tv FBI Director James Comey Delivers Remarks at Leadership Dinner CSPAN March 30, 2017 8:28am-9:30am EDT
chico, california, saturday at noon eastern on c-span2's booktv and sunny afternoon at 2 p.m. on american history tv on c-span3. c-span3. working with our cable affiliates and visiting cities across the country. >> at a conference with intelligence community, fbi director james comey talked about the bureaus relationship to intelligence agencies and its counterterrorism efforts. he also sits down for an interview with former national counterterrorism center director michael leiter. this is one hour. >> thank you for that kind introduction. i did take a shot at the new england patriots on live television, which i heard about from one of my brothers who betrayed the family when he moved to massachusetts and became a patriots fan.
[applause] >> what i want to do very briefly is share with you some thoughts that are top of mind today for the fbi, and then i want to shut up and take questions bu but i will try to avoid answering from the great michael leiter. [laughing] and i'm determined not to make news for those of you who are following this. [laughing] first things, i want to talk very, very briefly about how the fbi is thinking about our cyber strategy -- can you hear me okay? how the fbi is thinking that our cyber strategy and that i want to talk about a unique challenge to all of her work in the form of ubiquitous strong encryption and explain to you why that matter so much to the fbi and why we're determined to continue to talk about it. first our cyber strategy. to state the obvious for this room, all the threats the fbi is responsible for, as to the internet. intelligence compiled a criminal threats we responsible for, and
terrorists in the following way. to proselytize, to communicate, to inspire, to direct not yet to use the cyber vectors way of doing actual harm, flicking, infrastructure but logic tells us that inevitable for the terrorist mind to find that doctor peer to all the threats fbi's responsible for at us in that way. the first part of our strategy is humility. we are standing in the middle of the greatest transformation i think in human history. the way we learn, the way we work, the way we love, the way we connect, the way we believe all is affected by the digital era, the digital revolution. and so we stand there with an attitude of humility because it would be foolish to say we know how the fbi should grow and change and adapt, to meet a transformation that is never happen in human history. we don't know for sure. what we're trying to do our things that are thoughtful that
make good sense to us and then get feedback from her own people, from our partners, from our colleagues around the world about what it's making sense, and then we will iterate. but our strategy has five parts, and actually two parts of it i want to spend some time on cyber pundits would relatively quickly. quickly. our first part of our strategy is we want to focus ourselves, and are two aspects that are want to highlight for you at the ways in which we're kind of focus. the first is the way we assigned to work in the fbi. traditionally the fbi the physical manifestation of an event is what drives who works on it. so if the bank robbery happens in chicago, the chicago field office works the bank robbery. if the fraud is based in seattle, the seattle office. we have come to the conclusion that the physical manifestation of a cyber intrusion especially isn't all that meaningful. because it is being committed likely by somebody far away from
the physical manifestation. it's being committed at the speed of light and it may be quite random as to where the intrusion pops first. and so we're approaching her work in a different way for the fbi. we now assign computer intrusion work, whether that's a nationstate, whether it involves a criminal syndicate, whether it involves a criminal syndicate with a nationstate, whether it involves hactivists or someone else, the motley crew of people who bring gaged in intrusion. assigned based on talents. we make a judgment as to which field office has shown the best chops against a particular dimension of a threat posed to us by a nationstate and we assigned it there because they've demonstrated the ability. because physical manifestations of intrusions are part of the real world and there really is a chief information secret officer in the really is a cso and the ceo of a company that is been victimized, we are not blind to physical manifestation and so we
assign the threat to the talent and did we allow up to four other offices to help. the first office is called a strap office for strategic. the other office or cal called x offices for tactical. then we air-traffic control from washington. this has had a great effect inside the fbi because it has fostered an intense competition among field offices to demonstrate, generate and demonstrate talent against various dimensions of the threat. and so if the little rock show since they are best against a particular intrusion sent from a foreign nation, a ghost to little rock regardless of where the hits are from that intrusion set. -- it goes. so far it is working pretty well. so far the air-traffic controllers work pretty well but we stand with humility and if it is a consummate we will iterate. that's the way we're now assign to work. secondly we're trying to focus ourselves is on stealing your
talent. and here's what i mean by that. the challenge we face in the fbi is to have a special agent working cyber we need a variety of things. we need high integrity. we need fitness. we're going to give you a firearm. you have to be able to run fight and shoot so we need integrity, fitness, then we need smarts. we need intelligence and then we need specialized knowledge to make a cyber agent. that collection of attributes is rare in nature. we may find integrity come somebody who can do a push-up who has great specialized knowledge in general intelligence or we'll find somebody with great specialized knowledge, can pump out push-up but wants to smoke weed on the way to the interview. [laughing] and so we stare at the pool of talent and we are two reactions to the pool. we can't compete on money. you in the private sector have more money than we.
we acknowledge that to the people we are trying to recruit. we also make sure they understand life with you is soulless and empty. [laughing] [applause] he said, half kiddingly. and if you want to do work with malt content, come to us. it's not about the living. it's about the life, a pitch i know work for a lot of you in this room of hours. and so we try and recruit on moral content and a try to think differently about how might we generate that talent in a number of different ways, we're considering do we really need gun carrying special agents making up an entire squad wax now we have squads of eight around the country. should we instead have to special agents and six something else? may be people of integrity, people find halogens, people with specialized knowledge. we don't give them a gun because they don't have physical attribute.
something else we are considering is if we can find that integrity, that physicality and basic high intelligence should we grow our own? should we build our own university to take that talent and raise it up to be cyber talent? maybe. should we also do something else that would be very, very new for the fbi picture we try to make the barrier between us and the private sector semi permeable so that special agents might come and work for the fbi and then to work in the private sector and then come back? the current role requires anyone who leaves for 24 months to go back through monaco. that's a painful experience for people in their 40s. they all want to come back because they discover your lies are empty and soulless and so they want to come back but we've made real barriers to the returning and might we be able to encourage people from the private sector to come work with us as that something else, don't have to go through quantico to learn how to run, fight and
shoot and then return to the private sector. our minds open for all of these things because we are seeking a talent, talent in the pool that is increasingly small. so you're going to see as fixed them with a number of different approaches to this and then i hope when you see is doing something doesn't make sense you will tell us. where you see is something where we need to do more of you will tell us that as well and it will be met with an attitude of humility. so focusing in a better way our work and how to get our best talent as a first part of our strategy. the second part is we need to make sure that we inside the government have our act together in such a way that it doesn't matter to whom a victim of an intrusion or a crypto where a attack or some other attack, it doesn't matter who they tell in the federal government. we are in the placement comes to counterterrorism. you walk up to an fbi agent, a deputy sheriff, a police officer with a piece of information about it, counterterrorism,
terrorism threat, it will get to the right place very, very quickly. it doesn't matter who you tell. we've got to get to the place inside the federal government. we made a lot of progress trying to understand the rules of the road but we still have work to do. the third thing we're trying to do is impose costs. i don't know of a cyber intrusion that is ever been committed high on crack or inflamed by finding a lever in the arms of another. these are crimes, intrusion, attacks committed with reflection and columnist at a keyboard. we think that's an opportunity for deterrence, for influencing behavior. so we are keen to make sure that that attacker, whether it somebody sitting in a government office halfway around the world or in a basement somewhere in the pacific northwest that they feel our breath on the back of their necks, may be literally but at least metaphorically as they begin that intrusion activity. we think we can shape behavior
by locking people up and we can't lock people up, by sending messages of pretty scary deterrence, faces unwanted posters, people sometimes say but the hacker somewhere halfway around the world working for another government, or their sheltered by the government. how are you ever going to get them? and my response is, life is long, the world is short, we are dogged people. we just gave up on d. b. cooper, and that took us -- [laughing] -- about 52 years i think. for those of you who are young, he's a guy who jumped out of an airplane over the pacific cascade and we hunt again for 50 years. we are pretty sure he is dead now so we're giving up. but when your face goes on a wanted poster will not give up in your lifetime and i can change behavior. so you will see us trying to send those messages to shape people as they think about intrusions. the fourth aspect of our strategy, i won't spend a lot of time on, is to help our brothers
and sisters in state and local law enforcement raise their digital game. because everything they do requires digital literacy. in the good old days, a narcotic detective would roll up on a location, execute a search warrant at a drug house and find not just drugs and money but one of those black composition notebooks, and the dealers would've written who got how much and how much they were and that have to be photocopied and an exhibit sticker put on and you're good to go. today there's no black composition notebook. there's a pda, a thumb drive, a laptop, a digital device. we have to have our colleagues get to that work in a quality way because they're sipping away the fbi can be part of helping with all of it. i'm told that people get e-mails from me when i'm in nigeria asking for money to be wired. [laughing] i usually write, identify myself as president of the federal bureau of investigation. don't send me any money.
but people do get ripped off and the bureau can't reach all of that so the fourth part of our storagstrategy is help our parts raised their game. there's a lot behind that but i'll leave it there. the fifth thing which is what i want to spend just a few minutes on, we must get better at sharing information across the boundary, and there should be a boundary between the public sector and the private sector. we have to find ways consistent with law and policy and tradition and culture to make the barrier between us and the private sector semipermeable in some fashion. the reason for this is nearly all of the intrusion activity in the united states, at the united states hits the private sector. all the victims are in the private sector, all the indicators are in the private sector, all the evidence if we want to go criminal is in the private sector. we are not nearly good enough at getting information from the private sector to us and getting information from us to the
private sector. this is a problem not so much of law but of lore. and the biggest problem, i was a general council as you were to come the biggest is people like i was who are spotting risks and calling them out. if we give that information to the government, will be used against us in a competition? will it be disclosed to congress in some way that becomes public? when we get sued? what will our shareholder say? i see too many risks pick what you want to do is high when of the great firms that can help us remediate and let's get back on with our business. even people saying yes, our files are locked up with ransomware let's just paid the ransom and get on with it. most of the intrusions in this country are not reported to law enforcement. and that is a very bad place to be. people are foolish and shortsighted to think that their interest in the private sector are not aligned with ours when
it comes to this. because you are kidding yourself you don't realize that the hackers will be back, if not do you come into your subsidiaries and your supply chain. those with the ransomware will be back, especially if you paid them off. our interests are aligned. the challenge we face is having the private sector no as well enough to realize we understand what is it to ms., and we treat victims for what they are, which is victims. we do not read victimize people. whether that's a sexual assault case or an armed robbery case, a motley case or a computer intrusion case. we have lots of practice at this. our challenge is people don't know us well enough. too much confusion and skepticism, and distance derived from misunderstanding and myths. the fbi mission is to get out and talk to the private sector and let you know what we are like.
now, i liken this actually to a jury that the cia and the fbi traveled since the mid-1980s. that's what i mean by the difference between law and lower your most of the people in this room know that in the mid-1980s classified information procedures act was passed. that offered us certainty about how sources and methods would be triggered and protected if the government decide to use a criminal prosecution to incapacitate. to reassure the intelligence community that were not going to blow sources and methods. there's a framework and here's how it will work. that did not get the job done. because of that law. it took us 20 years of building trust case by case by case with the intelligence committee came to realize you know what, this really works. we really can trust the fbi to protect our sources and methods, to use these tools that event of the books since the 1980s and use them in a way that protects us. that took us two decades to
build trust. it is in a very healthy place today. it is not any healthy place when it comes to the private sector. so my asked, those of you who run companies who are the chief sacresecret offices, the general counsel, the ciso, if you don't know someone at the fbi office where your facilities are, you are failing. you are pushing on an open door. come and talk to us to understand in the event of an intrusion, in the event of an attack what is it we need. you will discover we don't need your memos. we don't need your e-mails. we need indicators of compromise pick we need to know how did the bad guys come, what other signals, the indicators that we can use to attribute to try to impose costs and to help you get over this attack. the sony attack was a vicious, hugely damaging attack. it would've been worse if somebody hadn't invested the time to know us before the attack.
every single one of you works in a facility at your local fire department knows the local layout of the better-known and oracle -- intellectual property or your secrets. then know where you're elevators are. they know general layout so in the midst of a smoky disaster they can save lives. we knew sony in that same way. we didn't know their secrets or intellectual property. we knew the key people, facilities, the layout of the network, generally. and that day within hours we were on the ground helping stop the bleeding. the private sector has to get to know us better. we are going to be more effective. but it doesn't stop there. because it's bad that people don't share information to us. we don't do a good enough job of pushing information to the private sector. we have a cultural impediment, which is we have this information. if i give it to them are they going to jeopardize sources and methods? sometimes we forget that you don't need the sources and
methods. you need indicators of compromise so you can figure out how they're coming at you. and i'll be in the room know this, oftentimes private sector partners don't realize what or con means. oftentimes fbi lab piece of information we can't just turn over to you even with a tear like a quicker to go back to the people who owned that information who gave it to us but we can do that so much better than we are doing it today. we will get better. i hope you help us get better as well. blessing of want to leave you before his start avoiding mike's questions is of this. i intentionally did not talk a lot last year about the challenge we face from ubiquitous strong encryption. our judgment at the fbi was that this is a complicated issue with legal aspects, tactile aspects, policy act specs, values. it was too complicated to discuss during an election year. i'm know you would think you were totally wrong, we could've
nailed this, but we decide we would not force a conversation about it but that we would use the time to try to collect data so we could show people what's happening to our world. here's what's happening. if you imagine we were, the fbi works any room. a corner of the room has always been dark for the last 20 years. sophisticated actors could always find encryption to lock up a device, encryption to cover data in motion. the sophisticated actors, nationstates, new nation state actors. what's happened since the summer of 2013 is that dark spot has started to spread through the entire room. ubiquitous default encryption on devices, ubiquitous default throwing encryption on absent of the forms of communication has spread the shadow so it's starting to cover more and more of our room. i'll demonstrate this with encounters with the devices.
october, november, december 2800 devices are presented to the fbi in the united states with a lawful authority to open the sum from fbi investigations, other some state and local partners. they gazed into the fbi saying we have a court order, can you you help us? in 43% of those cases we could not open those devices with any technique, any technique that is the shadow falling across a work. you may say, who cares? i don't know. but i think america needs to have a conversation about this. because i care deeply about privacy, treasury. ivan instagram account with nine followers. nobody is getting in. [laughing] vro all immediate relatives and one daughters serious boyfriend highlighting and because they are serious enough. i don't want anybody look at my photos here i treasure my privacy and security on the internet. my job like a lot of job people
in this room is public safety. those two values, privacy and safety, are crashing into each other. but but i believe something more fundamental is happening. especially with regard to devices. those devices contain so much of our lives, our business life, social life. our lives are on the devices that we were on her hip or we carry in our pockets. that's a great thing. that has made his bed and lots of different ways. but it's also introduced with ubiquitous default encryption a concept that is new to america, which is absolute privacy. we have never had absolute privacy in this country. this country was founded on a bargain, which is your stuff is private unless the people of the united states need to see it. and then with appropriate medication and oversight, obvious example of that being in china in the fourth amendment, the people of united states can see your stuff. they can go through safe deposit box, your socket or work on your
car. they can compel you to say what you remember in appropriate circumstances. we never had absolute privacy. the bargain was we have this privacy they can be invaded with his predication oversight so we achieve a balance between privacy on the one hand and security on the other. what's happened to us now is we are drifting to a place where absolute privacy is a huge feature of american life. there are wide swaths of american life that are in a off-limits to judges. and i'm not offering that as a value statement. that's just a fact. that's a different way live. if we are going to change the fundamental compact at the heart of this country, it should not be the fbi that does it. it should not be companies that are making amazing devices that do it. the inner can people do it. so what i determine to do is not tell you what we ought to do to solve this problem but to tell you there's a problem, and to urge all of you to participate in this conversation. maybe at the end of the day we say the benefits of privacy in
this instance are so important that we'll put up with the trade-offs, or maybe we say, you know what, the trade-offs are so significant we ought to see if we can't find a way to optimize both of those values better than we are today. and actually reject the idea that it's too hard. i actually don't think we've given it the shot it deserves. i don't know anybody in the private sector that is making devices who is incentivized to try figure how to optimize those two values. they sell privacy. i get that. we are responsible for public safety. somehow we have to bring those two together. the fbi is an example of how it can be done. we can devices to some of our agents for here today. we give them devices and we work very hard to make secure, but we retain the ability in appropriate circumstances to access the content. it does not require weakening encryption. it does not require giving the government a backdoor of some sort. i could actually imagine a world
where something if you're going to sell devices in the united states, you are required to be able to comply with judicial orders. you figure out how to i don't know whether we're going to go there, but first we have to have a conversation about it. so you'll see the fbi trying to supply data to this conversation, stories of how it impacts our work so that we can foster and informed debate. because what i don't want to have happen is, i'm six years and a few months to go, six years from now people say to me, hey, how come you didn't say something? i'm going to say something. this is affecting our national security work, counterterrorism, counterintelligence in all of her criminal work in profound ways which you would expect because we are now living in a different way. we should talk about it, and i thank you so much for joining the conversation. i look forward to mike's questions. [applause] >> thank you, michael.
>> can you hear me? so thank you, director comey, for those comments. i think he has covered a lot of topics but mike is going to explore a little further i think there's a couple more issues that mike will probably get in as well as we go along. but i want to introduce mike a little bit. it was an interesting exercise for me today. the thing i'm going to introduce my, i know mike, i'm going to say couple of nice things about mike bu but i went back and read the bio, and i guess i would suggest to all of you come every once in a while when you're going to do something like this can go back and read about because sometimes some people you think you know, it's really a good idea to get to know them a little better, get to know them a little bit better. so as i get into that, you all know mike was director nctc for four years i think, right? left there and 2011. you seem a lot on nbc news doing
some commentary stuff, very good. he's been in industry. he's been with us on the industry side as well, but i kind of went back and look at a couple things. mike was a naval aviator with service in iraq and yugoslavia got out, went to law school, was the 100 13th president of the harvard law review. left to their and clerked for stephen breyer on the supreme court. went from there and was an assistant u.s. attorney for the eastern district of virginia. went from there to the wmd commission where he got involved in things like, how she would restructure the fbi and something called the national security branch. and so you see some interesting parallels between some careers and are just wanted to share that with you, and also to say
with a sort of background that we know we get with our director of the fbi and with mike, we are very lucky to have people like that willing to serve. so thank you both. [applause] >> i just wish that when we stood up my head was parallel to jim's? five-foot ten mac -- five-foot ten. thank you for those comments and i think all of us really do alle you and i would ask a round of applause for an american public servant who has been through, has had an incredible career and has been in the midst of one of the most difficult times i think in recent history. i want to thank you for your service. [applause] >> and i've got to say, i'm
going to jump right into what i think everyone in this room, and many people watching on c-span, probably want to know about. the big question, what do you think about the fbi has changed the uniform crime reports? is that not why you are here? quite seriously, jim. a lot of people talk about bob mueller have the one of most incredible early tenures as director of the fbi coming in a week before 9/11. you didn't get hit with that tragedy that we all experienced at the beginning of your tenure, but since july of this year you have been in the midst of what we now know are to criminal investigations involving broadly the presidential campaign. and without asking about that,
because i know you would just be paid the question anyway, can you reflect just a little bit on your approach to decision-making through all that -- evade the question desperate for special being the director of fbi for two presidents carryover between administrations as the statute congress intended the position to be, your decision-making through all of that and how as someone who is part of intelligence community, part of law enforcement, part of the department of justice has to build that trust with the first customer and simultaneously is a deeply involved in incredibly sensitive counterintelligence or criminal investigations? >> that's an easy one. thanks, mike. [laughing] first, i think rob molars early tenure -- bob molars early tenure was much harder than mine. i'm not just saying that. came the week before 300 3000 pe were murdered in our country and then he had to not only deal
with that oversee the investigation but transform the fbi. and i inherited a transfer of fbi my job is a lot easier honestly. the last year, almost a year now has been both difficult and easier than you might think. and i tell you i've never been prouder of the fbi. what makes the easiest, we're not on anybody's side, ever. we are not considering whose ox will be gored by this action without action, whose fortunes will be held by this or that. we just don't care and we can't care. we only ask, what are the facts, what is at the law, what is right thing to do? often we find ourselves choose between that and worse, having difficult short menu of options, but in a way that's being easy because that's who the fbi is at the people i think sometimes look at me as i look at what you did.
actually, the fbi made these decisions and a high-quality way. the painful part is that we confuse people. and the reason we confuse people is, most people see the world differently than we do. especially in a hyper partisan fiber. most people wearing glasses that filter the world according to side. this is john's eye face when he testified in front of congress. they see fax come how to set argument affect my side? when the counter people, and on just one of 37,000 federal like this at the fbi, who never consider side, it's confusing. like okay, so you're trying to help this person and that person. one of my daughters share with me last summer, maybe late last summer a tweet. actually i'm on twitter now. i have to be on twitter. she showed it to me and is said jim comey is such a political hack, i just can't figure out which party.
[laughing] and i smiled and i took that on a share that with my senior step and i said, is the greatest compliment. we confuse people because a lot of people can't imagine people who are not considering side. .. instantly never will in the misunderstanding of a lot of people about us can be painful. easy part is we know it or northstar is number 16.
[applause] >> follow up a little bit on that. the fbi is part of that always relied on the select committees on intelligence to provide you to breathing room to do those things into a nonpartisan way. the select committees were to make sure that their oversight was more nonpartisan if not perfectly nonpartisan. make your job when partisanship is to venture into those realms of oversight. those groups that are supposed to say, no, don't worry. jim comey says trust me he's doing it right. he's following the law. we are doing the oversight and u.s. american should feel safe in privacy to protect them. >> i don't want to comment on current events, so maybe i could
just talk in general. it's vital that we the intelligence community need to be able to share with the american people through their representatives the most important things we are doing. for a bunch of reasons. they ought to know. and second, there is a danger in all humans, especially in authority and the government to capture something john adams said to thomas jefferson, which is power always thinks it has a great soul. this danger. i think i'm an honest person. i'll follow love of my own own view of things. so that checking imbalance is the genius of the design of the founders. it is vitally tell them what we are doing so they can ask our questions about it. in my experience, it is a highly productive relationship. sometimes people outside the road don't understand it. how can you tell a select few? the nature of the work. they are things we can't let the nation's adversaries now. we have to share them with their
oversight committees. by and large, it works very well. the challenge in general and a polarized environment is again, those classes can get in the way of a robust oversight and make it sometimes difficult for the intelligence agencies. and here's the truth. we find a way because we need each other too much because we all believe deeply in the design of the country and we find a way to make it work. >> either way, i'm just happy when you check back in the government, you got your soul back. >> i got it back. >> i would like to ask you a little bit about enough intelligence. not just enough intelligence, but really electronic exploitation writ large because no one might be the device defined after a raid. i want to push you a little bit. i'm just a country lawyer, but i want to push you a little bit on
that fourth amendment analogy that we've always had this agreement at this privacy and security needs of law enforcement with government. it strikes me that these two things have changed. one, there is more information out there than ever before. so in 1787, you couldn't figure out what jim comey whiz bang for the past five, 10, 20 years. just look at his paper is then not have everything. sakic, in those days of a magistrate approved in the search warrant in 1787, that privacy protection that he had didn't cause any problems for anyone else. one of the criticisms of what went on with the iphone makes. was that by asking for one, you
are not just impinging on that individual, but potentially impinging on everyone else who used an iphone on their privacy. so how do you think about those and probably other differences from 1787? >> that's very fair. he pointed to two things that make this a hard debate. to take both of them, there is no doubt that there is more digital dust all of us out there than ever before. could before. couldn't have even been imagined 30 years ago and that we are able to communicate in ways that were unimaginable. i have two reactions to that. one is the bad guys are able to communicate in ways that were unimaginable 30 years ago pick the best example is a fifth is reaching into this country through twitter. especially the summer of 2015 to find people willing to kill on
their behalf and moving them to encrypt data app. that would've been unimaginable when you and i began our careers. so the opportunities -- there is no doubt the opportunities for law enforcement and intelligence committee have gone up dramatically, but so have the ability of the bad guys a second thing. metadata is great. incredibly useful to establish patterns of connection, but especially with the fbi is business as incapacitating through conviction beyond a reasonable doubt. it does not get you there. you will not be able to in some circumstances meet that threshold to a jury simply by saying i see these connections without any sense of content. that's the first piece. what was the second one? i forgot already. >> by the way, sorry. let me out onto that. when you went to the vendor in
the iphone plays come at the argument was we can keep it safe. since then, i don't know who, to some of us who tried to get of the vendor and the justice department is saying we don't want to do that because the vendor might not have the same protection the fbi does need be putting at risk if we disclose the name of the vendor. that's not very much go to the argument that any backdoor passes privacy implication for others? >> is a reasonable argument to raise that whatever solution we have should optimize in the best way security and privacy in their clumsy ways you could do it that would expose all devices to an intrusion, which is why i say this one blew in the face. i'm not in favor of government mandated that doors. if i were asked to imagine the future i laid out, what i imagine if your country so you want to sell devices in the united states, you figure out how to do it. and look, the problem with this
debate is too many people tweeting at each other. it is a complicated conversation. but i don't buy it to heart. thank you companies today are selling devices that are default encrypted and they their cause services are not. i hope they are able to sleep at night. i happen to think that the reasonable security around their cloud. when we served them with a search warrant, they produce what is in the clouds. the notion that we are all fatally at risk were exposed to the government is able to serve judicial process, i'm just not buying it. a lot of work has been done over the last year inside the government to figure out what could be done to opt demands both of those. i'm not going into details now, but it's not impossible. >> you talk about cybera lot of the really interesting things you are doing for the workforce in control of investigation outside the traditional
responsibility. do you see other changes that need to happen in the u.s. government that we haven't seen the executive order on administration in terms of organization. i think the fbi did amazing work with sony, for example. sony also dealt with two or three other federal agencies and their sometimes confusion and there has been in other cases. who's in charge, is responsible? the capabilities of each workforce, how can we do better at optimizing these various pieces of the puzzle? >> that's a great question. where we are today, the length of the road the obama administration laid out, which to my mind captured in writing what we are to develop to her fairly clear to us and make a times b. of the responsibilities to investigate intrusions, share information we gather for investigations. dhs responsibility in the name is to help with remediation and
hygiene in the dni and other parts of the intelligence committee are to provide threat indicators. intelligence about what is going on in the world. an interesting question i'm not expert enough to answer as to whether there is several for nsa to play outside of government networks, dod network as part of their security function, defensive security function. i don't know the answer to that. i actually think we are pretty good place for everyone understands the role of the government and moving to the place we have to get to where it doesn't matter who folks call. you call us about something. looks like it belongs to the secret service. we share it. i think we're reasonably good place. that doesn't mean we can be better, but that point thinking about it. >> getting away from cyberand electronics for a minute. we clearly have a state over the past five years going back to chelsea manning, moving into address note in come the recent
arrests also associated with nsa. a number have come from contract is working for the u.s. department. do you have a perspective on that? is that part of the problem? is there something else we should be doing to protect the data? not even touching the lake sediment criticized over the past three to four months. >> i'm not going to talk about anything recently reported for reasons i hope you all understand. we don't ever want to confirm something is classified information by talking about something in the media. so i'll go further back. there is no doubt that there are improvement that we can make with respect to the way in which we know all the people working on our campuses, both employees and contractors. jim clapper said we are not
quite where we need to be, but there's no doubt the answer is for all of us to know where people incredibly well and if we are relying on periodic investigations, relying on polygraph, of which may be important tools, we are not doing it well enough. five years is too long to wait. the fact cases by insiders to miami when you see on the news something about a terrible crime in a neighborhood. somebody always had a bad feeling about the guy. or take our terrorism cases. friends and family almost always saw something. we look back at the cases we've added that the government including the fbi of the last 30 years. you have to get better at it and data in an appropriate way and popping the flags for the person, not five years from now. we have to find a way for contractors as well as employees. the last thing we need to work on is making sure we have a uniform security culture.
this is a challenge when you have a lot of contractors and sometimes they don't elect a work for you, so they don't need to buy into your culture. somehow we together, private sector and public have to figure out a way to drive high security culture and to everybody, no matter what color their badges. >> another issue, which has been in the press has been immigration embedding. the fbi does not have a role in determining immigration that is then the light. but you have been quoted as the u.s. government's ability to that people who are coming into the united states. it strikes me as a common misperception that you said we can't bet any of these people. the fbi does play a role in vetting. what is your view on how effectively we can bet people coming in the u.s. of any sort. >> we the bureau and her bureau and our partners come intelligence community have a
critical role to play in vetting refugees and others looking to move to our country. we can always improve that and i'm always looking for opportunities to improve it. we dramatically improved to after 2008-2010. we discovered weaknesses in our system so we've gotten our act together in a good way in making sure if there is any -- anywhere and are holding in the u.s. government, will find that and connected to the person. the challenge i've talked about before and i hope people understand what they mean by this. when someone is coming from a place where they are unlikely to be things that connect to them, and from a place like syria, we can have the great systems, talk to each other. we will not be able to buy down risk and away we might if they come from another place we have a robust relationship with that country, including iraq with lots of information since 2002-2003. the challenge of people from
coming we don't have relationships as good as our systems ip, we don't have thoughts to connect. i'm not involved in policy decisions about who should come in and how many. that other business and we are working to improve our vetting. that's what i meant by that. >> i will start transitioning to many of the great questions we thought. there are several about terrorist attacks. san bernardino, boston bomber. the discussion of what has colloquial come to be known as on wolf. is that a term that we should keep you sane? is that mr. rice who and what they are? if you could also speak to the challenges you face after boston and the changes the bureau has instituted us lessons learned from that unfortunate event. >> i don't like that term at all. i worry that it conveys to these
wingnut a sense of dignity and i don't want to give them dignity. their troubled people seeking a misguided way down a path of killing and harming innocent people. it continues to be a major feature of the fbi's work. all of human experience is somehow a search for meaning in their troubled people over the united states were attracted to the idea of finding meaning through the hyper violent authored by the group to savages. so we have investigation all 50 states trying to understand where are these people, these troubled people. it was to problems, mental health goblins, sexual abuse problems, all kinds of issues that lead them in a misguided way to seek meaning. where are they on the spectrum for consuming the poison to that in the poison. that is really hard.
it is a nationwide search for needles in a haystack, but it's actually harder than that. we are looking to find out which pieces of hay might turn into a needle and it gets harder still. especially with the islamic state. if they found a live one, they would move that needle to a place where it disappeared. so it is an invisible, encrypted needle in a nationwide haystack and the reason to find them and disrupt them before they kill. it is incredibly hard work. we are always tried to figure out how to do it better, but incredibly hard. one of the ways we've got other things the boston marathon bombing as we have better shares of information for state and local partners. anytime something happens, we stare back and say what could we have done differently or better? orlando, san bernardino. every time something happened that involves a terrorist
attack, we do that and realized they could make clearer that the default is share and make clear to our state and local partners with the inventory was the joint terrorism task force. so all over the country, we invite the leaders in the agency is part of it on a regular basis. some esophagus every two every two weeks. some want the money come in and talk about the cases came in in the closing, what are still open and get your feet. if you want to follow up on some of them come to you the opportunity to do that. we've got better as a result of that. >> you talk about the transition from a needle, which is a dutiful, terrible, but accurate picture. do we need a system like some european allies of inability to engage that person, possibly not with the fbi, not with law enforcement, some sort of diversion program we have with low-level drug offenders to keep
them from becoming needles in the first instance and not just wait for them? >> all of us in the ct does it have our minds open to trying to find ways to do that. we worked hard the last four or five years to see if homeland security and other partners could build such a thing. so far with limited success. the challenges is no typical person, no typical journey. we are talking about people from the age of 15 to the age of 62 all over the country, all different troubles, all different backgrounds. i mean in a repeatable weight indicators and reliable offramp if people are sort of the holy grail of this work and i haven't found anybody around the world who's doing it in a repeatable, validated way. >> i want to read something from your answer here to some of what your previous comments were then
pulling back counterintelligence. i don't think there's any doubt we know that we are probably one of the most complicated and heavy flow of counterterrorism issues that we've had since 9/11. the volume and speed with which they are coming is probably unmatched. on the cyberside, innumerable threats at this point in your ability to do all the things you want to do is challenge. it's also fair to say that the counterintelligence world is not slowing down and if anything is proud to speeding a period i do have are about the capacity to do all of that and at the same time, due out the other pieces that are so critical to. white-collar, public corruption and you have the budget to get that done. >> it's hard. a good thing our people never sleep. here's the truth.
the fbi is twice the size that was when my friend was director. we are on a path to be at full strength which means 38,000 people. there are challenges. summer 2015, we were strapped because we were following people all over the country who are moving towards very dangerous needle territory and i ask congress, do you have enough resources? if this keeps up i will not because we are polling agents and analysts from counterintelligence work, criminal work of all kind to cover these people. it is only easy to follow people 24 hours a day on tv. it is really hard to do in a clandestine way. so we were strapped. that went away in part because the number of the people who were with basis and the area were taken off the battlefield by our colleagues in the
military. i think by and large we have the resources. we have to make judgments about what we need to be addressed in another state and local partners need to be addressing. the fbi has a competent a process but we ask each field office to look around your area of responsibility and say what are the bad things that could happen here across all of the fbi's responsibilities? who else is working to address this threat and given the magnitude of the harm and the other effort in place, where would we rank that? we rank without regard to discipline across all of our threat than we do that on a national level. so what will happen if a particular state job of investigating game balance, we may pull away to address other threats. you always have to make trade-offs like that. budget wise, when i became your weight of a problem which was sequestration and we need a risk and shut the government down.
we been digging out of that hole for the last three and a half years. quantico were shut down for a year and it's hard to turn a university back on. we heard 3000 people last year. we will hire 2500 this year. my fondest wish to the same human being, the fbi is people appeared to thomas satellites via redundant aircraft carriers. we have great people. that's what we will be working for the next budget. >> been fortunate to have for two more questions. i kind of know where the sun is going to go, but about half a packet of cards include something -- not just ignoring it. [inaudible] last [laughter] i feel when you said that the threats may right before we asked the question. can you comment on your
commitment, the fbi's commitment to pursuing to attend, whatever ends desired the investigation that you but the russian involvement in the u.s. elections. >> i don't want to offend any particular matter. i will say generally what i said at the beginning, we are the same today as they were yesterday. be the same tomorrow. we really don't care who scored by our word. that is the passion at the heart of the fbi. we will always be that way and that can make us annoying and different circumstances. i hope it's comforting to the american people. we are confident, honest and independent. when i leave in six and a half years, google still beat out by. i hope that it's reassuring to people. it doesn't matter. we are going to be the same. [applause]
>> last question very relevant to many people in this room. clearly, the bureau is comprised of 30,000 plus government employees, but he supported by tens of thousands of people from industry, whether they provide information technology for analytic support for basic functional support idea that you would like to see more of? what would you like to see less of? where do you think you need help with industry in a way that u.s. fbi director can't get u.s. government to move fast enough to face the missions you have to face. >> it's a hard one. i need you all to help us be smarter and better. i talked about the attitude of humility when it comes to cyber. the commander's intent is you will find that in all aspects of the bureaus for. you do not have a monopoly on wisdom. we need you to bring to us
smarter ways of doing things, cheaper ways of doing things, faster ways of doing things and help us be agile. it's hard to be agile we need the break ahead, but we are determined to be humble enough, proud enough of our century of achievement, but humble enough to be agile. you will bring us the opportunities that demonstrate that agility. second, i hope you will urge her people, especially those in place for a longer-term contract to get part of our culture. one of my concerns is that long-term contract areas who don't feel part of the fbi and to act like they work for me. i know they work for you, but i need them to be part of our culture. i have met contractors, some of whom are all in. i met a group or sect on the cafeteria to chat with them and they asked me to move out of the way because i was blocking the
tv. they knew i was director of the fbi. they didn't care because they don't work for me. that is something we can't have. i know it's a business model you don't want that. we need you to be mad at us, but for us in a way that will help us both be more effective at accomplishing the mission. >> well, i will end where i started. jim haslett he think we all know is one of the most challenging job in the u.s. government is not the most challenging under the president. i don't think it's going to get any easier over the next six years. but i hope everyone is heartened -- i know i am, by the intellect, the integrity and kind of position you bring to this role. i like to thank you for your past service and thank you for the next six years because it