more and more aware. Your report is fascinating. It talks about threat intelligence. What is the nature of the kinds of threats we are seeing now . Is it fair to say that most of them look like this . Yeah, most of them look like this. Then there are the small ones that have heavy impact in highimpact situations. What most look like and we all experienced this in our daytoday life you get spam email. The technique being used to deliver it changed last year and the quantity went up by 250 . That changed the entire modality of getting the use the user. What changed . Technically feel free to geek out on us. This is bloomberg west. We can handle it. I understand completely. It used to be the instrumentation protecting companies, was when you got volume. Tons of it was bailed. If one got in, great. That kind of email coming from those places so, if we see 300 emails that advertise viagra, we know that is spam, so we reject them all. And then emails that come from sites where it is obviously generating it, you block it. What happened last year is i decided i am going to send the order for emails from 1000 different rights, very small very low. Very difficult to detect because they are not hitting that volume attack or hitting those bad known addresses or bad sites. Now it gets to the user. When it gets to the user, then it is game on. If you actually doubleclick like we all do and you double click on the wrong thing, then i might be able to involve you in an attack on the organization you work with. That was other john stewart. I recently talked to lookouts cofounder and talked about the most dangerous threats to our mobile phones. I think the largest threat to most individuals is downloading bad apps to their phones. They can take your phone hostage and make you pay to get it back. Getting hacked or attempts coming their way. We estimate 60 million Android Users around the world. 7 of our users in the u. S. Got some sort of malware on their phone. One of the biggest trends now increasing, we have this trend we call ransomware. It may be an app you download to your phone. It is most commonly seen in pornographic apps. People are doing something a little bit dodgy on their phone. As soon as you install it, it will take over your phone, lock you out, and charge you several hundred dollars to get access back to your phone. This is only happening on the android phones, not the iphone . Yeah. Since androids are so much more popular in the world, they can infect the most vectors. We see ios risk now being what android was in 2010. The bad guys are just starting to target. And in china more people are breaking their phones and trying to get around the protection anyway. Yes. Many people will download apps from a little stall. Plug it into a laptop. They are bypassing a lot of the app store protections. There is a big business on the other side of that. What is that business . Who are these hackers and how big is that industry . It is very big and very broad. It is like trying to classify all crime in the world. Crime can take many different flavors. What we see for most individuals is the risk of bad guys stealing their data. Trying to get them to pay money on their phone bill or for ransom. For businesses i dont care about people. I care about businesses. Because that is what the show was for, to help people understand how technology is changing business. Absolutely. What we have seen is historically and i see you have a separation between Enterprise Technology and i. T. Technology. With mobile, people are bringing their personal phones to work more than ever. What we see, when we talk to chief security and information officers, their biggest concern is people bringing malware that they may have downloaded an app on their personal phone, then bringing it into the internal corporate network. You have all of this investment in firewalls and corporate infrastructure and one bad phone we have seen a really dramatic thing in the last few weeks really. The north korean attack, the presumed north korean attack on sony. It was really targeted at that business. It was not something an individual got involved in. Are we seeing a changing threat across the board and who is doing that and what they are after . For businesses, two major actors are cyber criminals and statesponsored actors, but sometimes they blend together and it is hard to tell. There really has been a large growth. Give an example. In the case of google. Google widely reported they believe they were hacked by china, as far as a statesponsored attack. Whereas in other cases, you have anonymous banks being targeted often by Eastern European criminal gangs. For a business, this is a big problem. Anytime there is a large amount of resource being put on targeting them, it raises the bar. While android, for example, we see a lot more threats to the average user, where the bad guys are targeting a metric ton, ios versus android, if they are targets attacks, they are equally at risk. Amazons latest venture feature films. Can they compete with major studios or are they just spending more money, good after bad . That story is next on the best of bloomberg west. Im cory johnson. This is the best of bloomberg west. Amazon aims at hollywood after winning two tv awards at the golden globes. They announced they are going to produce 12 feature films a year. The movies will first be released in theaters and then on amazon prime. Can amazon really make it big on the big screen . I spoke about that with a former studio executive and n. Y. U. Film professor. This is a continuation of a trend that is new in the past few years. There is a new frontal assault on the traditional theatrical movie business where theaters would have the right to show movies without any competition from other distribution sources. With growth from netflix amazon, streaming in general that is called into question now. Right now the theater owners are not going to give, it seems but eventually i think it is going to change. This is part of an evolutionary process that is going to change the way movies are distributed. Right now, as you know, the audience or the viewers have changed their viewing habits. People are, thank god, still going to movie theaters, but they are also watching movies on their laptops and tv sets. Theology aside, why do you say thank god . I happen to be a traditionalist in terms of i really enjoy seeing movies in a movie theater. I think there is something about that experience that is thrilling, exciting and fulfilling. On the other hand, ive got to competing thoughts here. The growth of places like amazon, netflix, hulu plus, it means there are far more outlets available to the Creative Community to create content and more opportunity to create content and more ways to get that content to the audience. Then i think one of the significant things of the amazon decision, they made it very clear they were going to make a certain kind of movie. In other words, they are talking about movies in the 5 million to 25 million budget range. Primarily, youre talking about independent movies like grand Budapest Hotel or bird man. Were not talking about transformers. So the Creative Community response to that. Dont rip on the transformers. Wasnt that made by an n. Y. U. Graduate . [laughter] im just making a comparison. This opens up amazon to awards. Does that change the marketing aspect if the movies are actually any good . Amazon already saw that it got a huge benefit from one of its tv shows, transplants getting the golden globe award. They got a huge buzz and huge publicity off of that win. It was the first time a show like that had won a golden globe. When youre doing lower budget indie kind of movies, part of your strategy is to do imaginative or original material that will appeal to certain niche audiences and get awards that will encourage people to go see it. On the flip side, i thought last week what was interesting, you could see the power of the Oscar Nominations when you have the success of american sniper. It broke all kinds of Box Office Records when it got the six nominations. That can be helpful. I remember when i was an undergraduate at n. Y. U. , film students running around talking about a graduate student named spike lee. He had made barbershop. I wonder what your students think of movies that are going ri