Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  January 16, 2015 9:00pm-11:01pm EST

9:00 pm
>> from here at the bipartisan policy center, this is an hour and a half.q >> good afternoon, everybody. thank you for coming this afternoon to our event on the sony cyber attack and strategic implementations. about almost four years ago i had the pleasure of working with general hayden and some others to put on a general shock wave.
9:01 pm
the idea was to similar late a cyber attack at the national security council or cabinet level and see how the united states would react. >> stuart baker who was always selling his book skating on stilts, which is a great book if you haven't read it, who was playing the white house cyber czar started pounding on the table saying if the attorney general doesn have the authorities, should go and find the authorities: four yearings late later, i'm not sure that we've gone and found the
9:02 pm
securities. but something has finally changed. the president pushing new proposals seems that maybe we turned the corner and we're going to see changes when it comes to cyber security. i know in trying to move it it took a cyber attack on a show to get things to start changing.
9:03 pm
you've surely read and learned from hr art kal. she knows more on cyber issues than 95% of the policymakers in washington. it's probably 96%. with that, let moe turn it over to ellen. >> thank you very much, blaze. and thanks to the bipartisan policy center for putting on a very timely panel here. the panelists don't need much in the way of introductionings and you have their bios. so i'll keep it really brief. to my left is chair mab mike rogers and was the chairman of the house intelligence committee. former f.b.i. special agent now-turned radio talk show host. just started on monday doing commentary of important issues of the day with something to
9:04 pm
think about with mike roj eres. next to him is general mike hayden, career intelligence professional retired. air force general with 39 years active duty service. and then we have dr. paul stockton at the pebt gone divided the defense critical structure protection program. so i just wanted to oech by
9:05 pm
saying we at the washington post also have cyber security summits every year. for a couple of years, we came up with our own war game and asian countries sending vicious wiper viruss.
9:06 pm
>> it took a hack on sony to get the u.s. government to attack. unprecedented, really, in many ways, to actually name publicly north korea, obama named north korea, and vowed to punish the country. so we're going to go over this attack. i'll briefly recap what happened.
9:07 pm
>> arable a kwoosh a that rk the hash oing rk gathdaftering of poog rk began posting embarrassing e-mails.
9:08 pm
with the national security council. they decide based on unanimous recommend dagsz that they're going to come out the very next day and publicly name north korea. say north korea was behind it. mainly significant on the freedom of speech. so nobody is mr angry at north korea right now than i am and my wife, actually.
9:09 pm
>> we had seempb sde nile of service attacks clearly before. we've never seen a nation state use its capenty, albeit somewhat limited, in a way that actually destroyed data. >> it destroyed enough data to make it very difficult for sony to operate.
9:10 pm
>> that is a different game for us. we saw them do it to saudi aranco. but to see a nation state decide it was going to have an impact by attacking an individual company, we had not quite seen that before. this is a whole new day in cyber space for a host of reasons. now, the united states is going to have to show that it will not tolerate it because everyone's watching. iran is watching. russia is watching. china is watching. naming them i thought was a good thing. i thought it was an important thing to do. there are other things we're going to need to do moving out. it needs to be smartly if we're talking about this six months from now, we would have made a serious mistake. >> the attack was drubltive of data? and, perhaps of computers, but sewny is not a critical
9:11 pm
infrastructure company, right? it doesn't fall into any of the categories. the president said this is not an act of war. he called it an act of cyber vandalism. he wasn't particularly exercised. how would you have assessed the attack? >> first of all, this is on an arc that was predictable. i mean, i don't think any of us were surprised that this was going to happen. but it's on a continuum. and a. >> reporter: prediblgtble continuum. this is not for profit, but to coerce.
9:12 pm
i guess the second point is nort e north korea kid dodid do this. i probably would have tried to strike the word proportional in the talking points. >> why? >> i would think we should give them comfort that our response would be comfortedble. now, the president did say at a time and place of early shooting, that proportional, i think, gave them a little too much relief in terms of what it was we may or may not do. so north korea did it. it was a new marker put down in the nation state. doing destructive things. rather than espionage things. not doing it for profit, but doing it to coerce. >> so different e different than the denial of server attacks. >> i'm 39 years in government.
9:13 pm
our government is kind of thankless in is response. we're going to get and to our usual effort here which is to beat up the victim, all right. and we'll get to that directly. sony will have to answer a whole bunch of questions. >> i'm pleased, maybe modestly surprised. i'm pleased, i would have struck proportional. >> this says itchly cases beyond cyber stuff. this wants to hold at risk different things of value to different people in the world. and we have allowed them to reach -- to take their game into a different domain. if i could, just for a moment,
9:14 pm
again, not particularly cyber related. i mean, north korean foreign policies have been kind of like the instructions on your sham boo e poo bottle. they have taught us to toll rate ever-more provocative actions. i would have really fought to get the word proportional out. dr. stockton, how would you agree on this?
9:15 pm
has access to sufficiently sophisticated cyber weapons to launch attacks in the united states. that's very different from seasoning operation control. never the less we've lad a wake-up call here. the trend is one way. that's towards nations acquireing increasely destructive weapons. and a growing number of nations being able to acquire peace. i'm going to disagree with my old flend general hay arkshayden here.
9:16 pm
we begin to think about how to apply this in if new era. i believe proportionalty is a standard that the united states ought to be espousing. i think we need to be stabding up to the laws of conflict in the cyber realm. >> in the law of war, the legitimate military octoberive you're trying to take down through an attack doesn't cause disproportionate suffering. i think that's a great principle. so we can imagine how tacking on a power plan might affect a nearby military facility. but if that attack creates mass civilian casualties, as an attack on the power grid could
9:17 pm
let's say that this isn't an le jit mat attack. >> what this shows is that even acts that fall below act of war can have significant impacts and come up with a u.s. government response to dissuade or deter the nation state from carrying that out. do you think this is a teachable moment in that regard and that
9:18 pm
up to your point of creating norms. what do you think? >> i think we know what aegs e's unacceptable. what is the appropriate response? >> that's hard. >> i think you're both right, and i'm not even in congress anymore. which is hard for me to say. so i think the general is saying you don't want to advertise what we do believe you have the right to do in the case when a nax state attacks. you don't want to tell them. i think that debate has to happen on what is in our interest. this is exactly the kind of debate we had behind closed doors about trying to figure out what is the right way forward. hoump thor e authority do you give?
9:19 pm
they were absolutely waiting for the right strex. and we never got through, which is why we found ourselves where we are. this is all going to be serious. we have to at least establish our defenses first, however. they're not going to go after the goeft networks. you can understand how much trouble and how layered this
9:20 pm
problem is. so i argue, dig in, put on the held met, strap it up and then we can have a discussion. >> i want to pick up on that point. but i also wanted to just interjekt one question. do you think if the theaters and sony had not cancelled the release of the film, would you still have advocated? >> absolutely. you can not find someone currently in government who said the iran yans did that.
9:21 pm
i think that gets wrapped around a whole lot. >> i think paul and i just talking pass e passed one another, of course, the proe principles are proportionalty. i'm talking ant proportionalty in terms of a state legitimate response. we don't have to limit or tell them that we're going to lichlt our sfons. i'd like to thark r any that we've got more power and feel free to use it.
9:22 pm
>> we have not yet worked out a constitutionality. it's not an official nato document, but it reflects the struggle we now have to how do you categorize e vechblts in the cyber domain.
9:23 pm
>> that is we need to be able to create doubts. if we are going to retaliate we need to understand and i believe that our add ver says needs to understand. we can handle that.
9:24 pm
>> i think it's very valuable. >> let's talk a little bit about the response the obama administration shows. ach new year's they announced the sanctions. do you think more ought to be done? >> yeah, i think they're pretty light. they're symbolic at best. we have had sanctions in the past that have worked to asia. ifgs in government when it happened. when you can turn the torque up
9:25 pm
on elites. >> so what more is there to be done, though? have we not already done the most sot of far-reaching sapgss we can take? >> can we impose? >> i've been in the meetings, i wasn't in these. these are hard. they're always second and third order effects that take effect. and you've got to be careful. if you're looking at this narratively, yeah, we've been pretty light in our response today. squl exactly. there are a whole series of sikd work events. it really needed to have a more instantaneous impact. it was announced.
9:26 pm
i agree, the sapgss were light at best. the people are living well in north korea. most people don't everyone have e lek triszty. so if you're going to do this. we would see a list of sanctions and then you would have some other series of events that would happen and north korea say it just wasn't worth it. and the movie wasn't that good, either. >> have you seen it? >> i have not.
9:27 pm
>> what do you think of asking china or getting chooip that to kpert its influence over north korea in order to rach oat back and contain north korea's behavior in this area. the chinese policy is self defeating. what they need in northeast asia is a root canal. they've really got to go to the dentist and do something drastic. you would think when junior killed his upgle, china's man within the bureau, that would have nudged him in a positive direction.
9:28 pm
we can cajole and object. but it's contrary to interests. now rjs in order to steal food for chinese civilian villagers, i think we see furt e further evidence of the instability of china. i think as secretary of the treasury pointed out the other
9:29 pm
day in conducting business in flowing cash back to. that's the kind of bite that could be helpful. let me say kwun other thing. i believe we aukt to keep our most sophisticated cyber weapons until we fact a much more feared threat.
9:30 pm
we heard recently that the sanctions for the first response. who do you think might have done it? they found ser up tishs ways. this was not horribly sophisticated.
9:31 pm
a company attacked in 2011 to the hacker kmubty all over the world. i think this one movie cost them about $30 million to make. that's what worries me more than anything. >> again, a routine approach is to beat up the victim.
9:32 pm
it was attacked by a nation state. >> the extension to thoo was to go after something that we knew is far superior and there's malicious code out there that has not been seen to the public. i think in between are these ice lated, prachgs dispar atted
9:33 pm
nation states who have a lot less to lose is going deep. that's really bad. if that were really happening in the real world, that would probably be the second or third item on the agenda that morning. that there would be enough other stuff going on, that that's a sub set. >> what scares me is feeling that they have nothing to lose. we just saw it in korea.
9:34 pm
this is an achievable option to them to create great havoc. it gives them sub regional powers. >> that's why we have to adopt the cyber security framework that's put out by nist. the national institute of standards and tech nolgs.
9:35 pm
e we need to assume that perimeter defense is going to fail. we need to begin thinking further if it was superstorm sandy. how does that apply for the realm of everything else that's lifeline infrastructure. we need to think about how we
9:36 pm
can restore the criminality and the government can be useful to industry as opposed to being in the way. >> i'd like to know what you think? should it be up to dod or dhs to get into the subpoenaings and help restore what's gone wrong? or do you think companies would get a no,no no. the problem now is the
9:37 pm
destructive nature of it. it wasn't just the fun and games of, you know, what rich hollywood executives were saying about rich, hollywood starl e starlets. the real game changer was destruction oaf property. that would take weeks, if not movants. it is a new level of concern because of the disruptive nature.
9:38 pm
>> come on that's pretty good. they're already there. why? why are they there? so this isn't 20 years from now. they want to be ready to be able to flip the switch. there's got to be some sharing arrangemented between what we
9:39 pm
know and the classified space so that they can sure up their own defenses. >> is it blej slax you can support? >> the good change is the president is a significant change from where we were. >> he threatened to veto your bill. >> yes, he did. he threatened to veto the cyber sharing bill just not two years ago and then a year and a half ago.
9:40 pm
actually, it was the liebltsd fees. it's a good thing. now we'll get into the debeat. but i've been here before and we are a long way from a cyber piece of sledge slags. we'll have to tend to it for a while. the problem is if it has no functional substance to it it is truly like this chlts two of
9:41 pm
us have had this conversation. you will said that's never going to happen. and you're not going to get it passed the next congress, either. but i think i'm wrong in the second part of my premise. what sony has done, things that are flash frozen because of that debate are beginning to thaw. it did. it froze the debate. and now we're returning to it. thand's a good thing.
9:42 pm
where it ends up, we'll see. squl it was still in play up to that friday. and just the weight of it collapsed on itsz and people walked out of the room and it was done. i do think it was that close.
9:43 pm
i think the president's proposal has some strengths. to prosecute them. and not only boltnets the kind of weapons that we need to be concerned about. this is very strong legislative proposal. >> every ornament you hang on this tree becomes a wait and an anchor.
9:44 pm
>> how much good will it do even if it does pass? a lot of companies won't have the trained personnel to make use of this organization. >> you're tar getting upstream. you want as much of that malicious soursz code weeded out. can you make it realtime. if it's not that, if there's not any pick-up in that system, it won't work. sony did a decent job. in their exterj security. so you've got it. you have to hit that up front. if you don't hirt it up front, it's not going to work. >> i krit size the government being lite e late here.
9:45 pm
frankly,i'm a lot to plam. i think that's a continuing state. it's far more important in government. what, in essence, that's doing, is the government unleashing the private sector to do far more than it's felt skfrtble being able to do in the past.
9:46 pm
>> the maybe e main body is the private sector. >> we've only been talking about the federal level to this point. state governments have a vital role to play here. other regulated utilities are set at the state level. what we lack today are the criteria the decision criteria of what tuts an investment. how can at the state level we
9:47 pm
begin to build con sen susz for the i believe vestment that's going to be essential going forward. >> i'd like to open it up to questions. you know how large is it? how sophisticated are its abilities. are they really trained you know, overseas by the chinese. shed some light there. i can't talk about some of the spechks of your question. but most countries understood that early on they had to have this invest. for a small investment, you can have a very powerful tool.
9:48 pm
>> what we found was their own limited capableties. >> so, again, to me this should be one of those teachable moments for all of us that somebody like north korea so few people have access to electricity, were willing to make this commitmented because it could have such a big impact for them. we've talked about it all day. it almost took an american company off the map. it's close. i think folks r glxz surprised.
9:49 pm
we were just one investmented away orr an organization that has ill will from other countries from getting the people in the right place to pull this off. with access to the latest technology sbe reck which youly. but they got over those hurdles. they have this new capability that's very very important other than inflikting pain. that's what they did before. now look at it. >>. >> i think that's a very important part. this is a country that survives by its ability to provoke.
9:50 pm
they were kind of running the table on conventional methods. so they invested. here's a most of the population multiple commentary and how committed they are to doing this. the secret to their provocation is someone wants described, their surrounded by powerful mature countries. there are several vehicles up on blocks on the front lawn. getting these kinds of tools
9:51 pm
makes that kind of threat more realistic. it's really besides all the things we're talking about and completing the ark and getting to the next level, just the northeast asia geopolitical level is troubling. >> on that note i'll opening it to questions. do we have a microphone? yes, sir with the yellow tie. just identify yourself, please. >> i've been listening and i understand the passion. let's imagine all those con constraints come off. the legislation passes economic con strantsstraints and we do all this information sharing. i want to ask more pointedly, sony was vulnerable. north korea had the tools to
9:52 pm
attack. what is all this legislation, all this capability going to do to prevent that? i don't quite see how the pieces connect. suppose the government has given all the authority to do what it wants to do. what is there to be done. >> again, in was the biggest myth we couldn't get over when debating the legislation the last couple of years. nsa does not monitor private networks in the united states. they're not monitoring private sector networks. it's against the law. they don't do it. that's 85% of the network. they come back with some pretty
9:53 pm
interesting stuff. the private sector can share with you, this is really important. when they see some anomalies they can fire it back and nsa can get to see it and say that is bad. let me figure out where that's coming from. right now they can't do that. the only chance we have now is an fbi agent knocks on sony's door and day you've had a bad day. i don't know if you know this or not. i'm with the government and i'm here to help you. it's too late. something is gone. now the private sector high up in the distribution chain at the provider level can protect itself against really nasty stuff. they may is sampled somewhere
9:54 pm
else. they look at it and go this is a problem. we're going to share this back out in classified way. if it hit sony we see it. i do believe it will help. it won't help in every case. it also allows your cyber security companies to focus on the whole host of other layer of problems. right now they got to fight everything. they're fighting china, you shall russia iran. the only help they get from the government is when the fbi shows is when they say would you like some help trying to figure out who did this to you. i think that's unacceptable. >> right now some sectors of infrastructure there's pretty good sharing within that sector. the electric sector. there's not enough cross sector sharing. very important that this legislation will provide for
9:55 pm
organizations that will allow threat signatures that are hitting one sector to be shared so other sectors can protect themselves against it. >> one of the criticisms i hear from industry. i heard it from some of the defense contractors is when the government declassifies and shares data with it we have those signatures and they're old. dhs shares in realtime with the nsa and they say share something. >> we live this problem for the last four years. there is a mixed bag of capabilities in the private sector. there's some companies who are exceptional good at this and would likely have a good percentage of that source code if you will. i will tell you there was more
9:56 pm
that was even not able to -- remember we collected in classified way it has to remain classified. there were pieces that some of these really good top notch, ill trust them companies with my information didn't have by the nature of our ability in the intelligence sector to collect that information and protect its owner. they didn't get everything. they got a lot. in this case it builds on capability. we would learn from them. they've probably seen things that the goth hasn't seen. the better capabilities we build up on all levels. the good companies that are saying you didn't give me that stuff that's okay because now we're sharing it with everything.
9:57 pm
the guy's thinking you got to be kidding me and now i have to understand how some company in europe, eastern europe is getting into my system to attack my customer. this builds all of that capability so that guy doesn't have to worry about it. we can continue to be the best. that's how this works. everybody's going to get better. the government will get better and the great companies will get even better and folks who are really at ground zero not good at all have exponential. >> >>. >> just by definition sharing what is known against one another can protect you against zero day. it's a good step. there's a bunch of other things we can do. we're all first generation
9:58 pm
drivers. we all think traffic lights are suggestive rather than mandatory. that's a whole lot of education that needs to go on. >> are whole industries that will make it better. the insurance industry will make automobile safe. once it masters what the pe rim parameters are will make it safer. you do things. internationally, at some point like minded nations and i include the chinese in like minded because again it's against their long term national interest to foster a radical regime in the cyber domain. like minded nations will begin to develop international norms of acceptable and unacceptable
9:59 pm
behavior. this is lower hanging fruit. it's there. let's take it and move forward. >> ohio state had a great defense. if ohio state had not had a good offense, they're defense would have been on the field the entire time and oregon would have found way to score big and deep against ohio state. sitting back and waiting in defense is yus allowing for someone to pun mp you right in face. what i'm curious about is what does the panel think about allowing both at the government level, at the corporate level and the individual level to having more offensive capability given in each one of those ie have companies like semantic
10:00 pm
offer rather than just defensive tools but all tools that raises the risk factor. >> thank you. >> okay. >> this is beginning to smack of cyber stand your ground legislation. i'm not hundred percent sure. people know this problem very well really start to get quaky when i take this way. i've already told you the government's slate. i'm predicting the government will be permanent. the application of the computer fraud and abuse act in equal measure to someone trying to defend his network compared to someone trying to attack someone else's network may be unwise.
10:01 pm
there may be some space for the private sector to conduct what in the physical domain i would call counter battery under very strict and limited circumstances because it's very difficult for the government to do that. when i say this really smart people chairman and doctor and jim louis over at csis begin to get very forceful in response. if you think this is really crazy, in one of these other domains domains, the government was also late and the constitution, the congress of the united states of market reprisal which fundamentally private sector doing what we consider to be a governmental function in this domain when the government was inadequate to me. i don't dismiss it
10:02 pm
philosophically out of hand. you can turn this into a free fire zone which is not beneficial. >> they may not shoot back at you that's the problem. i'm not necessarily opposed to offensive -- the government has a good offensive capability. we've not decided as a public how to use it. here's the problem. you're asking a corporation, you're going to get all of these mixed capabilities. you going to get the one guy who shows up. you're going to have somebody who goes i got this one. i got this. i can figure this out. i've never seen such confidence as i have in people in cyber space. god bless them. somebody is going to misfire.
10:03 pm
it won't be that particular company that pays the price. it will be a swath of people that pay the price. now you have this problem after an escalation that you didn't start and you're not sure how you're going to stop it. we are not mature enough to have any private sector offensive capability. they can go over and do some things now that are offensively defensive, if you know what i mean. >> let's talk about that and put another potentially crazy idea out on the table. rather than catching the arrows, kill the archer.
10:04 pm
this is riddled with trauma. we can get into a situation of great instability. if there's an advantage to go first. you can imagine how he could end up in situation of trastrategic instability. that would lead us to be in a more precarious position. a lot of people said that to it makes this distinction between destroying data and actual machines. the state department hearing earlier this week describe it as
10:05 pm
freedom of speech issue. it's big hitting north korea is not the worth thing in the world compared to china. i'm wondering if the panel can say what was the red line because this is going to set precedent in the future? >> for me it was the coercion. it wasn't for profit or just for random destructiveness. it was to change behavior. i do think that sets a motion awful lot of concerns inside our broader society is coercion. >> if there had been no coercion and just the destruction perhaps no response no real response? wouldn't have crossed the threshold? >> you have to put it in perspective. if that were to happen in a financial institution and now the bank doesn't know how much
10:06 pm
money you have in it and you don't know how much money you have, now you have a problem. they have stolen my money and the damage will have magnitude larger impact in the economy. i look at it a little differently. weaver we've seen them with the capability to do that, poking around a little bit which makes you a little nervous. then they took it one step farther. then they threatened violence.
10:07 pm
>> i think the other mike rogers he said publicly last week this is not the first destructive cyber attack in u.s. soil. there have been other attacks that destroyed data. destructive general senses. disruptive business operations. was it really destructive. were computers actually -- did they have to be replaced? >> imagine fp i walked into your server farm and i pulled the pin on a grenade and walked out, nobody's killed. it blows up.
10:08 pm
i've destroyed a lot of valuable data. that's not coming back. this is the problem here. there were operations that could not function and it's not like they went in and plugged it back in. that's not happening. that in my mind is destructive. it's destructive in the sense that if i'm willing to do it for the finances of the company like sony, pick another company that's part in some place in our logistics chain of our critical infrastructure that's a lot. pretty significant either defense or finance or electric grid or water.
10:09 pm
it pulled us in because it was a stupid idea. what if they were smart enough not to fix sony and still wanted to and shut down the electric grid in every theater that showed them. say let's do it that way. now we'd all be having a very different conversation. that destructive data meant their business was both economically impacted and physically impacted. >> that's the red line for you is data destruction? >> absolutely. you can extrapolate that. i'd be interesting to see what the total tally of loss is.
10:10 pm
by the way you're going to have another series of events here. you're going to have consumer suits and you're going to have shareholder suits. the fun and games for sony is just about to begin. i think it's going to have a bad economic impact. >> the next time there's a cyber attack on a u.s. company that destroys data and a significant business disruption, you think we'll hit the u.s. or the u.s. should come out and name the country it leaves behind it and pose some sanction? >> i sure hope so. otherwise you invite further attacks. that's why this is such an important step that the president and the administration have taken.
10:11 pm
>> we speak about capability of big corporation to deal with that issue. what about federal government and state government. showed that up to 9,000 federal government facilities vulnerable for cyber threats because of lack of strategy. do you think that now the federal government and probably even state level government have the good strategy to deal with that kind of issue. it can use this cyber weapon against the united states like north korea did. >> i'll start on the second one.
10:12 pm
maybe you can answer the government side of it, which i don't think is prepared the way they should be. oh come on people. lighten up. it's almost 5:00. we saw that al qaeda groups were advertising for people with capability which told us they had the aspiration to do it. i don't think they were when i left weeks ago had the capability to do it. you saw a lot of from france in the 19,000 attacks. a lot of it was for softer targets. they were able to shut things down.
10:13 pm
they're on the cutting edge of social media. it would listened one to believe it's going to be easier given the level of people interested this participating. they took things that were in open put it together engineered it and used it. they didn't create anything. they just took out. i don't think they're there yet. i know they have the aspiration. i don't think it will be sew dpaitsed. you see these other jihadist
10:14 pm
organizations included those by iran who are out there causing bad problems out there under front groups and all the other things. you can make this leap pretty easily given capability and intent. i'm not going to lose any sleep tonight about it. i would worry about it in the weeks and months ahead given the level of recruitment in places like syria to their boss. the ability to disrupt is high. why not. they're not cyber dumb. their really good on the net recruiting training raising funds and so on. we haven't seen destructive attacks either network or data or physical destruction. i don't know.
10:15 pm
it may not be the kind of historic destruction that fits the model. they krit siesz us for being unmanly for uavs and targeted killings. i suspect they're going to get there. >> i'm with the chairman too. that's why we need to focus on it. threats of retaliation against the islamic state, against al kwad and the arabian peninsula, we can't hold things hostage. that will drive their behavior. that's why we need to be able to strengthen our networks so they don't have the insensitive to attack us. our networks don't prevent the
10:16 pm
kind of lucrative target that may might today. federal government is working hard in order to strengthen the resilience of government networks against attack. we have to have physical consequences of large squal. the health and safety that should occur if water an waste water systems for example are disrupted. govrs are taking this very seriously. it's great opportunity for progress and partnership.
10:17 pm
>> there are a lot of interesting things happening at the state level. some states you wouldn't expect. they're repurposing national guard units and using them in a malicious status to create -- to protect state networks. that's actually a nice ferment that will allow creative ideas to be developed. >> the national guard units are the most effective on the cyber security front. they come on weekends and two
10:18 pm
weeks a year and bring that into those units. it's been very effective. >> a couple more. >> cyber threat indicators and most people know the job of identifying cyber threat is the guy that does insider threat detection. i wonder, someone who is familiar with insider threat detection if there's any lessons that can be a i plied to cyber security more generally because a no, ma'amly detection seems broad an vague. no one is sure what that is. that's something that we're going to be talking about a lot more.
10:19 pm
does everyone agree that's what we're in and what are the other indicators of that? a lot of ways of doing this. kind of the history of cyber defense has been defending at the perimeter wire and to prevent penetration. i think all three of us have made the case. defense has got to think about risk how do i manage consequences presumption of penetration. how do i operate an attack. how do i operate while penetrating. the difference between an a player and an f player is not
10:20 pm
whether you're penetrated, everybody gets penetrated. it's the difference between flash and bang. here the focus is not out but in. you're looking at the behavior of your own network and looking for anomalyiesanomalies. you become your own big data. suddenly the algorithm goes never saw that before over there. no indication of a zero day or penetration. i think that's where the current technological energy is. >> we can be doing a lot better on security clearance making sure that the people including
10:21 pm
system administrators who have the keys to the kingdom are vetted in a more appropriate way. instead of having periodic reviews to have a security clearance once every five or ten years there's going to be now, there's going to be continuous evaluation to make sure that you are suitable to hold these clearances. that's one of many important changes that came out of washington shootings and that addresses the broader context of insider threats including in the cyber realm. >> that was just wishful thinking. the snowden phenomenon raised serious questions. this is not battle between the forces of light and the fortces of darkness. this is a question of a free
10:22 pm
people trying to balance their liberty. one of the byproducts of the snowden phenomenon is freezing the debate, not advancing it. >> before this happens we put money in and we understood fbi guys always worry about counter intelligence issues first. there's a whole host of reasons. we added more money to push out this notion to make it much more difficult to do what the nsa contractor did, break in still stuff and run out the door.
10:23 pm
the capabilities was growing. it got one step ahead of the system. the person would have known that because he did some time back here where the audit was. i found that very interesting. >> last question. >> now you're going to ask what would you have called it? i'm not sure. vandalism sounds like somebody
10:24 pm
spray painted a subway car and this was far more serious. i've had some exposure. this was really traumatic. not an act of war. i'm okay with that. i have to search for some other good word. >> it really gave them a pass for doing something reallydestructive. they were threatening people going to movie theaters. i feel very confident in the fbi's public statement that it was north korea. i feel very confident in that piece of information.
10:25 pm
>> it was an attack on the innocent to create a political affect. >> it's very important but it's clearly not an act of war. >> okay. thank you very much. thank you all for coming and jane. >> one of the great perks of my job is to thank terrific people for coming and sharing their thaug thoughts with us. before i do just one reflection is we do this a lot. we have a lot of meetings. we've come to them before. in my mind there's one thing that marks a great discussion.
10:26 pm
the abilities to bring people with these kinds of insiekts together in a public space and actually in a few instances in a meaningful way share different views is what makes me proud of our activities. this was a great panel. i want to thank ellen, general hayden, dr. stockton and all of do you for joining us. it's now dark outside. [ applause ]
10:27 pm
the deadline is tuesday. get your entries completed now. produce a five to seven minute documentary. for your chance to win the grand prize of $5,000. for a list of the rules go to student tuesday night president obama delivers his state of the union address. live coverage begins at 8:00 p.m. eastern including the president's speech, the gop response and your reaction through open phones live on c-span and c-span radio. watch the president's speech and congressional reaction in the
10:28 pm
u.s. capital. the state of the union address live on c-span c-span 2, c-span radio and a panel of international leaders unveils a proposal for addressing income inequality. former michigan governor and larry summers former official in the clinton and obama administrations are joined here by lawmakers from the uk, australia, canada and sweden to talk about the plan. the center for american progress hosts this 1:10 discussion. >> good morning. i'm president an ceo of the center for american progress.
10:29 pm
i'm really honored to be joined by our esteemed members for the launch of the new report from the inclusive prosperity commission. a commission that convened over a year and a half ago. i'm very honored by our co-chairs. we convene this commission because we were very focused on the challenges the middle class is facing in the united states. challenges of stagnateing wages, rising cost. we recognize these were not just trends the american public is facing. it's really global trends are affecting us. we can learn from other countries. that is why we've undertaken this effort. i hope everyone has gotten our
10:30 pm
report, a very big report. i'm going to now turn it over to larry and ed, and then i will ask questions of our commission members to get their thoughts and really we want to have questions from the audience. answer any questions you have. we're very proud of this work. it's a truly collaborative effort. >> i want to start by thanking you for having the wisdom to convene a commission of this kind and providing me with an opportunity to co-chair it with ed. i have learned an enormous amount from my fellow commissioners in the course of this effort. in particular, i think we in the
10:31 pm
united states have a certain tendency of large countries of insularity. i've learned an enormous about international and about the international experience in what is a central challenge for all industrial democracies creating increases in middle income families. income and standard of living and assuring a society in which parents can look forward to children living better lives than they had the opportunity to live. a crucial lesson of overwhelming importance that came through in this report is that while there are large forces, globalization technology and more that are creating large challenges for many workers there is no excuse
10:32 pm
or intellectual basis for failure. that live in the same world that we in the united states do and that have succeeded over the last 15 years in generating rising standards of living through these turbulent year for middle class families. rising income requires economies that are growing strongly with the sound foundation for sustained growth and what has
10:33 pm
become increasingly clear in recent years is that while strong growth is necessary, it is not sufficient unless the mechanisms are in place that assure that the fruits of that prosperity are widely shared. we know in particular the divergence of many countries including the united states between the fortunes of the bottom 90% of the population and the fortunes of the top 1%. over the last generation that half to frame responses. the growing ability of technology to substitute for
10:34 pm
many categories of labor. the distressing trend towards the commodification and the tendency of global competition to lead to race for the bottom as competition takes place for moe global factors; capital money top entrepreneurs and leads them to get better results too often at the expense of middle class workers. we argue that putting people first strategy that was in place in the 1990s contained crucial elements that remain very valid
10:35 pm
today but has to be built on if we're no meet the challenge of inclusive prosperity going forward. i will highlight two policy areas and in the course of the discussion my fellow commissioners will highlight many others. there's a compelling case for substantial increase in infrastructure. when the construction unemployment rate approaches double digits is a moment when
10:36 pm
kennedy airport should be fixed. it's a moment when an air traffic control system that risks lives and wastes energy by being based on vacuum tubes should be put right and yet, it's a moment when our net investment in infrastructure as a country has never been lower relative to income and is below .1 of 1% of gdp. we call on grounds of promoting demand in the short run promoting supply and potential in the medium and long run and on grounds of removing the
10:37 pm
burden of deferred maintenance from our children's generation for a substantial increase in infrastructure investment in the united states and in the industrial world. we also recognize and stress that the great financial crisis of the last several years was the culmination of a series of events. the real estate and lvo problems. the mexican financial crisis. is russian financial crisis. the internet bubble and enron.
10:38 pm
it's been a source of risk and has had basic accident that have resulted in the unemployment of tens of thousands, if not hundreds of thousands or millions of people. already at resisting their erosion and we suggest a number of areas for further action including most crucially the shadow banking system and provision for satisfaction mechanisms for assureing claw
10:39 pm
backs in cases of misperform misperformance. we're united in the conviction that stagnation in wages and middle incomes is a choice, not a necessity. a different choice is possible and we offer our report in the hope that some of the ideas within it along with many other ideas that should and will come from a broad debate can reverse this disturbing trend. thank you. >> i would like to thank my fellow commissioners. we had a number of meetings over the last two years. as the report says not everybody will sign up to every word but
10:40 pm
we're all on the same page because of the intensity of the work we've done together. thank you to them. this is the biggest challenge for this generation to show we cannot only deliver growth in our economies but a growth that's fairly shared so that everybody shares in writing prosperity not just some. as the report says this is not only about social justice, delivering a fairer world but it's also about sustaining public support for an open global economy and also sustaining the democratic process to deliver rising living standards for all and not just some. we refer in the report to the international evidence that in many countries we've seen what we refer to as a toxic combination of slow growth and rising inequality living standards in many developed
10:41 pm
countries. we use the words advisedly because you have to look across europe at the rise of small growing parties attacking the european union attacking integration and proposing an anti-trade isolationist agenda. we see that in our country from our uk independence party but in france and germany, in ireland across europe to see this is there's important issues here at stake. this is an argument which we need to win. our report says it's not going to be done simply by carrying on with a traditional right to center trickle down view. if you wait in the end it will be okay. the evidence we show here is not working and we need to have a change. these will be very big issues in our general election in just four months time. in all of our countries over the
10:42 pm
coming years because when people at the moment hear politicians say we're recovering from the global financial crisis the common reframe from left and right is for people to say it's working. others highlights that people feel left out. this is absolutely not common to just an issue in the united kingdom and many other countries as well. that's why our focus is on an inclusive prosperity that makes sure the growth and wealth creation is widely shared. it sets out two things. first of all it causes differences in different countries. the kind of things that
10:43 pm
government has got to do to make sure there's growth and prosperity. making sure our tax system is working in physical therapy way. the other thing that's very important as you'd expect from a commission like this is it's not only about individual countries pursuing their own agenda and learning from each other. it's also about what we need to do together. the report talks about not only progressive policies, a race to the top in our countries to deliver growth and wages but it also talks about a common progressive agenda which countries need to work on together to make sure we do more as a world community to make sure that we strengthen growth in those parts of the world
10:44 pm
where growth is still too weak to make sure we work together. to make sure the global financial system is stronger and more secure for the future. also to make sure that as we make sure the rules of the game are fair we continue to open up trade and involve developing countries, emerging markets and and all of our countries in the international economy. it sets out what we need to do there and fourthly the international process we have to improve our global tax system and our individual country tax systems so the people see we're profits being made, taxes being made and the global tax system is working in fair way. there's things we as countries need to do individually and that's up to us individually as
10:45 pm
politicians. we all want the see rising of the agenda in the next few months. the one thing that's clear is if we do nothing, if we're complacent, if we deny the fact there's actually a crisis of cost of living for working people and inequality undermining the strength and integrity of our societies that i'm afraid the forces of reaction are going to grow. that's why this is such an important report. this is challenge of our generation. i think you can see from the report and everybody here today we are determined to rise to that challenge. >> thank you so much.
10:46 pm
edward montgomery, at georgetown university. jennifer grant holm, former governor of michigan. former minister of finance for sweden. i will start off my first question to you mary cay. one of the issues that highlighted in the report which analyzes the structure of the workplace across the globe is one issue that really becomes apparent is the lack of worker power ability to bargain for higher wage and the disparity
10:47 pm
yeen between the u.s. and other countries. what are your thoughts on the issue of worker voice and it's contribution to shared prosperity? >> thank you. i want to address the question by saying we are delighted that the number one policy recommendation in this report is raising wages. before i speak to the question i wanted to thank you for your leadership. i think if anybody could have been inside the rooms this come had galvanized thinking from around the world into a report that i think meets the challenge that larry talked about and the determination that ed just described. for me i thought that the discussion in this commission really helped illuminate there's
10:48 pm
no reason for the inequality that exists and the specific thing about raising wages that matters so mump here in the u.s. is if we recognize the service economy and service work retail, fast food, home care, child care, work in this nation as the heartbeat of our economy because eight of the fastest growing jobs in our economy are service jobs. they all pay under $15 an hour. they're the families that ed just talked about that we as a commission are trying to figure out what are the mechanisms that larry described as being required to change this terrible gap and the stagnation of wages in this growing sector of our economy. larry spoke to this about mechanism. i think about it in terms of the stories of workers all across this nation who have the
10:49 pm
determination and courage to join together and say enough is enough. i deserve better. i employer is prospering, and this commission is bound and determined to figure out how everybody who is generating the wealth in this nation from sweeping floors, cooking food caring for people also shares in that wealth because of their determination that provide for themselves and help their employers survive. the person i think about is le legrand who is a fast food worker in brooklyn who has been trying to join together with fast food workers and say i want to help my employer succeed but i also want to be able to make ends meet. i'd like to have a schedule that's predictable and return to community college and provide for my daughter.
10:50 pm
earning 7.25 an hour in brooklyn new york doesn't make that possible. we're subsidizing her employment through the public assistance she needs in order to make ends meet. the ortiz family in houston texas all four members of that family are working in fast food and earning minimum wage. if we as a nation could make the tough choices that all the other commissioners have talked about and think about the ways in which we can encourage workers being able to join together and have a voice with their employer and have a bargaining system that does not yet exist in the u.s. we could create the situation that australia, canada, sweden, we heard about in this commission where middle class is growing and people can provide
10:51 pm
for their families on. that's what they have shared with us as a commission and give a voice for their economy and recognize that what she's doing at 7.25 is paid in dendarkmark. we know that raising wages is an important lever in creating an inclusive economy but there are other issues that others will speak to but this is about choices. this is not about we're trapped in a system where you want turn it around. i just want to honor the courage of workers who are making choices everyday to take a stand
10:52 pm
and make this terrible system of inequality public. i want to call on employers to recognize those and imagine how we can create a collective bargaining system in this country that is nonconflicting and where we focus and growth and work is exchanging. we can innovate in the u.s. and draw from experience of people around the world. thanks very much. >> i just wanted to highlight one important point. one thing that we learned from other countries is providing more worker voice allows companies to innovate more and get more productivities in other mechanisms so it is not only about improving the conditions for workers but improving the company's bottom lines over the long run. ej i want to turn to you because i think we try in the
10:53 pm
report and ed's comments highlight the connection between an anxiety around declining prospects for the middle class and what's happening in politics. so could you make that case for us? >> sure. first of all, i also want to thank nira and those extraordinary people. think about it. if larry summers learned a lot about economics from this group imagine how much i learned. so i want to thank you very much. it wasn't just an academic seminar. this had a clear goal of putting together practical ideas based upon the idea that fatalism gets us no where. another title of this report should be against fatalism.
10:54 pm
fatalism can destroy democracy. the problems we face are not militarily or philosophical but for the first time since the great depression many of our industry industrial democrat is failing is raise the standard of living for our citizens. on one hand we have a remarkable recovery from a disastrous economic stance but we have a last piece to get done which is to restore living standards. this economic problem can be a problem for our political systems and democracy itself. i think they value self government but they count on the political system to create political system in which they can use their talents and their labor to provide decent standards of live for themself
10:55 pm
and have their children have an opportunity to rise. when democratcies fail to do this they create political alienation and anger that ed referred to. i think it's important that back in the 1930s there were a disturbing number of people who said that the democracies were no longer capable with the problems that they had created. thank god all of those predictions were wrong in the 1930s but we have to make sure they are wrong again by ensuring shared prosperity. two other points quickly. one is we now have a situation where both of our political parties seem prepared to talk about the problem of wage stagnation. the problems with declining social mobility in parts of our
10:56 pm
society. the challenge is do come up with very concrete ideas. i think one of the striking things about this report is that there are a lot of big, but very practical ideas of how we can make things better. for people who want to say some of these ideas don't work well, let them come up with an alternative set of ideas. i think as david leeenhart pointed out while everyone on this panel broadly views a progressive views the idea of profit sharing is not ideological. more worker ownership ought to be something that friends of the market support. last thing, this is a more philosophical point, there has been a great debate in our country for 35 years in many ways much longer, over whether
10:57 pm
government has a role in solving problems or whether we simply let the market do what it does and just promote more tax cuts and more deregulation. obviously the core commitment to this report is that the government can act to make things better. again, i think what makes is the specificity of the idea because you can say over and over the government can make things better but need to come up with ideas to do what jon stewart mails said. i have always loved this line. he said that our purpose really ought to be to provide help for doing without help. the idea is that we can't just have a safety net. we also need a picture metaphor for a tropampoline or latter. the american notion has always been that we can do better and
10:58 pm
we need to do better to create higher standards of living for all of our citizens. i really believe the future of democracy depends on our ability to do that. >> thank you so much e.j. wayne, we learned a lot from the australian experience particularly policy ideas but also the macro numbers and the ability to deliver on the premise of shared prosperity. can you share with us some of the ideas and smchtome of the things that australia has done that have been notable. >> i'm very proud to say that there are few countries that have done strong growth of matching that with equity. esentsentially we have done that for over 100 years. better sometimes. what is that based on.
10:59 pm
a whole set of productivity reforms which were underpinned by three or four key policy areas that have delivered justice and equity. first of all, a really strong industrialized system based on a decent minimum wage, decent minimum conditions and collective bargaining over and above that based on productivity. that's been critical in delivering strong income gains among low and middle income learners. it's really a simple concept based on the dignity of labor that we're all wealth generators as mary kay said before. everyone out there who is working in any form is a wealth generator. we don't have a society that should be divided between the so called lifters and learners that ann ran talks about and on which
11:00 pm
so much economic policy from parts of the community is based. secondly, a fundamental commitment to affordable and quality health and education. because that provides the human capital you need to lift your productivity. thirdly, a prodpresgressismve tax system to fund the quality services that deliver the productivity and peace of mind for people wherever they are and of course, a highly targeted transfer payment system which delivers for those that are left behind. so there are the nunnedfundamentals of the australian experience. >> thank you so much. ed montgomery we do spend a lot of time talking about human capital. can you share your thoughts on those issues? >> yes. thank you. one i want to thank the commission and


info Stream Only

Uploaded by TV Archive on