credentials are a weak link in cybersecurity. we must move to multifactor biometric continued education for those who interact with critical instruct. for each device that tawches to crateical infrastructure we must strengthen the validation for authorities to operate. rolling out more advanced across the energy grid faces these challenges. current credential technology, current it practices, legacy applications and the age of the equipment. within critical infrastructure networks we must trust the data that is used in the decision making process. block chain frameworks can provide this trust. cryptographic data can be used in a variety of uses. isolated networks with use effectively, however malware can still operate within that network. we have to ensure the identity of the operator and the operational history of that device. with stronger yiet we can strengthen legal evidence to prosecute malicious attacks. it helps prevent the spread of propagation of attacks. early in our work new contacts develop developed stiks. stiks is j

their understanding of cybersecurity goes beyond encryption and perimeter defense. to appreciate that the cybercrime wave that is being sustained against us is highly technical, and we must reinvest cybersecurity. companies do you think are paying off hackers? i am just curious. >> it's terrible that i have to state this, but i would suggest companies, not necessarily publicly traded companies, but small to medium-sized companies, are paying off hackers because they are trying to maintain resiliency while under siege. they shouldn't be paying off the hackers. they should be working with the fbi and secret service. if they don't have the capacity to defend themselves, they should have a security service provider to protect them. betty: i was afraid with that answer might be. kellerman, certainly disturbing, strategic cyber ventures ceo on the latest news out of uber. up next, china's biggest airline is expecting to reap the rewards from its partnership with american airlines. hear what china southern's president has to say about its rother and the new beijing airport

s internal cybersecurity risk profile and their approach to cybersecurity from a regulatory and oversight perspective. the s.e.c.'s internal assessment found that the agency had inadequate controls and that there were serious cyber and data risks. unfortunately in september of this year, chairman clayton issued a statement on cybersecurity reached a breach previously detected in 2016 may have provided illicit gain through trading, closed quote. specifically, a software vulnerability existed in the test filing component of the s.e.c.'s electronic data gathering analysis and retrieval, or also known as edgar system, which resulted in the access to nonpublic information. while this breach provided the hackers access to highly sensitive material at the time the s.e.c. believed the intrusion did not result in unauthorized access to personally identifiable information, or p.i.i., as we commonly refer to it, therefore jeopardizing the operations of the s.e.c. or result in a systemic risk and that was a quote from the s.e.c.'s report. however, unfortunately in a follow-up disclosure shortly after

>> rick weber, inside cybersecurity. executive order also deals with use of section 9, the most critical infrastructure. can you tell us a little bit about the administration's thinking about how to refine that process? >> yes. so we're taking a look at how we define section 9. today there's a set of criteria that gets you inside that -- that critical infrastructure designation. for those not familiar, there's a section in a previous eo that talks about critical infrastructure, and section 9 of that executive order talked about probably the most critical of critical infrastructure. if you go through that list today -- and we don't publish that list, the companies that are on it understand who they are and have interactions with us. but if you go through that list, i think most people would see a couple of companies and scratch their head and say, why aren't they on there, and when you think about the knock-on effects of second order things we rely on in critical infrastructure we've also got to consider that, you know, t

health care health care cybersecurity what do you make of that that i mean it's been a year since the presidential election we still don't have all these key appointments in cybersecurity mostly because congress is blocking most of the appointments i know that there are other powers pretty heavy in the fact that the white house hasn't done anything about its kind of troubling we're just a slow system simple as. the bureaucracy of course i'm a lot of corporations. it's not a micro problem it's a macro problem it's kind of funny because a we're speculating that we got hired by roche and all that b.s. and having got nobody to take care of. now the white house seems to be filling the positions at a rather slow pace it's been over a year since the u.s. presidential election and so far we only have two hundred forty nine out of the four hundred sixty nine posts that have been filled they tend to react when a threat has become evident as we saw with the snowden hacking the wiki leaks there's no question that politically because of the divisive nature of politics in washington today that cybe

and we know that cybersecurity is unfortunately a secular growth business.igital terrorists will keep trying to mess up systems and make us pay bitcoin for ransomware. it's good opportunity when secular growth group pulls back. dip your toe in the water. which are worth owning laundry list first mimecast public less than two years ago and rallied 72% for the career not flashy, cloud-based data security play, focused on protecting corporate employees' e-mail accounts. entry point for hackers, ask john podesta got dinged today even though a slight earnings miss, other metrics look good. might be rare buying opportunity. cyberarm, israeli that protects administrator accounts keys to the digital kingdom. terrific long-term track record but lately stalled down 3%. cut guidance in may and weak numbers in july. put pressure on the stock. cyberbark has become a show me story. but terrific top and bottom line and management raised full year guidance house in order again rallied. since then pulled back including today. i think that's a buying opportunity. what else? o

on the issue of cybersecurity, america's cybersecurity networks are under attack. in september we learned that equifax had been successfully hacked and 145.5 million people may have been affected by the breach. last week it was also reported that 57 million people use uber, that they may have been -- had their personal information stolen from a cyberattack in 2016. this cannot continue. fortunately our committee has made strengthening dhs cybersecurity a top priority. in 2014 bipartisan committee efforts resulted in the enactment of legislation that provided dhs expedited hiring authorities, ensured dhs is assessing its cybersecurity workforce and clarified the department's role in cybersecurity of federal networks. in 2015 the cybersecurity act provided liability protections for public to private and private to private cyber threat information sharing. we have had some success, but we need to do better. and that is why this committee passed a bill to elevate the operational capabilities of dhs' cyber office to better protect digital america. finally, on the issue

reports over the past year we've heard cybersecurity touted time and time again as a top priority for the united states democrats and republicans must work together and devise comprehensive solutions to deter and defend against further cyber attacks counterterrorism and cyber security must be top priorities in keeping our home once a d.o.j. has made cyber security a top priority i'd like to take this opportunity emphasize the importance of improving cybersecurity and working related issues across public and private sectors now given how much importance has been attached to this issue it seems like very little is actually being done key vacancies such as department of homeland security cyber security chief or department of defense chief of information as well as numerous low level positions remain empty so why is the united states failing to appoint these oh so important cyber security chiefs. it's not an intentional into news today and not an intentional decision to keep those empting going forward it's more stacking up the nominations and clearing the decks of the senior most leaders

the >> up next on c-span two comment conversation on cybersecurity and the internet of things. we'll hear from congressman darrell issa, from the technology policy institute in aspen, colorado, this is just under an hour. >> okay, we would get started where the coffee corner begins to filter out over there. at this panelist on the internet of things. the internet of things is a wide-ranging term, generally describing computing devices in everyday industrial products or things connected to each other. some of them are household products. i'm fully connecting all of my life to alexa, with light bulbs connected to firmware. my wife is not very happy with this, but i keep telling her, jen, it is getting better and better. soon before you know it turning on the lights will be as easy as flipping a switch. [laughter] household items are the least important part of iot. enterprise and industrial use will help us allocate resources more efficiently. there were two principal challenges we'll talk about. first is the network, which is what kind of infrastructure do we need to facilitate

how do you foresee furthering the department's cybersecurity efforts from within the national security division? >> so i think the cybersecurity is the area that has changed the most since i was there last, about nine years ago. now it seems to permeate all of the work of the division, whether it's on the counterterrorism side or on the counterespionage side. so whether we're talking about folks who are being radicalized or radicalizing themselves on the internet, or talking about nation states and the actions they have tried to take, if cybersecurity is there, i note in the prior administration, they developed a separate unit in the division to focus more squarely on cybersecurity. i support that. i'm going to be looking closely at that to be sure that it's resourced correctly and that the correct focus is on cybersecurity issues. i think they're going to be one of the biggest parts of the job going forward. >> great, thanks, john. vice chairman. >> again, welcome, sir. as you're obviously aware one of the most important investigations this committee is involved in at this point is th

>> cybersecurity will be front the i.t. standpoint that has happened in cybersecurity. seen in the retail market, it is a typical of other segments. emily: you think they are still vulnerable. from boomerang, you are sticking with me. mark you been at president trump and asked if he knew how big an impact alibaba has had on the u.s. talk market. theercent and 7.5 times monthly trade deficit has gone to one chinese company. alibaba says the shares have tripled since the 2014 ipo. the biggest in u.s. history. trump has long targeted china but recently softened his stance citing that u.s. policy. trump did not respond to cuban. the battle for voice-activated home assistance heats up. if you like bloomberg news, check us out on the radio. this is bloomberg. ♪ emily: amazon's use of brick-and-mortar stores to sell its own hardware could edge up the competition. they are helping sell amazon echo devices. it puts the device in front of shoppers every day and it is hoping will help lead tech rivals like apple and google in the dust. the apple home pod will be delayed, missing t

>> yes, sir as part of the cybersecurity act, the national cybersecurity communications integrations center is the reporting place. anyone can report incidents to them and that gets disseminated through that means. >> my time has expired. the chair recognizes my colleague from new jersey, mr. payne. >> thank you, mr. chairman. admiral hewwit, in your testimony, you talked about the declining numbers dedicated and less active state interoperability governing bands. as i observed in my opening statement, governance is critical to interopterable. >> what affect will it have. >> thank you ranking member, payne. with the number of full time swiks as you alluded to, it's down to 12 now. we were at a high of 44. even though under the homeland security grant program, it is an allowable cost. what we're seeing since we don't have the dedicated grant, we used to have an emergency grant program from 2008 to 2010. we went from a handful of swiks to 44. similarly, department of commerce in 2013 with the adhaven't of first net, did a state local program. when you do have dedicated grants that is d

badges and cybersecurity badges. and there is a push to get more young girls interested in science. but you know, historically the very pre-professional badges for boy scouts or girl scoukout cou part of the curriculum, but boys railroad g were getting excited about space, so why get specific as opposed to maybe something more fundamental? i imagine you didn't take a s.t.e.m. badge type, you know, activity. >> that is a great question. and actually since the very beginning, we've had badges that are relevant to girls and the world around them. so 100 years ago, we had badges will electricity or carpentry, airlines, being a pilot. so now we always try to have badges that are relevant to girls. and s.t.e.m. is one aspect. outdoors is another. leadership. life skills is another. and entrepreneurship is another. and a lot of times they really overlap. like for me, i was on a camping trip when my troop leader saw me looking at the stars. so i was doing a lot of outdoor events and is she saw that that could spark an interest in science. later on she made the connection to connect that to

the issue of cybersecurity is here. it's a national security issue, it's a future issue on identity theft and the ability for individuals to protect things that we have to do both at the federal level of the game and make sure that we are making enough to help the critical infrastructure. what do we need to do to get people on the same page and fighting cyber criminvitingcybee we need to make sure everybody gets the hygiene of the day-to-day business and your home computer and everything else will be at the critical aspect of the world we now live in. so, i want you to know and be able to speak to the fact one individual failing to put a patch in place caused such damage. firstrd is the security systems. we have done a comprehensive review in the process including the capabilities and tools making sure they protect the process much more up to speed up the stage. i understand the safeguards that we have and it provided the scope that is ahead of that in manyst perspectives and definity welcomed the conversation. i would

standpoint in cybersecurity. that we have seen in the retail market is very typical of other segments in the industry. emily: so you think they are still vulnerable? >> yes. still as vulnerable as the other segments. emily: you are sticking with me. mark cuban tweeted at president trump and asked if he knew how they get an impact that alibaba has had on the u.s. stock market. seven and a half times are monthly trade deficit with china has gone to one company. alibaba shares have tripled to their $190 a share since ipo. trump has long targeted china for their trade practices, but has recently softened his stance. coming up, the battle for voice-activated home assistance heats up. how a grocery store could give amazon an advantage. you can check us out on sirius xm. this is bloomberg. ♪ emily: amazon's use of its brick and mortar stores could edge out the competition. it is using the brick and mortar store to sell its devices. the company is hoping it will leave tech rivals like google and apple in the dust. will b

border security, cybersecurity, protecting our critical infrastructure which has an awful lot of cybersecurity component to that, and then countering violent extremists no matter the origin. we focus a lot of time and attention and really in congress, yes, we write legislation. it's hard to get it passed. i really view my primary role as chairman of that committee is to hold the hearings, bring in people like dr. farid and fran townsend and peter bergen, the experts on the subject matter, to do a problem solving process. define the problem? provide the information. try and establish achievable goals. so that's certainly what i've been trying to do. we held a hearing just last week. this was a confirmation hearing for what i hope will be the next secretary of homeland security. one of the things i did in that hearing is i just laid out starting with the seek temple shooting in wisconsin -- sikh temple shooting in wisconsin. it ended, of course, with november 5 massacre at sutherland springs, texas, where 26 individuals, 26 souls, 26 individuals wounded. in that 20 list, the list of 20 incidents

today we spoke to a cybersecurity expert here who talked about the cyberattack. now the ceo says this security breach was discovered last year. he himself questions why it took so long for the company to notify customers. he says the hackers stole personal data including names, emails and addresses and phone numbers of customers and driver's license numbers of drivers. cybersecurity experts say you should follow up on this if you know this information has possibly been taken from you. >> these guys could be criminals. and they can turn that information into money. by impersonating your identity or by using your identity they can get loans or something like that. >> reporter: uber says the two employees in charge of the investigation when the hack was discovered have been terminated and new security measures are i

that helped lift shares of the cybersecurity firm in trading today. bill? >>> sue, deere's business picked up steam. that's where we begin tonight's market focus. improving demand in the u.s. and abroad helped the tractor maker top expectations. deere expects that strength to continue, saying it expects sales for the coming year to outpace analysts' estimates. shares closed at $145.25, up 4%. >>> rockwell automation has turned down emerson electric's third takeover offer. rockwell determined that the $2t interests of its shareholders and that it presents long term risks, includi difficulty staying competitive in a very quickly changing market. rockwell automation shares were off by 1% to $191.02. shares of emerson were higher by 2.5% to $61.88. >>> tivo has won a patent infringement case against comcast. ruled that comcast' de set-top boxes violate two of tivo's boxes. comcast is now prohibited from selling certain versions of the device. shares of tivo jumped 7% to $18.90 while shares of comcast, the parent company of cnbc which produces this program, comc

should the nsa even be in the offensive cybersecurity business, or should it just focus on cyberdefense? what about the company that is have found themselves bearing the brunt of the damage so far? some argue the nsa has to stay in the offensive cyberhacking game, because the secrets it can steal are vital to american national security, even though american companies sometimes pay the price. >> companies aren't going to get hurt unfortunately, and they will end up being effectively class real damage, but it doesn't make a difference whether that is caused by the u.s. and nsa, or a foreign intelligence service. if the nsa isn't finding vulnerabili you can be sure a foreign service is. >> others question whether gathering these in one place is actually making american companies more vulnerable. >> the idea that we would put so much trust, so much of the kind of sing the points of data, of failure in the hands of a single organization is something that we need to reexamine not only as corporations or as individuals, but i think as a country as a whole. >> one analyst told me today that big

intelligence community still reeling from what veterans are calling the biggest cybersecurity breach ever. just over a year ago hackers got into the national security agency, getting away with some of the agency's top cybersecurity defenses and weapons. the question remains what happened to the nsa's own cyber defenses? here's nbc's tom costello. >> reporter: in the world of espionage, the question remains who are the shadow brokers? the group claiming responsibility for what may be the biggest security breach ever at the nsa, now taunting the country in posts riddled with spelling errors. recently writing, "is nsa chasing shadows?" so was the breach the work of foreign hackers or someone on the inside? former nsa analyst orren thalcowitz says it's had a chilling effect on nsa staffers. >> it puts them under suspicion. it puts the people they work with into question. and it slows the progress of protecting the country. >> reporter: whoever stole the nsa's cyber weapons then used them to launch ransomware attacks against hospitals, banks, shipping and drug companies. one online post h

today we spoke to a cybersecurity expert here who talked about the cyberattack. now the ceo says this security breach was discovered last year. he himself questions why it took so long for the company to notify customers. he says the hackers stole personal data including names, emails and addresses and phone numbers of customers and driver's license numbers of drivers. cybersecurity experts say you should follow up on this if you know this information has possibly been taken from you. >> these guys could be criminals. and they can turn that information into money. by impersonating your identity or by using your identity they can get loans or something like that. >> reporter: uber says the two employees in charge of the investigation when the hack was discovered have been terminated and new security measures are in place. the company ceo says quote in part none of this should have happened annually not make excuses for it. while i can't erase the pass i can commit on behalf of every uber employee we will learn from our mistakes. back here live the cybersecurity ex

breen answered questions on russia, cybersecurity and the process for sexual harassment and violence claims. this is 45 minutes. this with t. >> order. questions to the prime minister. melanie on. >> mister speaker -- >> damien green. >> mister speaker. i have been asked to reply on behalf of my right honorable friend the prime minister, furthering our interest, >> the whole house will join me in well some welcoming prince harry and megan. this marks the 100 anniversary of the creation of the raf. thanks to a century of service to this country. >> the first extreme, congratulations to prince harry on his engagement and the outstanding effort by the late council in northeast lincolnton, the project in its industrial strategy document and we need more than a byline to make the potential a reality. will the secretary say when we expect the government to put the money where the mouth is to get going? >> i can welcome the fact the honorable lady is welcoming the industrial stuff. as she should do. it will be good for many communities around this country particularly those who feel that in

on the issue of cybersecurity, america's cybersecurity networks are under attack. in september we learned that equifax had been successfully hacked and 145.5 million people may have been affected by the breach. last week it was also reported that 57 million people use uber, that they may have been -- had their personal information stolen from a cyberattack in 2016. this cannot continue. fortunately our committee has made strengthening dhs cybersecurity a top priority. in 2014 bipartisan committee efforts resulted in the enactment of legislation that provided dhs expedited hiring authorities, ensured dhs is assessing its cybersecurity workforce and clarified the department's role in cybersecurity of federal networks. in 2015 the cybersecurity act provided liability protections for public to private and private to private cyber threat information sharing. we have had some success, but we need to do better. and that is why this committee passed a bill to elevate the operational capabilities of dhs' cyber office to better protect digital america. finally, on the issue

we have had several larger commerce committee hearings on cybersecurity. certainly had some in the energy committee, and i think homeland security has had some and the armed services committee has had some. now is the time for us to be very serious about passing legislation as we did out of the senate that would help us fight the issue of cyber crime and particularly help strengthen our critical infrastructure against state actored attacks. as miss mayer mentioned. these are not the only things being attacked. networks at nuclear power plants, pipelines, a whole variety of things. as we continue to grow the economy of the internet of things, the hearing we just had i guess that was yesterday, we also heard about how more devices and more connectivity means more data entry portals for people to attack. so i hope our committee will join the efforts to get cyber security legislation over the goal line this year. i think it's not too soon to act. i too want to bring up that there are 3 million washingtonians who were impacted by the equifax, according to my in

reestablished four goals with cybersecurity that has that component in encountering violence extremism there was a lot of time and attention of my primary role is bringing in people with the experts on the subject matter to do that problem solving process and trying to establish achievable goals. still holding a hearing just last week a confirmation hearing from the secretary for land security but one of the things that i did started with a shooting in wisconsin 20 different mass murders. that ended with the november 5th massacre with those 26 people wounded so in the last -- over 1,000 were wounded. later that night i was with my family is my daughter asks a question we were all asking what is happening? why is it happening? what can we do about it? these are not easy questions to answer but president obama had a fair amount of criticism compared to other things. for example, like the overdose of that is a huge problem with 64,000 deaths last year. and auto accidents with of list going back a number of years with an act of terrorism. widely put so much time and effort on axa of terror

how bad is cybersecurity question how much should we be worried and not sleeping at night? >> new america did a study of 129 individuals in the united states. you have either joint isis or tried to joint isis based on public records and without none of them had been recruited by a real person. there was no, they didn't go to a mosque and get radicalized. they didn't meet some returning foreign fighter. they were entirely radicalize online, and as an israeli counterterrorism -- by think has a useful formulation here which is the lone wolf is part of the pack. when you go online and you have these ideas or a lot of people around the world who are going to provide an echo chamber saying essentially you are right. right. one of the other interesting takeaways but these 129 americans is they are all around the united states. they don't fit any particular ethnic profile. theyhe are all sunni muslims, bt they are hard to profile. i mean, and, of course, this causes problems for law enforcement because somebody who is watching isis propaganda, very few of them didn't want to do vio

also being published this week, listening in by cybersecurity expert susan landdau. in the book she looks at the future of cyber threats. george mason university law professor f.h. buckley examines how corruption is impacting the economy in "the republic of virtue." and in "clashing over commerce," dartmouth college economics professor douglas irwin looks at the history of united states trade policy. look for these titles in bookstores this coming week and watch for many of the authors in the near future on booktv on c-span2. .. southern festival of books. it's my pleasure to have the opportunity to introduce jonathan eig, this morning. an author i really really admire. i have been reading his work for years and he's here to talk by his new book, his biography of mohammed ali.

as a consumer, give your business to companies that exhibit good cybersecurity behaviors and advertisebehaviors are. the consumer, pick companies that will be responsible with your information, but in the meantime, i will be looking for the days ahead, to provide information on what was disclosed in order to give consumers some options to figure out what they need to do in order to protect the information that has been exposed. emily: thank you so much. back on the earnings front, salesforce has reported a quarterly profit thanks in part to an expanded lineup of cloud-based programs. revenue rose 25% in the fiscal quarter, but forecasts for fourth-quarter profits of missed estimates. shares are relatively flat. ceo marc benioff has been looking to newer products offering marketing and e-commerce to increase growth. coming up, it is a race between alexa and siri. is it too little too late? we will discuss. this is bloomberg. ♪ emily: a story we continue to watch -- there is a report that apple's iphone x was being built with high school students illegally working overtime. according to

the cybersecurity. this is not a machine to machine problem. it is people on people. your finger right on it. we started by taking the best attackers from places like the nsa and the air force and other parts of the government and gathered them together and said, ok, let's built the defense you never wanted to run into when you are on the attacker side. we have to continually replenish that talent with people who are up-to-date on the latest hacker techniques and procedures from around the world. and then marry them up to people who built and shipped scalable enterprise software, and then a university math department of data scientists. julia: the problem is the person operating this, while trying to work out what went wrong -- equifax was a great system. one unnamed person did not do an i.t. update. of you make the application this search in the end indication of a hack simple to operate? nate: that is one of the hallmarks we do, build a product that is incredibly easy to use. we cut our teeth in the u.s. government where our end-users are often operating under press

we agreed to standard law enforcement and cybersecurity cooperation.that neither wants to become a safe haven for each other's fugitives. and will instruct competent authorities of the two countries to actively explore a long-term cooperation mechanis

i will close that cybersecurity is a global challenge. no company, individual or even government agency is immune from these threats. the attacks on yahoo! demonstrates that the collaboration is essential in the fight against cyber crime. adepress i have pursuit of cyber criminals as the d.o.j. and f.b.i. exhibited could be a meaningful deterrent in preventing future crimes. e acting assist ant general, our nation's state attack is not a fair fight by working together we can help level the cyber field. thank you for addressing the committee today. >> chairman thune and ranking member nelson and members of the committee. thank you for the opportunity to testify today. i'm verizon's chief's privacy officer. verizon has a significant and long standing commitment to safeguard consumer data. in an increasing connected world, verizon recognizes that this is prereck which sits to compete. the very nature of our business has required that verizon makes data security a top priority. n july 25, 2016, versong announced it acquired yahoo!'s operating

the amount of money they have to spend on cybersecurity now? when is the company going to go public? could that be pushed back more? jeremy: right now you have softbank in negotiations with uber about taking a large percentage in the company. this will give softbank some leverage to use on the valuation, the terms of the deal. $1.2 billion, can they push that down and what that means for uber? jeremy: it could push the evaluation down. there were talking about around the $50 billion mark. already a decent hit from what 18e claimed uber was worth months ago, near $70 billion. it could fall further below the 50 billion mark. alix: travis kalanick is still on the board. does he keep that seat for long? anythinge has not said so far. travis is still on the board. he controls 2 other board seats as well. i don't think he is going anywhere. i think he is holding on to his board position. whether he will be forced to make a statement about the hack, i'm not sure. it is possible he will make some kind of statement in the coming days. jonathan: i want t

of cybersecurity, which is hacking.they were doing the math necessary to get down to the code groups, and then they're trying to determine in the message weather might be a code group that meant noon position. noon position was with the japanese ships would use to announce whether going to be at noon the next day. what better piece of intelligence for an american submarine commander than to know that? a number of the women were doing math to get down to the code group within the using language skills to try to determine if the message were an important word might be. that the u-boat codes were completely different. those were being scrambled by machine and they had to use statistical methods. but it's his mother was a lot f guessing like i think the word weather might be at this point and then try to figure out how the indignant ms. shaheen would've turned iw into five different letters before any merge at the end. -- machine. jiggling, that was a term come jiggling and math but then there was sort of the early versions

you've got to have investment in cybersecurity from the top down and bottom up. it has to be a cultural move. you look at what your team is and how you're structuring it and if you only have four people but you're definitely going to have your h.r. person, h.r. is the first interface to the people coming into your organization and that's the first opportunity to create that cultural shift. it's a part of position descriptions and also a part of how you're evaluated. the third is looking at basic actions. it's software, it's access management. i think whether or not equifax truly calls into question identifying proofing or identification now would be interesting to see because it's clearly something we have been struggling with but it's fishing. the argument around the fact that phishing breaches most companies and if we just address the education and awareness around that we would preserve or create a more resilient infrastructure is absolutely out there and so we don't have to be very evolved in how we're looking at this. it doesn't have to be senior executive l

this cybersecurity issue is huge i don't think chair yellen glommed on to this or made it as big an issued be the ability to hold funds in the federal reserve system, hold dollars, is a keystone of why the dollar is a global currency. if we don't make it safe, i think the dollar will be under threat as a global currency and it may be a reason why ning th like bitcoin is having success out there. >> this is interesting an even bigger story that may emerge >>> coming up, the big facebook iss at th itoday's must reads ahead. stick with us. zar: one of our investors was in his late 50s right in the heart of the financial crisis, and saw his portfolio drop by double digits. it really scared him out of the markets. his advisor ran the numbers and showed that he wouldn't be able to retire until he was 68. the client realized, "i need to get back into the markets- i need to get back on track with my plan." the financial advisor was able to work with this client. he's now on track to retire when he's 65. having someone coach you through it is really the value of a financial advisor. you myour join

we agreed to standard law enforcement and cybersecurity cooperation. the two sides reaffirmed that neither wants to become a safe haven for each other's fugitives. and will instruct competent authorities of the two countries to actively explore a long-term cooperation mechanism regarding fugitive assets recovery and repatriation of illegal immigrants. the two sides will continue the implementation of the 5 point consensus which in 2015 to enhance cybersecurity cooperation including the use of the international terrorist and tackling cyber crimes. we will counter narcotics cooperation and better protect each others nationals and institutions in their respective countries. as two distinctive countries our two sides may have different views or differences on some issues. this is only natural. the key is to properly handle and manage them. there is far more common interest between our two countries than nirchsz. it is important to respect each other's sovereignty and territorial integrity, respect each other's choice of development path. as long as the two

everything from cybersecurity threats we now face to additional, perhaps, more innovative ways in which the threats -- >> is there any technology that you know of right now that the ports don't have that they need? >> i'm aware of some additional screening equipment that we are looking at piloting and using at the borders. i'm not aware of the constraints that a port environment might provide but certainly we need the best -- the best and brightest both in terms of personnel and technology at the ports. >> thank you very much and i would like the chairman to note i yield back a minute and 13 seconds. >> this is fabulous. i think we all appreciate, by the way. >> thank you, mr. chairman. i won't disappoint you. you know what's coming. a question on the northern border. >> senator tester did, so -- >> yeah. the northern border threat analysis was released in july after our bipartisan legislation that senator kelly ayotte and i cosponsored. when we look at the northern border it's 5,500 miles with a very, very historic and significant partner in terms of canada, but that doesn't mean that

but cybersecurity stocks. not shopping.nt steve dudash with the the big i. not online shopping sites but go into the cybersecurity sites. >> we're trying to find areas less likely affected tax bill changes. the tack bill will not get passed. 0% chance of this being. liz: zero? >> 99%. they will change it. maybe 90% chance that nothing happens. 10% chance something does. we're trying to do invest things in agnostic. doesn't matter if the it passes right now. online security only grown. liz: dow just turned positive everybody. i told you. watch. >> and i am. producers in your back room, none of them are doing online buying. now they're all doing online buying. you need security do that. 10 years ago you didn't feel comfortable. liz: which names? >> don't pick all of them. there will be some winners and losers, but right now, picking across the board is your best bet, there will be multiple winners and losers. just like the techs, 15, 20 years ago, wanted 10, 15. don't buy into etfs. buying into things not going to be affected

guys, i spoke to one cybersecurity expert who didn't want to be named because he wasn't thosauthorizedtalk at this issue he says the problem about this is uber hid it from everyone for a year he also says this so-called breach of reporting is there to protect your customers, not your investors, and this is where uber fell short. customers and drivers were the very last to know, so he and other cybersecurity experts say that could open up uber to further fallout, legal, and possibly criminal. back over to you >> deirdre bosa covering all kinds of stories today for us. thank you very much. >>> when we come back, toy retailers tying their fates to one comeback trend details on that. we'll talk to state of luxury retail and apparel with the ceo of ethan allen later how apple hopes to resurrect the holiday shopping season without its much anticipated apple homepod when "squawk alley" continues at fidelity, trades are now just $4.95. we cut the price of trades to give investors even more value. and at $4.95, you can trade with a clear advantage. fidelity, where smarter investors will always

now we're working with them on cybersecurity. my grandfather taught me to make a wine that over delivers. chubb, over delivers. approaching medicareivers. eligibility? you may think you can put off checking out your medicare options until you're sixty-five, but now is a good time to get the ball rolling. keep in mind, medicare only covers about eighty percent of part b medical costs. the rest is up to you. that's where aarp medicare supplement insurance plans insured by unitedhealthcare insurance company come in. like all standardized medicare supplement insurance plans, they could help pay some of what medicare doesn't, saving you in out-of-pocket medical costs. you've learned that taking informed steps along the way really makes a difference later. that's what it means to go long™. call now and request this free decision guide. it's full of information on medicare and the range of aarp medicare supplement plans to choose from based on your needs and budget. all plans like these let you choose any doctor or hospital that accepts

if you could comment about your view on cybersecurity? gov.owell: i agree with everything you said. it is a very, maybe the single most important risk, our financial institutions and government institutions face. we are focused on providing resources to deal with it and making sure financial institutions we supervise address it. ofre can be never any sense mission accomplished. it is one of those things we will always feel we are doing as much as we can and it isn't enough. we are committed as to the institutions we supervise. sen. reed: thank you. >> senator kennedy? thank you, mr.: chairman. good morning. i have read those media accounts that in the past year you have met with 50 wall street executives. how many community bankers did you meet within that time? gov. powell: i do not have a number, but it would be in the hundreds, if you consider the state delegations and other meetings we have had. sen. kennedy: what did the community banks do wrong, contribute to the meltdown in 2008? gov. powell: there i say the community banks did not cont