WEBVTT - Stroz Friedberg's Software Analyzes Email for Threats (Audio)

0:00:04.840 --> 0:00:09.440
<v Speaker 1>Broadcasting live to New York, Bloomberg to Washington, d C.

0:00:09.680 --> 0:00:14.920
<v Speaker 1>Bloomber to Boston, Bloomberg twelve hundred to San Francisco, Bloomberg

0:00:15.040 --> 0:00:18.840
<v Speaker 1>ninety to the country's US exam General one nine and

0:00:18.960 --> 0:00:22.640
<v Speaker 1>around the globe, the Bloomberg Radio plus Bloomberg dot Com

0:00:23.720 --> 0:00:28.200
<v Speaker 1>is taking stock, according to the latest annual cyber crime

0:00:28.520 --> 0:00:32.320
<v Speaker 1>survey that was jointly conducted by CSO Magazine, the U. S.

0:00:32.320 --> 0:00:35.400
<v Speaker 1>Secret Service, as well as Price Waterhouse Coopers, and Software

0:00:35.440 --> 0:00:39.520
<v Speaker 1>Engineering Institute Search program. Do you know that a third

0:00:39.560 --> 0:00:42.960
<v Speaker 1>of the electronic attacks Kathleen on organization's public and private?

0:00:43.120 --> 0:00:45.919
<v Speaker 1>You know where they come from? Yes, you tell me though,

0:00:46.000 --> 0:00:50.000
<v Speaker 1>they come from inside the organization. So you want to

0:00:50.080 --> 0:00:54.560
<v Speaker 1>know what is happening inside your technology network, You're gonna

0:00:54.560 --> 0:00:57.640
<v Speaker 1>have to listen to our next day. Yes. Ed Straw's

0:00:57.680 --> 0:01:00.680
<v Speaker 1>co founder and chairman of Straw's Feed Freeber based right

0:01:00.680 --> 0:01:04.920
<v Speaker 1>here in New York City. Career law enforcement specializing on

0:01:05.040 --> 0:01:09.480
<v Speaker 1>cyber risks and technology led him to this very fascinating company. Him,

0:01:09.560 --> 0:01:11.360
<v Speaker 1>I don't want him to put the software on me

0:01:11.400 --> 0:01:14.520
<v Speaker 1>and never know. Well, let's put the software on Katherine Conry.

0:01:14.560 --> 0:01:17.160
<v Speaker 1>Now she is in the newsroom with a Bloomberg Business flash,

0:01:17.640 --> 0:01:20.760
<v Speaker 1>Thank you, Kathleen wall Street. Starting off this holiday shortened

0:01:20.760 --> 0:01:23.960
<v Speaker 1>week with a retreat. Bank of England Governor Mark Kearney

0:01:24.000 --> 0:01:26.640
<v Speaker 1>warned of prospects for a material slowing in the economy

0:01:26.920 --> 0:01:30.319
<v Speaker 1>and then developing risks from Britain's withdraw from the European Union.

0:01:30.680 --> 0:01:33.360
<v Speaker 1>William Dudley, President of the Federal Reserve Bank of New York,

0:01:33.360 --> 0:01:35.720
<v Speaker 1>said today that Brexit is a cloud on the horizon

0:01:35.760 --> 0:01:38.520
<v Speaker 1>for policy. He added that it's too early to understand

0:01:38.520 --> 0:01:41.280
<v Speaker 1>the full consequences of the vote. Banks are taking the

0:01:41.360 --> 0:01:44.160
<v Speaker 1>largest losses. We checked the markets every fifteen minutes throughout

0:01:44.200 --> 0:01:46.840
<v Speaker 1>the trading day. Down Industrial leverage down one hundred fifteen

0:01:46.880 --> 0:01:49.960
<v Speaker 1>points two thirds of a percent, trading at seventeen thousand,

0:01:50.000 --> 0:01:53.480
<v Speaker 1>eight hundred thirty three. SMP five foundered down sixteen points

0:01:53.480 --> 0:01:55.920
<v Speaker 1>three quarters of a percent at two thousand and eighty six.

0:01:56.320 --> 0:01:59.320
<v Speaker 1>Then nazdak is down forty seven points and nearly one percent,

0:01:59.360 --> 0:02:03.000
<v Speaker 1>trading at four eight sixteen. West Texas intermediate crude oil

0:02:03.040 --> 0:02:05.600
<v Speaker 1>down two dollar sixteen cents a barrel four point four

0:02:05.640 --> 0:02:08.720
<v Speaker 1>percent to forty six eighty four. Spout led up nineteen

0:02:08.720 --> 0:02:11.760
<v Speaker 1>dollars twenty cents an ounce at thirteen fifty ten your

0:02:11.800 --> 0:02:15.840
<v Speaker 1>treasury U seconds at one point three six percent. American

0:02:15.840 --> 0:02:18.760
<v Speaker 1>Express is moving into some new territory. A planet debut

0:02:18.760 --> 0:02:21.720
<v Speaker 1>an online loan platform for small business clients this year.

0:02:21.960 --> 0:02:25.720
<v Speaker 1>Here's Bloomberg's Jenny Seraine. It's actually kind of on both sides.

0:02:25.760 --> 0:02:28.240
<v Speaker 1>There's a lot of these smaller fintech players that offer

0:02:28.360 --> 0:02:31.720
<v Speaker 1>really neat, convenient, easy to use products. But then there's

0:02:31.760 --> 0:02:34.799
<v Speaker 1>also the large and trenched banks like Jping, Morgan Well

0:02:34.840 --> 0:02:38.080
<v Speaker 1>Spargo that offer really similar products um that offer kind

0:02:38.080 --> 0:02:40.480
<v Speaker 1>of low rates but maybe not as much convenience. So

0:02:40.480 --> 0:02:42.200
<v Speaker 1>I think AMEX is trying to slide in right in

0:02:42.200 --> 0:02:44.560
<v Speaker 1>the middle there. And and now look at some of

0:02:44.560 --> 0:02:46.799
<v Speaker 1>the other stories. Thank you, Gatherine from the Bloomberg news room.

0:02:46.800 --> 0:02:49.600
<v Speaker 1>I'm Raimi in aessentio. This news update is brought to

0:02:49.600 --> 0:02:52.840
<v Speaker 1>you by Bentley University. What you're rebooting America's oldest ski

0:02:52.840 --> 0:02:55.800
<v Speaker 1>shop and crunching numbers that Vista Print have in common.

0:02:56.200 --> 0:02:59.840
<v Speaker 1>An NBA from Bentley University that prepares graduates to innovate

0:02:59.840 --> 0:03:03.840
<v Speaker 1>and lead because business is everywhere, prepare here. The FBI

0:03:03.960 --> 0:03:07.240
<v Speaker 1>has recommended that no charges be filed against Hillary Clinton

0:03:07.480 --> 0:03:10.519
<v Speaker 1>over her use of a private email server as Secretary

0:03:10.560 --> 0:03:13.920
<v Speaker 1>of State. FBI Director James Comey told reporters that Clinton

0:03:14.000 --> 0:03:17.040
<v Speaker 1>and her aids were extremely careless with the emails, but

0:03:17.120 --> 0:03:21.120
<v Speaker 1>he said there was no intentional misconduct. State Department spokesman

0:03:21.160 --> 0:03:24.359
<v Speaker 1>John Kirby disagreed with Comey's assessment about how things are

0:03:24.360 --> 0:03:27.120
<v Speaker 1>handled at the State Department. I'm saying that the State

0:03:27.160 --> 0:03:32.240
<v Speaker 1>Department has, in the past and and does today, take

0:03:32.280 --> 0:03:36.680
<v Speaker 1>the treatment of classified information very seriously. Meanwhile, Hillary Clinton

0:03:36.760 --> 0:03:39.320
<v Speaker 1>says if she is elected, she will do all she

0:03:39.400 --> 0:03:42.760
<v Speaker 1>can to stand with America's teachers and fight to improve

0:03:42.800 --> 0:03:46.760
<v Speaker 1>the country's education system. For anyone who has faced a

0:03:47.000 --> 0:03:54.920
<v Speaker 1>hostile state legislature, a union busting governor, or both, how

0:03:55.440 --> 0:04:03.240
<v Speaker 1>is on the way. Clinton addressed the National Education Association

0:04:03.240 --> 0:04:07.040
<v Speaker 1>Assembly in Washington, d C. Today, and longtime New Yorker

0:04:07.120 --> 0:04:11.280
<v Speaker 1>and Tuskegee airman Roscoe Brown Jr. Has died. Brown was

0:04:11.360 --> 0:04:13.760
<v Speaker 1>part of the first African American group to serve in

0:04:13.800 --> 0:04:16.520
<v Speaker 1>the Air Force during World War Two and would later

0:04:16.560 --> 0:04:20.080
<v Speaker 1>be awarded the Congressional Gold Medal. Global News twenty four

0:04:20.120 --> 0:04:22.760
<v Speaker 1>hours a day, powered by more than twenty undred journalists

0:04:22.760 --> 0:04:25.440
<v Speaker 1>and analysts in more than one hundred twenty countries from

0:04:25.440 --> 0:04:27.560
<v Speaker 1>the Bloomberg news room. I'm Rainey and assent to you.

0:04:27.800 --> 0:04:32.120
<v Speaker 1>This is Bloomberg, Catherine, thank you. And now let's get

0:04:32.160 --> 0:04:35.000
<v Speaker 1>a quick check of the equity benchmarks. Down Industrial Hovergetown

0:04:35.040 --> 0:04:38.360
<v Speaker 1>at nine eight points, trimming earlier losses. Currently trading at

0:04:38.360 --> 0:04:41.320
<v Speaker 1>seventeen thousand, eight hundred fifty smp F I founded down

0:04:41.360 --> 0:04:44.479
<v Speaker 1>fourteen points at two thousand eighty eight. Nastakis down forty

0:04:44.480 --> 0:04:49.159
<v Speaker 1>two points at And that's a Bloomberg business flash. You're

0:04:49.200 --> 0:04:52.719
<v Speaker 1>listening to taking stock with pim Box and Kathleen Hayes

0:04:53.120 --> 0:04:59.240
<v Speaker 1>on Bloomberg Radio. Of US organizations believe that they are

0:04:59.440 --> 0:05:03.479
<v Speaker 1>vulnerable to insider threats. That's according to the data security

0:05:03.760 --> 0:05:07.120
<v Speaker 1>firm war Metric. Here to tell us more about security

0:05:07.279 --> 0:05:11.080
<v Speaker 1>threats and how to protect against them is Ed Straws.

0:05:11.160 --> 0:05:14.200
<v Speaker 1>He is the co founder and the chairman of Straws Freeburg.

0:05:14.720 --> 0:05:18.400
<v Speaker 1>You're based in New York City and Mr Straws is

0:05:18.560 --> 0:05:21.960
<v Speaker 1>a former FBI agent. He spent sixteen years with the

0:05:22.000 --> 0:05:25.719
<v Speaker 1>Federal Viewer of Investigation. He was then appointed to form

0:05:25.960 --> 0:05:29.440
<v Speaker 1>a computer crime squad in New York City at the time,

0:05:29.440 --> 0:05:33.799
<v Speaker 1>it was only the third in the country at Straws.

0:05:33.839 --> 0:05:35.920
<v Speaker 1>Thanks very much for being here. Happy to be here.

0:05:36.320 --> 0:05:40.479
<v Speaker 1>This idea of internal threats versus external threats, you know,

0:05:40.560 --> 0:05:44.400
<v Speaker 1>hold your friends close, hold your enemies closer. Uh. Tell

0:05:44.480 --> 0:05:48.200
<v Speaker 1>us how this relates to people in the workforce. It

0:05:48.240 --> 0:05:51.480
<v Speaker 1>relates to people in the workforce two ways. The first

0:05:51.680 --> 0:05:55.320
<v Speaker 1>is you could have an insider that represents a threat,

0:05:55.720 --> 0:05:58.320
<v Speaker 1>and by threat I would say somebody who intends to

0:05:58.360 --> 0:06:03.360
<v Speaker 1>do something that they know they shouldn't do. Maybe they're disgruntled, um,

0:06:03.400 --> 0:06:06.200
<v Speaker 1>maybe they've been paid to do something. But then there's

0:06:06.240 --> 0:06:09.359
<v Speaker 1>another side to it where you're just talking about good

0:06:09.400 --> 0:06:13.200
<v Speaker 1>people who represent one of the biggest risks to your organization.

0:06:13.520 --> 0:06:16.560
<v Speaker 1>That is, they're either careless or in some ways are

0:06:16.640 --> 0:06:20.000
<v Speaker 1>responsible for clicking on an action uh in an email

0:06:20.120 --> 0:06:25.120
<v Speaker 1>that infects the system. And those both those situations malintent

0:06:25.720 --> 0:06:28.760
<v Speaker 1>and maybe carelessness come down to the human factor. And

0:06:28.839 --> 0:06:30.440
<v Speaker 1>so what we've tried to do is say, if the

0:06:30.520 --> 0:06:33.719
<v Speaker 1>human being is the ground zero for the action that

0:06:33.760 --> 0:06:37.240
<v Speaker 1>we're talking about, shouldn't we be analyzing the human being

0:06:37.279 --> 0:06:41.680
<v Speaker 1>as a human being. So and in fact, electronic attacks

0:06:41.680 --> 0:06:45.720
<v Speaker 1>on organizations, public and private come within according to many services.

0:06:45.760 --> 0:06:48.160
<v Speaker 1>You know, that is just noting some of these statistics.

0:06:48.160 --> 0:06:51.160
<v Speaker 1>But so, so what does scout scout do? What is

0:06:51.240 --> 0:06:55.040
<v Speaker 1>what is the program? Like the software the algorithm. So

0:06:55.120 --> 0:06:58.760
<v Speaker 1>Scout is the name of the tool that Strasfreeberg developed

0:06:58.960 --> 0:07:01.960
<v Speaker 1>to try to unders damn people better. And the tool

0:07:02.080 --> 0:07:06.520
<v Speaker 1>analyzes the language that appears in your emails and other

0:07:06.600 --> 0:07:09.400
<v Speaker 1>forms of communication that are written. It does not work

0:07:09.440 --> 0:07:13.280
<v Speaker 1>on voice, and it analyzes the language and the way

0:07:13.360 --> 0:07:16.920
<v Speaker 1>you normally speak and looks to see does it change

0:07:17.000 --> 0:07:20.760
<v Speaker 1>in a meaningful way over time and if it does change,

0:07:21.160 --> 0:07:24.120
<v Speaker 1>in what ways does it change? And we have about

0:07:24.200 --> 0:07:28.200
<v Speaker 1>sixty different attributes that we can analyze about people just

0:07:28.320 --> 0:07:31.280
<v Speaker 1>through their language. Can you give us an example, just

0:07:31.400 --> 0:07:35.080
<v Speaker 1>share with us how this might work? Sure? Um, So

0:07:35.280 --> 0:07:38.200
<v Speaker 1>we drew from psychology, and in fact, the software has

0:07:38.240 --> 0:07:41.080
<v Speaker 1>ten patents on it based not on computer science but

0:07:41.160 --> 0:07:46.680
<v Speaker 1>on psychological science. So we analyze words and relationships two

0:07:47.040 --> 0:07:50.000
<v Speaker 1>of words to each other, the way you normally speak. So,

0:07:50.080 --> 0:07:54.480
<v Speaker 1>for example, if you are normally somebody whom communicates in

0:07:54.640 --> 0:07:57.679
<v Speaker 1>shades of gray talks about well, you know, this could

0:07:57.680 --> 0:07:59.520
<v Speaker 1>work out this way, it could work out that way.

0:07:59.520 --> 0:08:01.200
<v Speaker 1>A kind of it of sense that this might be

0:08:01.240 --> 0:08:05.880
<v Speaker 1>a good idea. You're showing sort of subtle, nuanced communication patterns.

0:08:06.320 --> 0:08:08.680
<v Speaker 1>If you suddenly change from that and to start saying

0:08:08.720 --> 0:08:10.600
<v Speaker 1>this will never work or this is always going to

0:08:10.640 --> 0:08:13.280
<v Speaker 1>go this way, Um, you're now going into a more

0:08:13.280 --> 0:08:16.560
<v Speaker 1>black and white zone. Also, if you refer to the

0:08:16.920 --> 0:08:19.680
<v Speaker 1>organization that you work for in the normal course to

0:08:19.760 --> 0:08:23.880
<v Speaker 1>say this is my company, our business, and then over

0:08:23.960 --> 0:08:28.680
<v Speaker 1>time you start talking about this place the organization, that

0:08:28.840 --> 0:08:32.840
<v Speaker 1>is psychological distance, and there's a reason why your language

0:08:32.880 --> 0:08:36.640
<v Speaker 1>is changing from first referring to it as our firm,

0:08:36.640 --> 0:08:40.280
<v Speaker 1>our company, my company, into one where you put distance.

0:08:40.720 --> 0:08:43.680
<v Speaker 1>So analyzing the sixty different attributes, there's too many to

0:08:43.679 --> 0:08:46.360
<v Speaker 1>go into here, but these are examples of the kinds

0:08:46.400 --> 0:08:49.880
<v Speaker 1>of things that people indicate through their language that psychologists

0:08:50.000 --> 0:08:53.080
<v Speaker 1>understand very well. But nobody had really brought that insight

0:08:53.240 --> 0:08:55.880
<v Speaker 1>into the insider. How accurate is it? Accurate is it?

0:08:55.960 --> 0:08:58.400
<v Speaker 1>How have you tested it? It seems to me a

0:08:58.400 --> 0:09:00.600
<v Speaker 1>lot of people can turn that like get mad your company,

0:09:00.600 --> 0:09:02.360
<v Speaker 1>But doesn't mean you're going to hit it with some

0:09:02.440 --> 0:09:04.520
<v Speaker 1>kind of cyber attack. How do you know this works?

0:09:04.720 --> 0:09:07.160
<v Speaker 1>Now that's true? I think, well, for one thing, if

0:09:07.200 --> 0:09:09.880
<v Speaker 1>you do see this kind of language, it raises a

0:09:09.960 --> 0:09:13.000
<v Speaker 1>question for inquiry, it does not provide the answer, and

0:09:13.120 --> 0:09:15.440
<v Speaker 1>you have to look to see how often is this occurring,

0:09:15.760 --> 0:09:22.679
<v Speaker 1>and we typically flag less than one one persentable communications

0:09:22.800 --> 0:09:26.240
<v Speaker 1>is even deserving any additional analysis. And then you really

0:09:26.240 --> 0:09:28.160
<v Speaker 1>have to look to see, well if it does flag,

0:09:28.240 --> 0:09:31.760
<v Speaker 1>if it does indicate a significant variation and deviation on

0:09:31.760 --> 0:09:34.880
<v Speaker 1>one attribute, do we see other attributes that are moving

0:09:34.920 --> 0:09:37.960
<v Speaker 1>at the same time, And that is what I think

0:09:38.000 --> 0:09:40.480
<v Speaker 1>you need to have. The seltware is designed to make

0:09:40.480 --> 0:09:43.200
<v Speaker 1>sure that you do protect privacy, but you're not left

0:09:43.280 --> 0:09:46.680
<v Speaker 1>in the dark so that you're blindsided. Is it also

0:09:46.720 --> 0:09:51.560
<v Speaker 1>designed to protect intellectual property and also flag compliance issues.

0:09:52.960 --> 0:09:55.400
<v Speaker 1>Intellectual property is one of the most important things to

0:09:55.440 --> 0:09:59.199
<v Speaker 1>guard against because when it is stolen, it tips it

0:09:59.559 --> 0:10:02.520
<v Speaker 1>is not um stolen in a way that deprives the owner.

0:10:03.360 --> 0:10:06.640
<v Speaker 1>Everything that is stolen is still there. So to indicate

0:10:06.679 --> 0:10:09.520
<v Speaker 1>whether or not an individual who had the authority to

0:10:09.640 --> 0:10:13.800
<v Speaker 1>access and copy files is actually um in a state

0:10:13.840 --> 0:10:15.760
<v Speaker 1>of mind where maybe they're going to do something they

0:10:15.760 --> 0:10:18.440
<v Speaker 1>shouldn't do becomes very very key. So the intellectual property

0:10:18.520 --> 0:10:23.840
<v Speaker 1>is quite important. So what's the next step for the company.

0:10:23.960 --> 0:10:27.680
<v Speaker 1>Tell me in a nutshell, Well, we've always been a

0:10:27.720 --> 0:10:31.040
<v Speaker 1>services company at Straws Freeburg, but there are certain areas

0:10:31.080 --> 0:10:33.839
<v Speaker 1>where we cannot find the tools that we're looking for

0:10:34.000 --> 0:10:35.840
<v Speaker 1>and so we had to build them. So the next

0:10:35.840 --> 0:10:38.800
<v Speaker 1>stage for us is really to continue growing the company

0:10:38.840 --> 0:10:41.800
<v Speaker 1>and work with investors to make sure the values there well.

0:10:41.920 --> 0:10:44.760
<v Speaker 1>Fascinating company and obviously the need for it seems to

0:10:44.960 --> 0:10:47.520
<v Speaker 1>be growing, or maybe we've just become aware of how

0:10:47.840 --> 0:10:50.320
<v Speaker 1>great that need has been all along. Ed Straws, thank

0:10:50.360 --> 0:10:53.520
<v Speaker 1>you so much. Co founder and chairman of Straw's Free Work.

0:10:53.559 --> 0:10:56.600
<v Speaker 1>Here in New York City, I'm Kathleen Hayes along with

0:10:56.640 --> 0:11:02.720
<v Speaker 1>pim Fox. This is Bloomberg. Coming up on taking stock,

0:11:02.720 --> 0:11:05.160
<v Speaker 1>will be speaking with Rob Hayworth. He is the senior

0:11:05.200 --> 0:11:09.040
<v Speaker 1>investment strategist for U S Bank Wealth Management, helping to

0:11:09.120 --> 0:11:12.520
<v Speaker 1>manage a hundred and thirty three billion dollars. What is

0:11:12.520 --> 0:11:14.679
<v Speaker 1>he telling his customers to do that's next