>> Announcer: Live from New York City, it's theCube covering Cyber Connect 2017. Brought to you by Centrify and The Institute for Critical Infrastructure Technology. >> Okay, welcome back everyone, this is a live Cube coverage here in New York City at the Grand Hyatt Ballroom. I'm John Furrier with my co-host Dave Vellante. This is Cyber Connect 2017, the inaugural conference of a new kind of conference bringing industry and government and practitioners together to solve the crisis of this generation, according to Keith Alexander, who was on stage earlier. Our next guest is the CEO of the company that's under running this event, Tom Kemp, co-founder and CEO of Centrify. Congratulations, Tom, we met, we saw you last week, came in the studio in Palo Alto. Day one was coming to a close. Great day. >> Yeah, it's been amazing, we've had over 500 people here. We've been webcasting this, we have 1,000 people. And, of course, we've got your audience as well. So, clearly, over 2,000 people participating in this event, so we're really pleased with the first day turn-out. >> So, I would say this is, like, a new kind of event, a little bit different than most events in the business. Response has been very well received, sold out, packed house, I couldn't get a chair, strolled in, not late, but, I mean, you know, towards the end of your Keynote. This is the dynamic, there's demand for this. Why is this so popular? You guys had a good hunch here, what's been the feedback? >> Well, the feedback's been great, first of all. But, the reality is, is that, organizations are spending 10% more per year on security but the reality is the breaches are growing 40 to 70% per year. So, no matter how much money they're throwing at it, the problem's getting worse, and so people are, for the most part, kind of throwing up their hands and saying, how can we re-think security as well? So, I think there's just a complete hunger to hear best practices from some of the top CSO's. You know we had US bank CSO, we had Etna, Blue Cross Blue Shield, etcetera. What are these guys doing to keep their data secure and make sure that they don't make headlines? >> So, I want to ask you a question on the business front, obviously we saw last week, Alphabet, AKA Google, Twitter and Facebook in front of the Setna committee, around this influence thing going on with the media, still an exploit, but a little bit different than pay load based stuff we're normally seeing with security hacks, still relevant, causes some problems, you guys have been very successful in Washington. I'm not saying you're lobbying, but as a start up, you ingratiated yourself into the community there, took a different approach. A lot of people are saying that the tech companies could do a better job in D.C., and a lot of the times Google and these treasure troves of data, they're trying to figure it out. You took a different approach and the feedback we heard on theCube is working. You guys are well received in there, obviously the product, good timing to have an identity solution, and zero trust philosophy you have. Well, you did something different. What was the strategy? Why so much success in D.C. for Centrify? >> Well, we actually partnered with the IT folks and the security people. I mean, we actually spent a lot of time on site, talking with them, and actually, we built a lot of capabilities for what the government was looking to address from an identity access security perspective. That's just the reality of the situation. And so, we took a long haul view, we've done very great in the, two of our largest customers are intelligence agencies, but we actually have over 20% of our sales that goes to the federal government, state and local as well. So, you really can't just go in there, spend a lot of money, do a lot of hype. You actually have to roll up your sleeves and help them solve the mission. They call it the mission, right, they have mission, and you got to be focused on how you can address them and work with the technologist out there to make sure, so it was just, really just blocking and tackling the ground game, >> So common sense sounds like, just do the work. >> Yeah, do the work, really listen. And think about it as a multi-year investment, right? I mean, in a lot of start ups, they just, like, oh, can't get the sale, move on, right. But you actually have to realize, especially in security, that most tech companies that have a big security presence, they should get 15-20% of their business from the US government. >> That's a big bet for you guys, were you nervous at first? I mean, obviously, you have confidence now looking back, I mean, it must've been pretty nerve wracking because it's a big bet. >> It's a big bet because you also have to meet certain government standards and requirements. You got to get FIP certification, you got to get common criteria, in the cloud, you got to get FedRAMP, and that means you also have to have customers in the federal government approve you and bring you in and then you have to go through the lengthy audit process. And we're actually about to get our FedRAMP certification, just passed the audit and that's going to be coming up pretty soon as well. So, yeah, to go get common criteria, to get FedRAMP, you have to spend a million dollars for those types of certifications. At the same time, working with the large federal agencies. >> So Tom, you gave us the numbers, 10% more spending every year on security but breaches are up 40 to 70%, you said in your talk that's two trillion dollars in lost dollars, productivity, IP, etcetera, so obviously it's not working, you've mentioned a number of folks in here talking today. What's their mindset? Is their mindset this is a do-over? Or, is it, just we got to do a better job? >> I think we're getting to the point where its' going to be a do-over. And I think, first of all, people realize that the legacy technology that they have have historically focused on premises. But, the world's rapidly moving to the cloud, right? And so, you need to have cloud-based scale, a cloud-based architecture, to deliver security nowadays because the perimeter is completely going away. That's the first thing. And, I think there's also realization that there needs to be Big Data machine learning applied to this. And you guys talk about this all the time, the whole rise of Big Data. But, security is probably the best vertical. >> Data application. >> Exactly, it's probably the best vertical, because you need real-time instantaneous should I let this person come into the system or not, right? Or, over time, is this, does this represent malicious activity as well? So, I think people are realizing that what they've been doing's not working, they realize they're moving to the cloud, they need to adopt cloud, to, not only secure cloud, but have their technology be based in the cloud and they need to apply machine learning to the problem as well. >> So, in your talk, you talked about a paradigm shift, which I inferred as a mindset shift in how security practices in technologies should be applied, you got to lot of content in there. But could you summarize for our audience sort of the fundamentals? >> Well, the first fundamental is, is that the attack vector is completely changed, right? Before, it was all about vulnerabilities that someone hadn't patched this latest version of Windows, etcetera. Those problems are really solved, for the most part. I mean, occasionally it kind of pops in now and then, but for the most part, enterprises and governments are good about patching systems etcetera. You don't hear about sequel injections anymore. So, a lot of those problems have been resolved. But, where the attackers are going, they're going after the actual users, and so, I know you had the Verizon folks here on theCube, and if you look at the latest Verizon data breacher port, eight out of 10 breaches involve stolen and compromised credentials, right? And that has grown over the last few years from 50% to 60% now to over 80%. Look at the election, right? You talk about all this Twitter stuff and Facebook and all that stuff, it's John Podesta's emails getting stolen, it's the democrat's emails getting stolen, and you know, now that people have the Equifax data, they've got even more information to help figure out-- >> Social engineering is a big theme here. >> Absolutely. >> They have this data out on the dark web, this methodologies and there's also, you know, we talked with the critical interset guys that you're partnering with about all the terrorism activity, so, there's influence campaigns going on that are influencing through social engineering, but that data's being cross connected for, you know, radicalizing people to kill people in the United States. >> Well, there's that. And then there's nation states, there's insiders. So, the reality is, is that, it turns out from a security perspective, that we, the humans, we're the weakest link in this. And so, yes, there needs to be process, there needs to be technology, there needs to be education here as well. But the reality is that the vast majority of spin on security is for the old stuff, it's like we're trying to fight a land war in Asia, and that's how we're investing, we're still investing in M1 tanks in security, but the reality is that 80% of the breaches are occurring because they're attacking the individuals. They're either fooling them, or stealing it by some means or mechanisms, and so the attack vector is now the user. And that's this, and people are probably spending less than 10% securing the users, but it represents 80% of the actual attack vector. >> Talk about the general, you've had some one-on-one times with him, he's giving a keynote here, gave a keynote this morning, very inspiring. I mean, I basically heard him pounding on the table, "we don't fix this mess, You know, we're going to be in trouble, it's going to be worse than it is!" Think differently, almost re-imagining, his vibe was almost about let's re-imagine, let's partner, let's be a community. What else can you share with you interaction with him? I know he's a very rare to get to speak, but you know, running the cyber command for the NSA, great on offense, we need work on defense. What have you learned from him that industry could take away? >> Yeah, I think you hit it, which is, and I didn't realize that there's a bigger opportunity here, which is, is that in real time, there needs to be more sharing among like constituents. For example, in the energy industry, these organizations, they need to come together and they need to share, not only in terms of round tables, but they actually need to share data. And it probably needs to happen in the cloud, where there's the threats, the attacks that are happening in real time, need to be shared with their peers in the industry as well. And so, and I think government needs to also play a part in that as well. Because each of us, we're trying to fight the Russians, right? And the Chinese and the North Koreans, etcetera and a enterprise just can't deal with that alone and so they need to band together, share information, not only from an educational, like we have today, but actually real time information. And then again, leverage that machine learning. That artificial intelligence to say, "wait a minute, we've detected this of our peers and so we should apply some preventative controls to stop it." >> And tech is at the center of the government transformation more than ever. And again, Twitter, Facebook, and Alphabet in front of the senate, watching them, watching the senators kind of fumbling with the marbles. You know, hey, what's Facebook again? I mean, the magnitude of the data and the impact of these new technologies and with Centrify, the collision between government and industry is happening very rapidly. So, the question is that, you know, how will you guys, seeing this going forward, is it going to be, you know, the partnership as they come together fast or will more mandates come and regulations, which could stifle innovations, so, there's this dimension going on now where I see the formation of either faster partnership with industry and government, or, hey industry, if you don't move fast enough poof, more regulations. >> And that's also what the general brought up as well, is that if you guys don't do something on your own, if you don't fix your own problems, right, then the government's going to step in. Actually, that's what's already starting to happen right now, that if Facebook, Twitter, all these other social networks are not going to do something about foreign governments advertising on their platform, they're going to get regulated. So, if they don't start doing something. So, it's better to be in front of these things right here, the reality is that, yes, from a cyber security in terms of protecting users, protecting data, enterprise needs to do more. But, you know what, regulations are starting to already occur, so, there's a major regulation that came out of New York with the financial services that a lot of these financial firms are talking about. And then in Europe, you got GDPR, right? And that goes into effect I think in May of next year. And there's some serious finds. It could be up to four percent of your revenue as well, while, in the past, the kind of, the hand slaps that have happened here, so if you do business in Europe, if you're a financial services firm doing business in New York. >> People are going to run from there, Europe. I mean, regulation, I'm not a big fan of more regulation, I like regulation at the right balance, cause innovation's key. What have you heard here from talks? Share, cause we haven't had a chance 'cause we've been broadcasting all day, share some highlights from today's sessions after, you know, Jim from Etna was on there, which, I'm sure you got a kick out of his history comment, you're a history buff. Weren't you a history major and computer science? >> I was a history major and computer science, you got that right. >> You'd be a great dean of the sciences by today's standards. But I mean, he had a good point. Civilization crumbles when there's no trust. That comment, he made that interesting comment. >> So, it's interesting what Etna's done, from his presentation, was they've invested heavily in models, they've modeled this. And I think that kind of goes back to the whole Big Data, so I think Etna is ahead of the game, and it's very impressive what he's put forth as well. And just think about the information that Etna has about their customers etcetera. That is not something that you want. >> He was also saying that he modeled, you don't model for model's sake because stuff's going on in real time, you know what I'm saying? So, the data lake wasn't the answer. >> Well, he said his mistake was, so they were operationalizing the real time, you know, security Big Data activity, and he didn't realize it, he said that was the real answer, not just, sort of, analyzing the data swamp, so. >> Yeah, absolutely. >> So, that was the epiphany that he realized. You know, that is where the opportunity was. >> John: It was unconventional tactics, too. >> What can businesses expect, Tom? What's the business outcome they can expect if they, sort of, follow the prescription that you talked about and, sort of, understand that humans are the weakest link and take actions to remediate that. What kind of business impact can that have? >> Yeah, so, we actually, we spent a lot of time on this and we partnered with Forrester, a well known analyst group, and we did this study with them, and they went out and they interviewed 120 large enterprises. And it was really interesting that one group, group A, was getting breached left and right and group B, about half the number of breaches, right? And we were like, what is group B doing versus group A? And it had to do with implementing a maturity model as it relates to identity which is, first and foremost, implementing identity assurance, getting, reducing the number of logins, delivering single sign-in, multi factor authentication. Which we should all do as consumers as well, turn on that MFA button for Twitter, and your Gmail etcetera. Then, from there, the organizations that were able to limit lateral movement and break down, make sure that people don't have too much access to too many things as well. There was an incident, it was Saudi Generale that there was a backend IT guy, he became a traitor, he started making some losses, and so he tried to, he doubled down, he leveraged the credentials that he had as a former IT person to continue trading even though he kind of turned off all the the guardrails right there, and he should have been shut down. When he made that move into that new position, so, there's just too much lateral movement aloud. And then, from there, you got to implement the concept of least privilege and then finally you got to audit, and so if you can follow this maturity model, we have seen that organizations have seen significant reduction in the number of breaches out there as well. So, that was another thing that I talked about at my keynote, that I presented this study that Forrester did by talking to customers and there turned out to be a significant difference between group A and group B in terms of the number of breaches as well. And that actually tied very well with what Jim was talking about as well, which was, you know, I call it a maturity model, he called it just models, right, as well. But there is a path forward that you can better be smarter about security. >> But there's a playbook. >> There is a playbook, absolutely. >> And it revolves around not having a lot of moving parts where human error, and this is where passwords and these directories of stuff out there, are silos, is that right? Did I get that right? So you want to go level? >> That's the first step, I mean the first step is that we're drowning in a sea of passwords, right, and we need what's known as identity assurance, we need to reduce the number of passwords. With the fewer passwords we have, we need to better protect it by adding stronger authentication. Multi-factor authentication. The new face ID technology, which I've been hearing good reviews about, coming from Apple as well, I mean, stuff like that, and say, look, before I log into that, yes, I need to do my thumbprint and do the old face ID. >> And multi factor authentication I think is a good point, also known as MFA, that's not two factor, it's more than one, but two seems to be popular cause you get your phone, multi factor could be device, IOT device, card readers, it starts getting down into other mechanisms, is that right? >> Absolutely, it's something you have, and something you know, right? >> Answer five questions. >> Yeah, but at the same time you don't want to make it too, >> Too restrictive. >> Too restrictive, etcetera. But then here's where the machine learning comes in, then you add the word adaptive in front of multi factor authentication. If the access is coming from the corporate network, odds are that means that person was badged, got through. So, maybe you don't ask as much, for much information to actually allow the person on right there. But, what if that person was, five minutes ago, was in New York, and now he's trying to access from China? Well wait a minute, right? Or what if it's a device that he or she's never accessed from before as well? So, you need to start using that machine learning and look at what is normal behavior and what deviates from that behavior? And then, factor it into the multi factor authentication. >> Well, we've seen major advancements in the last couple years, even, in fraud detection, you know, real time. And is that seeping into the enterprise? >> Well, it should, that's the ironic thing is, is that with our credit card, I mean, we get blocked all the time, right? >> It is annoying sometimes, but you know at the end of the day you say, good. >> Yeah, thank you for doing that, you know. And so that's, in effect, the multi factor authentication is you calling up the credit card company, ironically my credit card, maybe I shouldn't reveal this, too much information, someone will hack me, but I use US bank, right there, and we had Jason the CSO of US bank right there, but, you know, calling in and actually saying, yes, I'm trying to do this transaction represents another form of authentication. Why aren't we doing similar things for people logging onto mission critical servers or applications? It's just shocking. >> I'm going to ask you a personal question, so, you mentioned history and computer science, a lot of security folks that I talk to, when they were little kids, they used to sort of dream about saving the world. Did you do that? (laughter) >> Well, I definitely want to do something that adds value to society, so, you know, this is not like the Steve Jobs telling Scully, do you want to make sugared water and all that stuff? >> Dave: No, but like, superhero stuff, were you into that as a kid, or? >> D.C. or Marvel? >> Good versus evil? >> Don't answer that question, you like 'em both. >> But the nice thing about security is, when you're a security vendor, you're actually, the value that you have is real. It's not like, you know, some app or whatever where you get a bunch of teenagers to waste time and all that stuff. >> John: Serious business. >> Yeah, you're in serious business. You're protecting people, you're protecting individuals, their personal information, you're protecting corporations, their brand, look what happened to Equifax when their, when it was announced, the breach, their stock went down 13, 14%, Chipotle went down by 400 million, their market cap went. I mean, so, nowadays, if you have a, if there's a breach, you got to short that stock. >> Yeah, and security's now part of the product, cause the brand image, not just whatever the value is in the brand, I mean the product, the brand itself is the security. If you're a bank, security is the product. >> Absolutely, if you're known for being breached, who the heck's going to bank with you? >> Whole 'nother strategy there. Okay, final question from me is, this event, what are some of the hallway conversations, what's notable, what can you share for the folks watching? Some of the conversations, the interests, the kind of people here, what was the conversations? >> Yeah, I mean, the conference, we really did a great job working with our partner ICIT of attracting sea level folks, right? So, this was more of a business focus, this was not, you know, people gathered around a laptop and try to hack into the guy sitting right next to them as well. And, so, I think there, what has come out of the conversations is a better awareness of, as I said before, it's like, you know what, we got to completely, we got to like step back, completely rethink what we're trying to do here as well, cause what we're doing now is not working, right? And so I think it's, in effect, we're kind of forcing some soul searching here as well. And having others present what's been working for them, what technologies, cloud, machine learning, the zero trust concept, etcetera, where you only, you have to assume that your internal network is just as polluted as the outside. >> I know this might be early, but what's the current takeaway for you as you ruminate here on theCube that you're going to take back to the ranch in Palo Alto and Silicon Valley, what's the takeaway, personally, that you're now going to walk away with? Was there an epiphany, was there a moment of validation, what can you share about what you'll walk away with? >> There's just a hunger. I mean there's just a hunger to know more about the business of security etcetera. I mean, we're just, we were amazed with the turn out here, we're pleased with working with you guys and the level of interest with your viewership, our webcast, I mean, this is, you know, for the first time event to have both in-person and online, well over 2,000 people participating, that says a lot. That there's just this big hunger. So, we're going to work with you guys, we're going to work with ICIT and we're going to figure out how we're going to make this bigger and even better because there is an untapped need for a conference such as this. >> And a whole new generation's coming up though the ranks, our kids and the younger, new millennials , whatever they're called, Z or letters they're called, they're going to end up running the cyber. >> Yeah absolutely, absolutely. So there just needs to be a new way of going about it. >> Tom, congratulations. >> Thank you. >> Great event, you guys got a lot of credibility in D.C., you've earned it, it shows. The event, again, good timing lighting the bottle, The CyberConnect inaugural event, Cube exclusive coverage in Manhattan here, live in New York City at the Grand Hyatt Ballroom for the CyberConnect 2017 presented by Centrify, I'm here with the CEO and co-founder of Centrify, Tom Kemp, I'm John Furrier, Dave Vellante, more live coverage after this short break. (modern electronic music)

>> Narrator: Live from Las Vegas, it's, theCube. Covering NAB 2017, brought to you by HGST. (upbeat techno music) >> Hey, welcome back everybody. Jeff Frick hear with, theCube. We're at NAB 2017 in Las Vegas, California. 100,000 people all talking about broadcast industry, media industry, and tech. Met is the theme because the technology is completely interwoven in with media and entertainment. And we're excited to have a great representative from the Hollywood Section Manager, Society Motion Picture and Television Engineers. That's a mouth full, Steve Wong. Steve, welcome. >> Welcome, or SMPTE, that's the easiest. >> SMPTE, I'll go with SMPTE, he's from SMPTE. Alright so you had an interesting talk earlier about blockchain. It's interesting, we've been here for three days and a lot of conversations of kind of, similarities with trends we're seeing at other shows that we cover with democratization of data, and access to the data, and abilities of cloud, and integrated security. But we haven't really talked about blockchain. But I think that's kind of funny, that now we're hearing the blockchain conversation come in too as we hear in many places. Where does blockchain fit? >> You know it's really interesting, because originally I had heard of a blockchain for folks in the financial industry. And that's where the real big push is. And a lot of VC's were talking about blockchain. So I started to look at blockchain and median entertainment, and I said, "You know could this fit? "You know what would be an interesting fit for this?" And when you look at making a movie or a television program, it's just a lot of transactions. And that's where blockchain is absolutely perfect. >> Right. >> You know blockchain is basically a general ledger entry. So when you think of you know, why is that important? You know, I looked back to the origination of content, you know, for moving images, and that's a feature film script or a television script. >> Jeff: Right, right. >> So imagine when you write that, the first thing you do is you go and you register it with the copyright office. So my thought is, that's your first chain in that link of ownership. And so the next thing you do, is you want to option that script off. So you're going to send out a document, your PDF to your agent, and he's going to send it out to a bunch of other agents. And then you'll have a track record of that next transaction, whoever received that. >> Jeff: Right, right. >> So as you go down through that production, you know I envision being able to tie it back to that original ownership for that script. Whoever options his script to go out into the production. To actually take that all the way down to the storage, to the camera, and be able to pull even all of that meta-data together. Link it to the ownership into that chain, all the way to the distribution to the actual viewer at the end of it. >> So, the greatest descriptive term I've heard of blockchain is trust as a service. >> Steve: Right. >> Which is really an interesting way to coin it. And what's interesting about this industry, is the transient nature of the way, you know, kind of groups of people and resources are assembled around a particular project, this script in which you described. They create this asset, and then they go, you know, poof, they go back from whence they came. >> That's the challenge, right? >> So it really begs, it begs for better trust solutions. >> So imagine you get a deal with a show, and they say, "You know what? "We're going to pay you rate, "but we're going to give you percentage of the back end." And you say, "Fantastic." And then you go on to your next project. How do you find that out? >> Jeff: Right, right. >> Right now it's really difficult to track that all the way back, residuals or whatever. This will be an easy way to basically see who's seen it, who gets paid, what you're owed, and everything else. >> Right. Now it's pretty crazy now you said before we turned on the cameras, that it's all very, very still old-school paper based at this point and time. >> That's the crazy thing about, you know, you look at other industries, you know, and I touch a lot of industries. And you think, wow, you know, we've got basic things. Such as when I start with an employer, I can go online and download all of my stuff, and I never touch paper. But even today in the television industry and the motion picture, you know, for 99% of it, it's all paper. So basically all my stuff I have to physically give them, and fill out, you know, documents at the end of the day. You know, a PA checks me in when I show up. A PA signs when I send out, on a piece of paper, they send it in a football back to the financial office at the show. And they do all these things manually. You know, it's coming to where they're doing digital onboarding. >> Right. >> But all this stuff is still paper. Because really it's like we've been making movies for the last hundred years. >> Right, and yet we're surrounded at this conference with hundreds of thousands of square feet of new technology, and new innovation, and computer based stuff, and IP based stuff, and crazy cameras, and 360 cameras, and 4K, and 8K, and HDTV. So clearly there's no holding back the technology edge. That there's three leverages, but then you got to check-in with the PA right? >> If you make billions of dollars the same way that you did a hundred years ago You know, who's going to be the guy that going to change that? Or a girl, right? That's the challenge, if it's, you know, not broke, don't fix it. >> That's why I love Clayton Christensen's book. It's still my all-time favorite book. Right, it hard to change when you've been making money, that same old way. So what are some of your other impressions of the show? You've been coming here for a number of years. The vibe's different I keep hearing. It's our first time, but I'm curious to get your kind of general impression. >> You know the interesting thing is, you know, again following the trends in other industries, you know, to move to a true digital IP workflow. So I'm seeing that really starting to materialize around here. You know, I think that the challenge is... You know, when I started off a hundred years ago on television I was a, you know, de facto MIS manager and director of research at ABC. And back in those days, in the 90s, you know, I connected our sales team to the internet. And then you could actually send emails to the buyers, and that was like a big, big jump. >> That was a bad day though, in hindsight. >> Yeah, so um. >> (laughing) Too much email ack. >> So you see folks that, you know, understand video and BNC cables, and things like that. >> Right, right. You have another group that understand ethernet, you know, NIP. And they have always been in two different worlds. You know, at every TV station, you have your IT guy that would never touch the broadcast equipment, he was forbidden there. >> Jeff: Right, right. >> You know, a long time ago. But now you see that merger. You know, where you really have, you know, a manager or VP that understands video and understands IP, and says, "You know there's a better way to do that." And it's secure now a days, and you know, if you take the right precautions. So that's the trend that I've seen change around here. Because the cameras are all digital, right? >> Right, right. >> Everything is digital along that path, why would you have to go back to video? >> Jeff: Right. >> You know, we have things like Periscope. We can do live video to millions of people. >> Jeff: Right. >> So the technology's clearly here. >> It's just so amazing, you know again, the themes are consistent wherever we go. This just democratization of access, and ability. That I can go sit in the front row of a Dodger, Giant's game, and you know, hold up my Periscope and pretend that I'm Vin Scully, you know, for a minute. Which clearly I'm not. And people probably are not going to watch me like they love Vin Scully. But it's so interesting that at the low-end, you know, there's so many tools available for people, for creators, that they just have access that they didn't have before. At the high-end, I mean, the amount of stuff in this conference room. Again with the 360, and VR, and the IR, and the 4K, and the 8K. You know, it's fascinating. But I sometimes wonder is it too much? Are we still managing, you know, the story telling? And is it-- >> And that's what it comes down to. You have to tell a story, that's the most important thing. >> It's so competitive for the audience, right? Because the alternate is just a quick swipe away, you know. So it seems like the pressure to perform, and to get your ROI's, especially on these bigger projects, has got to be higher than it's ever been. >> Alright, this is an interesting thing, because what we've seen in Hollywood is an increase in production. You know, it used to be you'd wait, you know, for a TV season, and they'd pitch the shows to the advertising agencies in New York. But now with the increase of Netflix and Amazon, there's always a season. >> Jeff: Right, right. 'Cause they're always buying things. You know, whatever YouTube channels. You see YouTube stars that are making money, and that's a valuable audience now. Where people are saying, "I'll just watch YouTube tonight "and see what's going on there, "from the people I like to follow." >> Jeff: Right. >> So that drives production, you know, goals and costs down because you can't do a hundred million dollar YouTube production, or you can I guess, right? But you probably won't make any money with it. >> (laughing) I'm sure they are. But the other thing is just strikes me, just is the compression around, for feature movies, around the opening weekend. 'Cause there's only 52 weekends a year. >> Steve: Right. >> And, you know, some of those are probably not so great from a marketing point of view. And this just compression to make that number. Because the next weekend, or two weekends from now it's another movie, or it's another movie, or it's another movie. And so it's seems just crazy. On the other hand, the long-tail opportunities with VOD, and multi-forms of distribution, multi-language, multi-format, multi-channel are bigger than they've ever been before. So it's this interesting dichotomy in terms of the way the market's evolving. >> The interesting thing, because of that pressure, we see huge growth in analytics. You know, there was a great article from, About Netflix, talking about the genres. You know, in Hollywood we've got like 13 genres or something like that. But Netflix has like 73 genres. >> Jeff: Right. >> So they've broken down their audience 'cause they have the device. You know, they know exactly what they're watching. So they use those analytics to their benefits when they buy. You know, the studios are at a disadvantage, unless they have the same things. >> Right. >> So you see guys like Legendary investing in analytics teams and, you know, all these other folks out there that are investing in these analytics teams to make that, you know, smarter investment for those movies. >> Right, it is interesting is, again, as it gets consistent, right? Is that now, if you can track to the consumption of the material, you're not just shipping the product anymore. And it's going to a theater, and hopefully people are watching it or not watching it. But now if they're watching it on their phone, you know, where they're watching, who's watching it, you know what time, how often, how deep they go-- >> Well now that's the key. >> Jeff: It's pretty interesting. >> If you have that application, and you have the ability, you know, like Netflix does that's awesome. >> Jeff: Right, right. >> But remember most of the studios and networks, they're creating it and licensing it off. So they may not get that information. But that's where you see the other trend, where folks like HBO, they create the content, but they also want to have that application device so they can get that information. So I think that's another trend you'll start seeing. >> So will the ones that are still independent that don't have the channel, you know, start to get back as part of their channel deal, some of that data? >> It's challenging, right? Because cable companies typically don't want to release that data. You know, a secondary OTT app may not want to release that data. So it really forces a creator to own that distribution chain, so they can get that valuable data, so. >> Interesting time. Somebody said earlier, I think in the week, that Netflix, I think, is now the largest producer. I don't know what genre of category, but they're like one of the largest studios now of all. Which is pretty fascinating, when they were simply, you know, DVD rental service not that long ago for people that remember what a DVD was. >> Steve: Right. Having difficulty getting contracts with studios. >> Jeff: Right, exactly. >> But-- >> So make your own I guess, that's the ticket. >> Steve: There you go. >> Alright, Steve, so I'll give you the last word. As you look forward to 2017, if we meet again here next year-- >> Steve: Yes. >> What do you think the topics going to be? >> Again, I think what you're going to see is more folks moving to a public cloud, trusting that, and really working with it, using analytics. And the most important thing, that we touched on, is managing that security. Making sure they don't get hacked, so. >> Alright, Steve. Well, Steve from SMPTE. That was the shorter way. >> There you go. >> Steve Wong, I'm Jeff Frick. Thanks for stopping by. >> Steve: Thanks so much. >> Alright, you're watching, theCube, from NAB 2017. We'll be right back after this short break. (upbeat techno music)