tv Key Capitol Hill Hearings CSPAN October 29, 2015 7:00pm-9:01pm EDT
we kind of went off on a tangent that was not very productive. it sort of gave me the idea. as dr. teller my old professor used to tell me is that the hardest thing about doing something is unlearning it. >> we are out of time. we're going to move this along. you seem to think that domestic steps need to be taken. >> a study was done some years ago pointing out the need to protect season color rise sources throughout the united states. >> you drew our attention to that issue. preseemibly we will avoid dealing with that problem.
who is going to pay for the detectors, the kind he was talking about. >> how much money do you need to put these? >> well, that's a difficult question to answer. i would suggest that the government fund these research projects like these drive through por holes that we could see that could detect nur rons at the same time. we're invested at my particular board working with dndo and a company to develop a state of the art detection system in the port of boston. there is definitely money needed to fund the programs. they are a federally mandated system. >> dr. flint is willing to put
10 to $15 on the container. >> we are looking to spend $3.5 billion for a missile defense system for the east coast to deal with your rainian iran nuclear weapons, which presumably aren't going to be available for some decades. thank you mr. chairman. i yield. >> thank you. as you said, they scan less than
1% of u.s. bound cargo. do you believe that scanning at the point of oregon is 10% effective? or should we be investing more? >> this is an issue with the stakes are high. . relative to where we spent resources, this ranks right up there given the consequence we laid out. and you really get the sense of scale about what's going on here. what the problem would be in this dirty bomb scenario. so in the face of this, here. 1 so let's be clear with the
numbers. 2013, the numbers of inspections overseas in the 50 day course around the world was 103 tho thourkss. if you divide that by 365 days and 58 ports we're five containers per port per day of being examined. okay? it's five a day. if you're going to a singapore and shanghai, we're going to identify the risk and.
if you bake it into the operation. worst case, isolating the incident afterwards so you don't shut down the whole system. all right? so it's just so much that can't be done. that's not being done. >> thank you and i appreciate the warning. and as you commented, which i also did in the first panel which is the threat to the global economy is significant, particularly if something happened at long beach and las angeles we would note wla that impact would have on the national and global economy. i was going to ask one more. is there -- i think the biggest issue that everyone tells me why
we can't have 100% scanning is in some way that would slow down commerce and we just can't afford that. i do have a bill that would provide grants to two ports in this country that would voluntarily disease to implement 1030% with the technologies that would work and not impede commerce. >> there is one tech knowledge and that's interrogation with neutrons. i think it would full move
>> thank you. and dr. flynn, your points and your testimony were well taken. it's not an attack on u.s. soil and on trade and erupting the movement in our country. i'm just wondering if you have, very specific recommendations for how individual ports and the businesses within those ports and also specific recommendation for how governmental agencies and what they should be doing for contingency as well. >> unless we assume it is it's a
heavy coordination issue and a collaboration issue. this is a global system sort of running on steroids so if you dus rupt it at any point. it's 4 in five pages. it says we should have a plan. but then it has on that. clearly it's raising awareness of what this event should look like and how do we deal with the immediacy of the dirty bomb. what's safe. this is something a community can't solve because the u.s. government has to set what the standards are for safety.
what makes it a unique and challenging issue for critical infrastructure is that 90 plus% of it is not nationally owned. there are roughly five terminal operators that move about 80% of all the goods in the united states. there are basically 20 ocean carriers that matter. what we have been doing is looking at this as a government to government issue. we had central bankers that
could finish the morning after. we have no such system for managing a major disruptive event. >> and you had mentioned that we should be listening to industry and businesses clearly in terms of what they believe are the right -- what's the right drengs and the right plans for con tengcy. do you have any idea what they would suggest? in the earlier testimony they said if we had an incident, industry would just respond.
i had two colleagues and i that worked. looking at two choices. send it to be x pekted at very small percentages or one where you scan all of them. in some places doing more is easier. the economics worked out better. when you have a conversation with industry, it comes out better. and here it's an engineering problem.
>> we have run out of members and this was not a bad showing. thank you very much for what you all do. thanks for being here. with that, the hearing is adjourned. paul ryan was earlier today elected the 54 speaker of the u.s. house. his only challenger, congressman daniel webster of florida. got nine votes on the floor. nancy pelosi received 984 votes. we will show you all of the activities showing you at eight eastern on our companion network c-span.
>> a signature feature of book tv is our all day coverage of book fairs and fest rals have across the koumtry. here is our schedule beginning this weekend. we will be in nashville for the southern vest fall of books. at the start of november we're back on the east coast for the boston book festival. at the end of november we're live for the 18th year in a row from florida for the miami book fair international. and the book fair awards from new york city. some of the fairs and festivals this fall on c-span 2's book tv. secretary of state john kerry spoked and focused on israeli palestinian relations, the political crisis in syria
and the hostage rescue in iraq. this is ha minutes. >> thank you so much for welcoming me to your new home and your remarkably generous comments. i'm very -- really touched to hear them from someone of bill's caliber. i really was the premiere career diplomat to everybody's standard. and now that you've been away almost a year, bill, i know you're missing all the travel, the early morning meetings, the late night calls, and you're just dying to return, right? but all kidding aside, ladies
and gentlemen, the door in the state department for bill burns is always open and from president obama through the entire security team to me to every former secretary of state, there is no better diplomat and nobody who could be better led by here than bill burns. so please join me in saying thank you for a remarkable career to this man. [ applause ] now, if i behave myself, which is never for certain, i'm going to try and restrain my voice, not be as passionate as i want to be about every word that i'm uttering today. but i'm trying to save a little case of laryngitis and make sure that i don't exacerbate it because i leave tonight for vienna for two days of important meetings and i want to make sure that i can actually talk during those meetings. i appreciate the chance to speak
today to you, an audience of experts and students who are on their way to being experts, but all of you who spend an awful lot of time thinking about some investigation serious issues. and the truth is that for generations, carnegie has been training the foreign policy leaders of the future. and generating at the same time real time solutions for those of us who are practicing at that time. it's an understatement to say today that we're facing a very different world. a world of remarkable complexity. all of you have probably read
countless books as i have. and henry would be the first to tell you -- i had privilege of having lunch with him in new york during the united nations meetings -- that he never had it coming at him. with the numbers of different places and crises. and in a world that is multipolar as now. it was pretty clear about what choices were in many ways. didn't mean they weren't tense and they weren't difficult and that there weren't proxy wars as we saw in vietnam and elsewhere, but it truly was not seeing what we see today which is a world of violence where it's not state on state with a few exceptions. it's nonstate actors who are confounding states in the global order.
and that presents very different challenge. so i can tell you that despite the complexity that i am certain of this, the united states of america is more deeply engaged today in more places on more important issues with impact than at anytime before in our history. i won't run away the whole world. i could start with it tpp and go to north korea and start talking about south china sea and then i could roll into afghanistan and pakistan and india and roll
around the world. i'm not going to do that. i want to focus on one particular and particularly important area of the globe today. and that's the middle east. and i won't go into all the aspects of it. but 20 years ago next week, after attending a peace rally, the israeli prime minister was murdered by an extremist claiming to be doing god's will. at the funeral, king hussein of jordan enemy turned partner in peace declared let us not keep silent, let our voices rise high enough to speak of our commitment to peace for all times.
something fairly basic going on. a struggle between people who are intent on opening wounds or leaving them open and those who want to close them and who want to heal and build a future. it is this struggle between destroyers and builders that informs every aspect of american policy in the middle east. this is the glue that holds the components of our strategy together. and we do have a strategy. whether we're backing an electoral process in tunisia, mobilizing the coalition against terrorists, trying to halt the sudden outbreak of violence or striving to put in place new foundations for prosperity and stability, our goal is to help
ensure that builders and healers throughout the region have the chance that they need to accomplish their tasks. now, i've heard some americans one exercise -- regional threats become global. we have seen that ideas transmitted by terrorists in raqqah and mosul can reach we are aware that events in the middle east can affect perceptions on every single continent because people on every continent are influenced
all over the world. foreign minister, prime ministers, finance minister, presidents say to me no matter where i am, you have do something about the middle east. you have to change this. degree of optimism. and before you conclude that i've had too much caffeine, let me emphasize i mean what i just said. i mean it.
a couple years ago, we asked the mckenzie company to study the economic prospects of jordan, syria, egypt and west bank. a good starting place is to go back to the arab report, study report, on economic growth of the number of years ago which was stark in its appraisal of what had not happened that should have happened in many of the arab countries in the region. but interestingly, my good friend the foreign minister of the united arab emirates recently also commissioned a separate study which similarly hoed what we looked at through mckenzie company where we looked at every sector from farming to tourism. my trends, the potential for
growth is simply extraordinary. the potential of this region to be a driving financial center harnessing incredible technology and capacity of peoples in many of the countries is simply extraordinary. just imagine a future where people from the niles of the jordan to the euphrates are free to travel where they choose. where every boy and girl has access to a quality education, where visitors can flock without fear to the world's greatest tourist attractions. i mean, think of that. the world's greatest tourist attractions. i've driven by them. i haven't even had time to stop at some of them. the place where john the ban
christened so many people including jesus, the temple near it, a muslim mosque which is one of the oldest in the region and most important. the extraordinary history of generations of struggle take have taken place in the middle east. there is something there for everybody. -- are completely aware of what everybody is in the world has and they don't. everybody's connected 24/7. you can be impoverished and they still have a smartphone. and they can still google. and they can still facebook and they still figure out what the other person has and they can talk to those people and they do in very simple declarative sentences. so what happens to all that energy and ambition?
in the united states, the average age is 35. in the middle east and north africa, it's under 25. many of those countries have populations where it's 60%, 65% under the age of 30, 35. so the region's future really depends on the choices that these young men and women are going to get to make. still have a smartphone. and they can still google. and they can still facebook and they still figure out what the
other person has and they can talk to those people and they do in very simple declarative sentences. so what happens to all that energy and ambition? in the united states, the average age is 35. in the middle east and north africa, it's under 25. many of those countries have populations where it's 60%, 65% under the age of 30, 35. so the region's future really depends on the choices that these young men and women are going to get to make. but who are they going to listen to? you need to talk about that as
you have this conference. what ideas will command their loyalty, what might excite their imagination. individually each one of these young people is a story that will end either in frustration or in opportunity. and collectively they present a proceed fund challenge because the outcome of that race between frustration and opportunity will do everything to define
tomorrow's middle east. so to be clear, there is no single way, no just one way to win this race. governments in the region have to look both inward at their own policies and they have to look outward in order to compete in the global economy. and boy, do they have to start making a lot tougher decisions than they seem to have been willing to make. you can't fake it. you just can't drift along and pretend it will resolve itself. business people have to help bridge the gap between what graduates actually know when they leave school and the skills that they need to have in order to get a good job. and by the way, that's the same right here in the united states of america and every other
modern country today. women and girls have to be given an equal chance to compete in the classroom and workplace. and civil society has to have the right to voice new ideas, advocate for reform and hold leaders accountable. the united states believes deeply in the future of the region. played a critical role in helping to get those talks with iran off the ground. and in helping to form the interim plan in a set the stage for the final agreement that we've reached. and that is an agreement that is imposing dramatic constraints on all aspects of iran's nuclear activities. ten days ago, the deal became official. and the implementation began. and that implementation will require the mothballing of two-thirds of iran's
centrifuges, shipment abroad of 98% of its stockpile, the destruction of the core of its heavy nuclear reactor. the whole process will be monitored by the ieae and no sanctions will be lifted until that agency verifies that iran has done exactly what it promised do. now, this gives iran every incentive to live up to its commitments. just as it did by the way during the 18 months leading up to the final agreement. people don't realize this. that almost i think more than two years now, just about two years exactly, of iran's compliance with the interim
agreement has now taken place and you haven't heard of major breaches or anything because it's been adhered to. so i hope now that everyone who was for the agreement and everyone who is against it will come together to support its full and verifiable implementation. that's the goal. and i promise you i'm absolutely
convinced that the united states will be safer. our allies will be safer and er and the world will be safer if iran isn't anywhere close to getting a nuclear weapon. and we believer as our energy department and intelligence community and military know that because of the verification measures and transparency of this agreement, we will know
whether or not they are. as you recall, when negotiations were going on, there was speculation about what an agreement might mean for relations between washington and tehran. was it possible that a breakthrough on the nuclear issue would be able to open the door to broader cooperation. some welcomed that prospect and some to be truthful were alarmed by that prospect. so i want to be clear that we
meant exactly what we said. the iran deal was considered on its own terms. not what is it going to do here. nuclear terms. it was the right thing to do whether or not it leads to other areas of cooperation. now, we're not making any it hurts everyone. and this is another indication of the foley of believing that efforts of permanent peace and reconciliation are somehow not worth pursuing. i can't imagine the notion that just throwing up your hands and walking away. the current situation is simply not sustainable. president obama has said that publicly many times. i've set it publicly. and it is absolutely vital for
israel to take steps that empower palestinian leaders to improve economic opportunities and the quality of life for their people on a day for day basis and it is equally important, equally important for palestinian leaders to cease the incitement of violence and offer something more than rhetoric. instead, propose solutions that will contribute in a real way to the improvement of life, to the reduction of violence and to the safety and security of israelis. firm and creative leadership on both sides is absolutely essential. a two state solution with strong security protections remains the only viable alternative. and for might be who thinks otherwise, you can measure what unitary looks like by just looking at what has been going on in the last weeks. the united states absolutely remains prepared to do what we
can to make that two-state two-people sitting side by side in peace and security, to make it possible. another core element of our security strategy is centered on the coalition we have mobilized to counter and defeat the group known as isil or daesh. the list of crimes for which daesh is responsible is truly mindboggling. it's as disturbing as anything that i've ever contemplated in my life. they're smugglers, they butcher teachers, burn booked. they execute journalists for doing their jobs trying to report on the truth.
they execute people just for their religious beliefs. they execute them for who they are by birth. nothing said, nothing done. just because they're different. in iraq, daesh has been auctioning off women and girls, teaching people that the rape of underaged nonmuslim females is a form of prayer. according to daesh's online propaganda, their militants supposedly live in virtual paradise. but we're beginning to see how different the reality really is. there are multiple reports of daesh executing fighters who signed up and then had second thoughts and were trying to get out.
consider the case of a teenage boy who had been recruited in syria and sent to iraq. one morning he approached the shiite mosque in baghdad, he opened up his jacket, told the guards i'm wearing a suicide vest but i don't want to blow myself up. the boy said later that he had volunteered to wear the vest because it was the only way that he could think of to escape. he had joined daesh to fight assad, but when he witnessed the execution of a young person, he decided to reverse course and get out. this past summer, the terrorists picked up sledgehammers and smashed half a dozen statues. they destroyed the roman arch. they blew up historic tombs and destroyed a 2,000-year-old temple. and then they seized the director of antiquities and they made him kneel in a public square and they cut off his head. the man was 83 years old and spent a lifetime saving history. he had been in this charge of preserving palmyra's cultural heritage for more than 50 years.
my friends, between this saturday night and sunday morning, we'll all be turning our clocks back one hour. daesh and groups like it want to turn the clock of civilization back a millennium or more. we simply cannot allow this to continue. and that is why president obama is ratcheting up what we are doing. under president obama's leadership, we have led a 65 member coalition to take on daesh. for more than a year, we've been doing that. and we have saved communities,
kobani and tikrit. 100,000 sunni were able to return to their homes. and we've said from the beginning that this would be a multi-year effort. i think we've already accomplished a lot. we've launched more than 7300 air strikes. we've forced daesh to change how it conducts military operations. we've impeded its command and control from the critical border at kobani all the way to tikrit, we have liberated communities and made a difference in the
nature of this battlefield. i spoke earlier will the impact of our policies on ordinary lives. last week just to underscore to you the degree to which we are ready to take this fight and the degree to which we are raising our capacity, a u.s. special forces operation carried out a rescue directed against daesh prison in northern iraq. our troops freed 69 hostage which is were about to be executed one by one with a mass grave that had already been dug. now, i've spoken to our people in our embassy. i talked with our special envoy who is it if baghdad even as i speak to you right now. i talked to him last night. he told me he visited these people who had been released and he said you could not imagine the emotion, their gratitude. and he told me the enormous debt they feel to the family of master sergeant joshua wheeler who gave his life in that operation. i think that's a debt that we all owe and i will say to you what i have said many, many times throughout my life, that we are deeply privileged to be represented and protected by the quality and caliber of the men and women of the armed forces of the united states. and we express our gratitude to them.
meanwhile the -- [ applause ] -- much harder for daesh to refly its fighters. an iraqi force retook the oil refinery located on the road that links baghdad. in northern syria, the coalition and its partners have pushed daesh out of more than 17,000 square kilometers of territory. and we have secured the turkish syrian borderer east of the river. looking ahead, congress, dhs, the president has made clear that we are determined to degrade them more rapidly.
military operations are one of the many components of what the coalition is doing. we're working hard to counter propaganda and deter potential foreign fighters. we have established a center that is offering positive messages across the region on the internet and all through social media. talking about politics and religion and responsibility of faith. we're striving to cut off funding so that it becomes bankrupt politically. but ultimately to defeat deash, we have to end the war in syria and that is america's goal.
assad sent thugs to beat up the young people in the street looking for jobs. when the parents got angry with the fact that they were met with thugs they went out and were met with bullets and bombs. assad made war inevitable and he soon turned to hezbollah for help and iran and russia. it paved the way. the result has been four and a half years of non-stop horror.
you all know the numbers. we have a fundamental responsibility to try to do something about it. one syrian in 20 has been killed or wounded. one in five is a refugee. one in two has been displaced. the average life expectancy in syria has dropped by 20 years. the challenge that we face in syria today is nothing less than to chart a course out of hell. to do that we have to employ a two-pronged attempt. these steps are mutually reinforcing.
iraqa. we are also enhancing our air campaign in order to help drive dash, which once dominated the syria-turkey border, out of the last 70-mile stretch that it controls. but at the end of the day, nothing would do more to bolster the fight against dash than a political transition that sidelines assad so that we can unite more of the country against extremism. we have to eliminate the mindset which was encouraged from the beginning by both assad and dash, that the only choice syrians have is between the two of them. you either have terrorists or you have assad.
no, that is not the choice. this is the mindset that drives the terrorists to side with the dictator and those who fear the dictator to side with the terrorists. and this is the mindset that has transformed syria into a killing field. we have a different vision. i just returned from meetings in vienna that included a remarkable session, broke some new ground where we had the quartet of russia, turkey, saudi arabia and the united states. and i will head back to vienna tonight to take the next step in our discussions with representatives from an ever broadening group of nations, including iran, which will join one of these multi-lateral gatherings for the first time. and while finding a way forward on syria will not be easy, it's not going to be automatic, it is the most promising opportunity for a political opening where recognizing what is happening, that syria is being destroyed,
that europe is being deeply impacted, that jordan is being greatly put under enormous pressure, lebanon, turkey, the region, and so many millions of syrians are displaced within syria itself. most compelling of all, the tragedy that syrians are living every single day. the best opportunity we have is to try to come to the table and recognize there has to be the political solution that everybody has talked about. as part of this diplomacy, i've had many conversations with my russian counterpart sergei radlof, and as everybody knows, russian strikes in syria began about four weeks ago. is russia there just to shore up assad, or is russia there to actually help bring about a solution? we'll know. we'll put that to the test. and contrary to the claims of officials in moscow, it has to be underscored that most of the strikes thus far have been directed not against dash but against the opponents of the
assad regime. so that is not, in our view, the way to try to bring the war to a close, but that will be part of the discussion that we have in the course of our vienna meetings. the likely results of that strategy, by the way, will be to further radicalize the population, prolong the fighting and perhaps even strengthen the illusion on assad's part that he can just indefinitely maintain his hold on power. and if that's what he thinks, i got news. there's no way that a number of the other countries involved in this coalition are going to let up or stop. it won't happen. there's another thing that's critical, though. russia, the united states, and others share an amazing amount of common ground on this. we actually all agree that the status quo is untenable. we all agree that we need to find a way to have a political solution. we all agree that a victory by
dash or any other terrorist group absolutely has to be prevented. we all agree that it's imperative to save the state of syria and the institutions on which it is built and preserve a united and secular syria. we all agree that we have to create the conditions for the return of the displaced persons and the refugees. we agree on the right of the syrian people to choose their leadership through transparent, free and fair elections with a new constitution and protections for all minorities in the country. we agree on all of that. surely we can find a place where one man does not stand in the way of the possibilities of peace. so we agree that all of these steps can only be achieved and syria can only be saved through a political settlement. so my message to foreign
minister lavrov, to prime minister putin, that we all can contribute to the end of this syrian disaster through a transition already agreed upon in the context of the geneva communique and allow this beleaguered country to right itself. that is what we're beginning to pursue with this trip back across the atlantic this evening. before closing, i want to make two additional points. first, to skeptics who say that democracy can't make it in the middle east and north africa, i reply with one word: tunisia.
[ applause ] >> here where the arab spring was born, we're not finding a paradise, but we're finding a place where leaders from opposing factions have been willing to put the interests of their nation above personal ambitions. where civil society played a vital role in spurring political dialogue, where power was transferred peacefully from one leader to the next in accordance with the rule of law. and where diverse perspectives, including those who were not being oe prpressed, but they're actually being taken into account. it is instructed for the entire region. tunisia is showing what it means to be builders in the middle east. my second point is more of a
plea. please do not accept the view of some that the middle east must inevitably be divided along sectarian lines, especially between sunni and shia muslims. nothing fuels the propaganda of dash and other terrorist organizations more than this myth. this simplistic and cynical view is not only not true historically, it's not true today. after all, the coalition to defeat dash includes virtually every sunni majority nation in the middle east, and dash, as we know, is made up of sunni. last june when dash suicide bombers attacked and killed 27 shiite muslims while they were praying in kuwait right at the start of ramadan and 27 were killed, what happened? sunni immediately rushed to the site of the tragedy.
1400 people volunteered to give blood the first day. sunni religious leaders urged their followers to show solidarity by praying at shiite mosques. the government flew the bodies of the victims to najov for burial in accordance with family wishes. and back in kuwait, 35,000 people of every single sect tried, came together and attended funeral for others who were killed. the amir stood up and said the mosque will be rebuilt. and a sunni businessman volunteered to do the job for nothing. dash will rise or fall in its ability to drive good people apart. and that is precisely why i say it will fail. on that horrible evening 20 years ago when rabin descended
the steps in tel aviv and he walked towards his car and towards his killer, there was a sheet of paper in his pocket that would soon be stained with blood. and on the paper were the words "a song of peace," words that warn of the permanence of death and replace it with something better. the words are still replaced with violence, but it need not be, because the region is still pulsating with life. it is homes that are youthful, energetic looking and far more important than plugging into the world economy than slugi inslug out with historic foes. it is in him that we place our faith. it is for them and for their horizons that we dedicate our collective efforts. and it is with them that the
united states of america is determined to turn back the destroyers and build a future that is characterized by prosperity, by peace and by dignity for all people. that is a worthy fight. thank you all very, very much. [ applause [ applause ] every weekend the c-span networks feature politics, books and american history. saturday night politics and internet experts on whether social media hurts politics and its effects on campaign 2016. and sunday evening at 6:30, texas legislators and other officials look at the hispanic vote in the 2016 and 2018 elections. and this saturday, on c-span2's book tv starting at noon eastern, it's the 27th annual southern festival of books in nashville, featuring kristin
green on a virginia town's reaction to the supreme court's brown versus board of education ruling, actor and producer wendell pierce on how hurricane katrina impacted his family's new orleans neighborhood. and cecilia tishy remembers jack london. our live three-hour conversation with author williams. in response to your facebook, e-mails, facebook comments and tweets. saturday evening at 6:00 eastern, historian don doyle looks at the world view of the american civil war and the perspectives of foreign born soldiers who joined the cause. and sunday morning at 10:00 on "oral histories," an interview with chief justice clarence thomas on his upbringing in the south and his grandfather's
career. c-span has your coverage of the road to the white house 2016 where you'll find the candidates, the speeches, the debates, and most importantly, your questions. this year we're taking our road to the white house campaigns into classrooms around the country giving students the opportunity to discuss what important issues they want to hear the most from the candidates. follow c-span's student cam contest and road to the white house coverage 2016 on tv, on the radio and on line at c-span.org. defense department chief information officer terry halvorsen spoke to reporters about ongoing cyber security during a breakfast hosted by the christian science monitor. this is about 50 minutes. okay, i think we're set.
thanks for coming, everyone, i'm dave cook from the monitor. our guest today is terry halverson for the defense department. he oversees the role of the largest computer network. he is accompanied by larry bailey whose role is deputy chief officer for the defense department. he holds a master's in information technology from university of west florida. he served as an army intelligence officer and later as a civilian. he was deputy commander of navy cyber forces and then became the navy's chief information officer. he's been in his current role as pentagon's chief information officer since this last march. ms. bailey has a bachelor of science degree from the university of maryland and a master's from the industrial college of the armed forces. she's been a member of the national security work force since 1984. thus ends the biographical
portion of the program, now on to the riveting mechanical details. we are live and on the record here. no live blogging or tweeting. in short, no filing of any kind as the breakfast is under way to give us time to actually listen to what our guests say. there is no embargo when the session ends at 10:00 sharp. to help you curb that relentless selfie urge, we will e-mail several pictures of the session to all the reporters here as soon as the breakfast ends. as regular attendees know, if you would like to ask a question, please do the traditional thing and send me a subtle, non-threatening signal and i'll happily call on one and all. we're going to start with our guests to have the opportunity of opening comments and we'll head around the table. with that, your breakfast is over. sorry about that, sir. thanks for coming. >> none needed. i'd like to thank all of you for
taking time. i looked at the list, a pretty big list, i figured breakfast must be pretty good. that's why everybody is here. as the introduction mentioned, d.o.d. is the largest private network. people have heard me say this before, but i think it gets to our scale. if d.o.d. was a fortune 500 company, we would be fortune 0 in terms of how you want to measure it, forms of cash, defense. we are very, very large. we are also attacked more than anything else. mary ann is my deputy for cyber security, and i thought maybe there might be some interest in cyber security questions given some things that are going on in the world today. i'm going to focus my opening comments very quickly on three components, that while they are
focused around cybersecurity actually apply more broadly than that. i get a question all the time, what keeps me awake, and i think most people expect me to answer it's security or it's dollars. it's neither of those things, it's culture. we're in the midst of having to make some major culture changes, and i want to say d.o.d., but i think we'll have to make some culture changes. one of the things we have to do in d.o.d. is establish a culture position. when the internet started -- and we should take a minute and say happy birthday to the internet. the internet's birthday is today. it was the first arponet connection across today, and i would mention it was a d.o. d.o.d. arponet connection when it first started, it was a research connection built to
share information. it continued that way and people got to be that it was a trusted area, and frankly, it wasn't until it more matured that we started to see a series of bad actors on the internet, but they are out there today. but they're not visible like they are in the physical world. so i think it's easy for people to forget that there are bad actors out there. it's certainly easy for parts of our work force to do that, so we are really trying right now to make sure that people understand you got to go to the internet. it is an important part of our business and important part of our culture, but you have to go there with the right rules and right understandings, so you will see a lot of information on that. the chairman and secretary signed out the cyber culture work piece that talks about what we're trying to do. it talks about leadership accountability and transparency. because we face so many
different threats, there is just different answers. the other part we have to do is move to the right side of cyber economics which is another cultural change because it means you have to understand economics much better in cyber than i think you do in other areas. as a military area, cyber is one of the first big warfare areas where frankly in phase zero and phase one, we have to worry about non-military targets being attacked, and they can be attacked in areas that don't look like they would be attacked. because we get much more advantage from the way we use scyber and high technology, it' of course going to make us somewhat vulnerable to those types of attacks, and you want to think about some of the things that could cause us issues in a cyber world. just look at what would happen if someone disrupted wall street for the day and we're now talking about a trillion dollars. a trillion dollars becomes strategic money. you could interrupt potentially the power grid.
there are lots of things that you could do that would cause us great economic differences. the other problem we have today in this area is that it is much less expensive for someone to attack us than it is for us to defend, and we've got to turn that around. today we are really on the wrong side of that piece. part of moving to the right side is we need to operate our security as much we can. to go past automation, we want to get to economist tools that actually self-learn and can start taking actions on a network either to st stop-quarantine the attack so it doesn't get lateral movement. and maybe the biggest thing we have to do in d.o.d. is develop an enterprise culture. cyber is forcing us to think differently about that. unlike other areas, cyber truly is enterprise because it's connected. you can't help it. it's going to be a connected
piece. and we have to get much better at that at d.o.d. we need to think about what it means to be an enterprise, where we're going to act as an enterprise, under what circumstances we need to act as an enterprise. that gets us to security and cost effectiveness. without that balance we won't achieve cost effectiveness in security. it means we have to look at economic tools much closer than we have in the past. it also means we need to partner with industry, and i mean truly partner. i'm a history major. i actually in college couldn't decide what to do so i majored in pre-med, pre-law and economic science and ended up with a multitude of degrees. if you look at world war ii, we had a much different relationship with industry in the second world war. it was not uncommon for industry and the sector to move back and
forth with employment, to have industry partners working right inside the projects. i think we have to start thinking about how we have to do that. that's particularly true in cyber i.t. because we do not own the market space. we're a big influence there, but we don't own it. if you're buying a submarine, we kind of own the market space. if you're buying an aircraft carrier, we kind of own the market space. if you're buying software in technology, we don't own it. in the commercial world, they're actually doing more innovation in that area than we are, so it's really critical that we partner with that. we're doing a couple things to expand that. some of you have reported on this and know we're doing it. for the first time we're putting civilians out into companies. we had done that with military but we're now putting civilians out in six-month tours with i.t. companies, and we're bringing i.t. company personnel into d.o.d. we've done that with cisco. this year we're going to do it with about 10 companies and they
will be either on the d.o.d., my staff, or they'll be on the service cio staff. and they'll be in areas we think we need to expand on, and how do you do software design networking, that's an area we think we need expertise in, auto mated security, we already talked about that. so we'll pick areas that we need that match up with the companies. we'll certainly make sure we have all the right nda so nobody gets any advantage and we've done that in the past. but i think that's things we're going to have to do to make sure that we continue to have the edges that we gain through our use of the cyber and technology. and they will also help us get to an enterprise thought process. i also think we'll help industry through enterprise. i think one of the things we'll see in industry, there's going to have to be more partnering in the i.t. business. there is nobody who corners all of this. it's going to take much more partnering, i think, among the
industry players for this to work. i really think that's going to have to be a major change in the way industry does business, too. i think you'll see more smaller companies partnering with mid and bigger companies so they can scale. that's a problem for us in d.o.d. i'll have one person say, we have this great tool and we tested it for a million. that's hard for smaller companies. i do think partnering with bigger companies is the way that's going to have to head to keep pricing and delivery speed in the industry. thank you, and i'm happy to take questions. >> i have one or two and then we'll go to olivia strom, mark thompson, and sharon sorcher to begin. let me ask you about the cyber economic curve. in another speech you talked about the fact that an enemy can
spend, quote, a fairly small sum of money and cause us to spend quite a bit. right now we're on the wrong side of that cyber economic curve, end quote. how are you going to change -- can you change that curve, and if so, how are you doing that? >> one of the things we're doing with our cyber culture and our cyber basics is you raise the playing level. when you get your cyber basics right and you've got people doing the right things, frankly you eliminate all of the small end players. and that's one of the things we have to do. the other piece of that will be bringing on the economist tools so that what we are doing is we're doing that with an automated mispiece, not with intensive manpower. manpower would cost money. so i think as we get there, you will see that it will get more expensive to cause us problems. and so i do think we can get to the right side of that curve. >> and is that, in terms of time
horizon, is that a 3, 5 or -- >> i think that's an 1 8 to 24-month plan to get us there. we might not be exactly where we want to be, but i think we'll be very close and we will have eliminated much of the -- what i'll call the canned attacks that are somewhat successful today that you can download from the internet. >> one last from me and then we'll move on. i was interested getting ready for this that you're operating what appears to somebody who doesn't know a lot to be diverse ends of security spectrum. you talked in public speeches about rolling out at the pentagon, quote, secure enough mobile devices, and then the industry was fascinated when you mentioned, i guess earlier this month, working on a top secret capable device that would let forces communicate anywhere any time at a top secret level. so what are the challenges of
operating two different ends of the security spectrum? >> i don't think the challenges are much different. you've got to get the right security level for the mission and the time and the cost. so, you know, you want the ts capability obviously would be for a small number of users in a very select set of missions. the more mobile device that's for everybody, obviously the scale of that is bigger, but the analysis you do to decide what's the right level of security, what's the right cost you want to spend is really not much different in terms of process for the high end of security or the low end of security. it really is getting -- and secure enough actually applies to everything. this is a little bit of a joke, but everybody tells me, i can secure the network today, i really can. i can secure it completely in the next five minutes. now, it would be completely shut down and we would get no work done, but it would be completely secure.
this is a balance. it always is a balance and it's a balance across time, money, mission, threat, and it's getting that right. the other thing, i think, that we have to do that's part of that is understanding your data. most of the data that we have -- and i joke about this, but i'm really thinking hard about it -- i think data ought to come with -- you know how the milk carton comes with "use by"? they ought to come with a stamp that says, "after this date, who cares?" it's perishable. i tell a story back in my younger career where i was part of an operation where we used to have these squad radios so i could yell, "mary ann, duck." mary ann could get that quickly and she could duck. we did this thing where people decided they had to be encrypted, and i will tell you everything you can believe. this is a truism. if a threat can put small arms fire onto you, they know where you are. that's a given. so we encrypted this so by the
time you yelled "duck" when it went through the encryption, you no longer had to worry about duck. it was a different problem. you have to be secure enough for the environment. if the enemy knows where you are and they can put small engine fire on you, maybe that doesn't need to be encrypted. and we don't encrypt that now, we have better ways of doing it, but back then that was a problem. so knowing what your data's perishability is is a problem. >> go for it. >> terry, can you talk a little bit about the cyber implementation plan the chairman just talked about? you mentioned some of the pieces and parts of it. >> first of all, we go after the basics. the basics include things like, you know, higher education levels and more tools around some of the common attacks like spear fishing, setting up fake web sites, things like that.
it's a combination of tools, culture and training and education. that's kind of step 1. step 2 raises it to the next level where we really start looking at more advanced attacks and how do we prevent those. and it's the same type of combination of training, education and tools, but they're just more advanced, you have to have more education, more training. and it's really also educating leaders at every level what their responsibilities are and what they need to know. when you're growing up as -- and i actually started as an infantry officer. they teach you very quickly what things when you go out to your units that you should ask that can tell you rather quickly if the unit is prepared. we have to do the same thing in cyber. what questions should we be asking about cyber as a commander at any level? we've also developed in conjunction with all of this a cyber scorecard that measures a series of things and will
change. as we get good at certain basics, we'll move that up. we just had about an hour and a half discussion with sec def on that. i laid out for him the change and the progression of that. we will measure that consistently across all levels and across all forces. it includes co-coms, each of the agencies, each of the services. everybody gets to be measured. it's an interesting drill because i think it's an area where we were used to measuring readiness and other areas, we frankly weren't doing that cyber. again, i don't think that should surprise anybody. cyber is a relatively new warfare. if you look at the history of aviation, you look at the history of how we develop nuclear, it took us a while to get to this point. i think the big difference in cyber, though, that we're having to react to is it moves faster than any other warfare area. that's a challenge. the things we do today in cyber
probably won't be the same things we do tomorrow. that's frustrating on industry, too, and i'll share that. we did our latest cloud documentation working with industry. we brought industry in, we helped them write the policy priorities. one thing they wanted to do was put in, this will be good for a year, this will be good for two years. the answer is no. it will be good as long as the threat and technology says it's good. when that changes in cyber, you've got to build a role fast. it's hard for any big institution to grasp at that. it ha it's hard for industry to do that. it's accelerated change and we're generally not good at accelerated change as humans, period. >> i thank you for coming. roughly how often per hour, per day, pick whatever time you want, are systems tested by foreign hackers? have you seen a shift in their targets since the --
>> there is no time i'm not being attacked somewhere in the world. >> have they changed since the attack? >> i don't think they're less. we might find a change of data disruption. >> but not things like food distribution versus missiles, anything like that? >> to the extent i can comment on that, no. >> and you mentioned establishing a culture of science discipline. i have some active duty friends who have posted things on facebook they probably shouldn't and things like that. a cyber boot camp, is that something you're looking to establish for people? >> i don't think we'll be doing a cyber boot camp. this is cyber so it will probably be done in the cyber environment. but i think some of the things we're doing would be like the basics you would get in another boot camp, only we're delivering them through a cyber means. >> chris stromm from bloomberg.
>> a russian hacker got into b&b's network. can you elaborate a little bit, how does that happen? do they actually steal any information? >> the answer to your question is no, i can't elaborate on that. >> ian clapper has said that russian hackers are the most sophisticated hackers, or they've been the most aggressive lately. what's your assessment of the threat of russian hackers versus the threat of hackers from other nations. >> given that ian said it, it's probably true. >> what is your vision of hackers? >> i think the russian hackers are a threat. >> last month before this committee, you were asked, what keeps you up at night, and you said foremost in your mind was the fact that terrorists might be launching offensive cyber attacks. >> i don't think i said that, i think mike rogers said that, but
that's okay. >> i've got the transcript right here, sir. i think it was you. >> i don't think so, but go ahead. >> then that makes that moot. leon panetta was in our offices a few years ago and he warned of an ian clapper. he said there's probably not going to be a cyber armageddon. rather, it's going to be this sort of gradual incrementalism of problems and troubles. is this going to be a persistent thing, it's going to basically become white noise? we've been hearing about an electronic pearl harbor for a long time and industry plainly keeps waiting for it to happen before they're going to roll out a lot of big money. where is the threat? how much is a cyber pearl harbor and how much of it is just a persistent white noise we have to learn to grapple with? >> i don't know that anybody can answer that. i would tell you two things. industry certainly is shifting money now, big money, into
cybersecurity. a lot of that happened after the target attack that will tend to get you spurred when the cio, ceo all got fired. we see that. we talk to industry a lot. i'll tell you when i knew cybersecurity was getting really important to industry. i was giving a speech and after a speech i was getting questions from these two gentlemen. lots of good questions and i said, where are you from? they said coors miller. i'm trying to think, coors mill financial -- no, it was coors miller beer. i think the industry is getting this. the financial sector certainly got it a while back. is there a potential for a cyber pearl harbor? probably. i think it will depend on what scale of engagement. in kind of the normal phase 0, yeah, i think there will be persistent cyber probing, there will be persistent testing of cyber threat technology.
i think that is something we're going to live with. i don't think, again, that should surprise us. any time we've had new technology, that's what happens. it gets probed. as it matures, it certainly becomes more available for threat to look at it. i think that's going to continue in the cyber world. and it will depend on a little bit on how much nations decide they want to cooperate, too, and i don't think there is any answer that's come in on that yet. we certainly hope it will get to some of that, but i don't think we will see that -- i don't think we're going to see quite the cyber cooperation we think for a while longer yet. >> here's your quote about it, offensive cyber attacks. >> i see it's an extract from the transcript. i really don't remember that. i thought mike rogers was terrorism, but we'll check.
>> i have been known to make mistakes. >> hey, shawn. >> in terms of j and e, there was a report earlier this week by the "new york times" that russian vessels may be probing underwater cable links, and i'm wondering what role gie can have in warding that off if you've gone through those scenarios and if you think you're prepared to handle that threat. >> shawn, be really careful. cables are always a concern. jie really won't have any impact on that one way or the other. they're looking at the physical part of the cable. no way jie plays in that. >> so how are you prepared to defend against the physical part? >> that i'm not going to talk about. that gets into a whole bunch of classified programs on how we protect the cables. >> sara sorcher from pesco. >> mike rogers said earlier this year that the government's focus
on defense isn't working and it's time to consider boosting the military's offensive capability in this space. kerry asked the cio for your opinion. what do you think if you're feeling this need pretty consistently, and as the u.s. considers it, what does that look like? >> i think that's probably a question to ask mike rogers. i'll give you my quick summary on it. as the cio, i am responsible for the defense and sduecurity sidef that. i don't think it's a secret we are looking at what offensive actions could the u.s. take. i think there is always things we're considering. we don't, however, discuss that in public other than we're considering those things. >> so do you also feel a need to move into that space and go -- expand the definition of defense? >> i think what we're telling you is we're probably already in that space, and how much of that -- i think this is more of the question. how much do you publicize of that so it becomes more of an
external awareness that would be in some way a deterrent. again, that's an area that we tend not to talk too much about in public. >> down at the end of the table, mr. marks from politico. >> you talked a little bit about the program you're working on -- the embed program you're working on in private companies. can you go into more detail on who those people are, and i imagine there are people who work from the d.o.d. to industry who already have clearances and so forth. is that the type of people you're looking for? >> we don't actually have the number of people you would think move from industry into d.o.d. and there's a really good reason for that. if you do that, you're generally taking a fairly significant salary cut. what we're looking at is some of our top government performers who have predominantly been government going out to industry and learning a couple things. there are certainly some technical things we want to
learn. we also want to learn how the industry is doing their processes. that's important for us, and one of the things that in the office we spend more time than they have in the past, is understanding what businesses, what do they understand our economic driare, understanding what they're investing in in the future to see if we can influence that. so they'll be doing all of those things until areas that we really think that we need to get some better read on. we've talked about some of those. some of that is -- it's called software-defined networking, software-defined route, whatever you want to call it. it's a software-based tool. that has a big advantage for us. it lets you be more agile. you don't have to replace the hardware as much if you can update it with the software. it's alsocost-effective for us to do that. we're looking 13 to 15 grade levels so that they've got a good track record of high
performance inside the government. >> we're going -- the two-year programs you talk about we're going from industry to government. >> it's a one-year program that they come in to us. we're looking at industry to help us solve some specific areas. so in the case of cisco, they gave us a routing specialist. that's what they do, cisco routers. as we look at other companies, we'll bring in kind of what their sweet spot is and things. certainly this year we're looking for some software-defined pick your name expertise. modular data center technology. i do think that's going to be bigger as you look at it. we are certainly continuing our effort to close data centers. we have too much capacity. but as you do that, you start looking at the -- modular data centers can run at higher temperatures, they run with lower manpower and less power.
it is true the number one cost in a center is labor. right now in d.o.d., our labor costs are higher than industry. i've got to get those labor costs down, and some of that is applying newer technology, and this industry has been able to apply it faster than we have. >> can you explain for a novice why your labor costs would be higher -- you're saying if you move from private industry to d.o.d. you typically take a pay cut. so the reason you're generally higher -- >> because our data centers are not at the same level technology as industry, the really leading industry, we just -- we just have a sheer number of people hired. it really is count the numbers. it takes us, in general, more people to do the same number of things that industry can do less. industry is really leading. you've got data centers now in some of the really advanced
companies that are lights out. even five years ago in industry, what used to take 25, 30 people to do, they're now doing 10 people in a central location managing three of those sites. we've got to get to that same type of level. >> so, you know, your discussion about partnering with the private industry, and you touched a little bit on the issue of labor costs. this has been a longstanding problem with local government as well as state as well as federal, trying to get private industry to come back to government and avoid that sort of brain drain of government folks, really good government folks, usually, heading out to private industry. aside from trying to get labor costs down, what other ideas do you guys have about ensuring the people that, you know, it's not a one-way street. >> one of the things, and probably the single best recruiting tool we have is our mission site. we are able to keep people, and frankly attract some people from
industry, because the one thing you get to do in d.o.d., there is nobody who has more exciting things to work on. that's our biggest advantage. that will work for a while. but i tell you what i worry about is when you get into kind of your middle years in this, that's when you're having kids, you're looking at college, and people come and offer you what can be two or three times what your current salary is. that's hard for even the mission to hold that. and frankly, we are seeing some drain, and i'm not winning that war right now. i'm losing. we're looking at some special pam. easier ways to recruit. we're working on it. we have some and i can do some hiring under some special cyber acts, but i can't really compete very well on the pay. i don't think we'll be able to compete on the pay. maybe we get a little closer,
that would help. i honestly don't have a good answer how we win that one. >> i'm curious what the trust factor is when you talk about working with private industry. because it seems to me the last few years one of the major themes has been a lack of trust between private industry and the federal government, particularly the pentagon over nsa spying, encryption, et cetera, et cetera. i wonder when you talk about partnering more with private industry, are you finding private industry willing to do that, or do you have a big trust issue you have to overcome? >> within d.o.d., with our partners, i don't have a big trust issue, and i think there are two reasons for that. i'm not naive enough to think the first reason is i spend $36.8 billion a year. that buys a lot of potential trust. but i'm going to say this, and i actually had a very good discussion on this on my trip
overseas. i do think american industry responds to d.o.d. very well and has a very good history of doing that. i was talking yesterday at a table where i was speaking at milcom. a lady gave me a suggestion, and i think i'm going to follow up on it, that we have industry with us on a forward edge. when we tell industry, listen, we need help in getting smaller communications to this far-flung unit and we need people out there, they deliver. when you talk to the industry that get this, they are very supportive of defending the industry. i don't see a big trust problem. do i think there are industries that worry about parts of d.o.d.? yeah, but that's generally not the industries that i'm doing as
much business with. the ones that are doing business with d.o.d., i don't see a big trust problem. as a matter of fact, i applaud them. we give them a challenge. they're generally up to meeting it. >> may i add something to that? >> sure. >> the cybersecurity problem is very complex, it's very distributed, it's very difficult ask and it's something we all share. we've had great partnerships with them as we figure out together as a nation, as an industry, as a department of defense how we're going to figure out that problem. we share successes we've had. we've had a lot of great dialogue with our big industry partners on how they're doing that, how they're having successes in their companies, things we may want to look at, so i think there's been great collaboration. >> anybody who hasn't had one that wants one. yes, ma'am? then we'll go down there. yes? >> hi. so earlier this week we saw that the d.o.d. cybersecurity culture
and compliance initiative memo came out. i was wondering, what does this memo mean for your office, and how are you carrying out some of the directives that are inside it, like the directives for culture change? >> well, amber, as we talked about, we certainly looked at how we're changing the training to get it down to every level and going up to every level, getting it to all the commanders. we are expanding what we look at in the cyber scorecard. i do think the things you measure are getting attention, and we are now measuring those things. we're having a lot more discussion with industry, as mary ann said, about how we better share all of the data that's available from both industry and the d.o.d. on what the threats are, how to counter the threats and then passing that around to both our partners
and orchestrate it in the right way to get that culture change and that's what we're trying to do. you asked specifically what my role in my organization is to make sure that gets done. we do the measurements and we are trying to make sure the ork strags a -- orchestration gets with all the data. are we doing the authentication? are the systems administrators using tokens so we know what systems administrators are on the networks? have we put all of our public facing and forward facing, evening onto the internet servers behind the right set of firewalls or other security boundaries? firewalls will change here
somewhat. but there will still be a security boundary, whatever that technology is. have we looked at how all of our data is encrypted or not? when -- there's times when data should be encrypted and are we following all those processes? >> we'thank you for taking my question. you had talked earlier about partnering with industry, particularly smaller partners. i know d.o.d. has stood up an experimental innovation unit in silicon valley, so i would love to hear how that process is going in the early stages. >> i think it's going about how you would think in the early stages. we're making some progress. we're still learning that. it's out there really to learn how silicon valley does business than to teach silicon valley how d.o.d. does business. i think that's a key that the secretary set very smartly for that. here's what d.o.d., when it comes down to it, if you're a
small business and you're doing your innovation, you live on a 3 to 6-month funding cycle. if you don't get money in the 3 to 6-month window, they're not there anymore. that's what they have to do to pay back their backers. we're generally not turning that fast, so one of the things we try to do up there is how do we make the smaller investments we have to make faster? and i think we're doing okay. i would tell you the secretary probably thinks we need to do better and be able to still get faster. the other thing that unit is doing is not educating silicon valley about our business process at d.o.d. but actually educating about our processes and what do we need? what are the areas that we need the most help with? i think that part of it is going really well. and we've coupled that with -- we've had a couple trips out to silicon valley. we will have -- when i say silicon valley, it's the concept
more than the location. we've put one out in california, but we're taking a trip -- my deputy will leave up the east coast, because there's actually a lot of innovation going on in boston, new york, places like that. so we want to make sure we're not just capturing what's out in the physical silicon valley but getting that concept. we're even looking at some places -- you know, there's interesting innovations going on in london and places like that. how do we make sure we capture all that? so in addition to partnering with the industry, we're also having better relationships with our counterparts. i spent a lot of phone with mike stone, who is the u.k.'s cio for their ministry of defense. we exchanged ideas. i just came back to see how they're doing. they're a little smaller, they can turn faster, but they're the exact same problems. so we can look and see a little
bit what fails or succeeds faster, which is a big help for us. >> i'm going to keep moving around the table but i want to ask a question, if i can, about veterans. we were talking before the breakfast started that you were scheduled to testify on tuesday to the house committee on oversight and government reform about electronic records between the d.o.d. and the d.a. as you know, former secretary gates lamented that he never succeeded in cracking the b bureaucracy and said if there is one bureaucracy more attractive in defense, it's the va. so how does the record inoperability thing stand? i ask that as an older veteran myself. >> it's getting better. i don't think it's good enough. i guess i would answer more about what we in d.o.d. are
doing. i'm sure all of you are aware we have just signed a contract to make d.o.d. more commercial like. we're going to have commercial and we're using a very broadly accepted commercial software to do that. we're spending a lot of time looking at how to make that work better. we are actually taking more and more commercial practices. now, i think that what d.o.d. will do -- and this is my opinion so i stress my opinion -- but as i look at what we're doing there, that is an area of business where i think we will tend to -- continue to move more and more commercial. i think that is a place where the commercial market frankly does it better than the government. >> and is it your sense the va is doing the same thing? >> i'm not going to comment on va. >> okay. i've been trying to get mr. mcdonald to come and do a little
veterans day appearance. we'll see whether that happens or not. other people who have one? >> on tuesday the senate, after five or six years of hammering finally passed the cybersecurity bill of private sharing between the private sector and the government. even supporters like harry reid said, this is a very weak bill, this is a small step. we need to do more on cyb cybersecurity. how will expanding be for your purposes and how much would you like to see from congress? i know you mentioned special pay legislation, but what else? >> i think any time congress takes this and talks, skpeand e if it's weaker legislation, i think the liability will help people share in anything that encourages people to share data here is a good thing. if you ask me, the biggest piece of legislation i needed hopefully the senate will pass tomorrow, and that's the budget.
i don't know that everybody understands when you're working on what amounts to be a nine-month fiscal year, and we've done that for seven years, nobody can do that right. you will get inefficient and you will lose gains. so the big legislation is hopefully the senate will pass the budget bill tomorrow. we were glad to see the house do so last night. >> anyone else who hasn't -- yes, ma'am, i'm sorry. >> a couple questions. a few years ago, chelsea manning leaked a number of documents. >> can you speak into the microphone? thank you. >> a few years ago, chelsea manning leaked a number of documents to wikileaks, and after that there was an executive order to create some sort of insider threat initiative. have you fully implemented that? what's the status of that? are you fairly confident? >> the answer to have we fully implemented is really hard to say yes.
have we implemented to the known threats? yes. but as we talked earlier, that's another area that keeps evolving. are we where we want to be, i think, in terms of how quickly we can use analysis and adapt to that, no. but have we done some very good things with that? yes. how you look at what our norms for people searching their data. there are norms that people should stay in within data by their job position. we certainly look at that. when you talk about insider threat, it really does tend to be, what are you looking at that's deviation from the norm? now, as the threats get more sophisticated, you've got to get more sophisticated at being able to understand that, and that's where i think we have to continue to develop and figure out how we do faster -- frankly,
faster forecaster analysis. that's hard. we need to do that across the board. one of the things that we've done with the cio staff and some of the other staff, there is a book out called "flash foresight." interesting book, and it's written not by a futurist but a biologist. he says, these things are certain to happen unless you have some cataclysmic event. these are things that are going to happen if you don't take action, and when you start to look at it that way, i think it gives you more focus and a better ability to be more predictive. we're looking at how to do that because i think that's the key. >> so the nsa has the insurance division. there's cyber command which also has a unit to help defend networks, not the defend the
nation teams but more of a defensive helping to support the cybersecurity aspect of the d.o.d. networks. and then there's your guys. >> then there's what? >> then there's your office, right? what distinguishes your -- >> so we actually own the iea money. nsa, their ia is looking at what i'll call the broad strategic. they get down to the technical tools. cyb cybercomm is what you take from that industry and offer. >> so you don't have operational. >> i don't have direct operational control. we certainly play in operations typically around the defense like measuring the scorecard issues, but yeah, we are basically policy in balance. >> anybody who hasn't or we can do a second round? this is a quiet moment, this
doesn't happen very often, so let me ask you about contracting challenges. the deputy secretary of defense for cyber policy was at an event at the center for strategic int studies and talking about the challenges that you face, that the defense department faces in acquisition that you need to be careful that you're not buying things that build in a security threat. he was talking about poor high gent effects, poor security built into products, poor security on networks that you are absolutely looking at regulations that can help define what those standards are. where does that effort stand, snir. >> i think we are in pretty good shape on that. we are published a lot lately. frank kendall put out directive that is are required for contractors that are going to be in the network or network tool providers. they must do a little bit more
about securing their supply chain. they must have certain things in their contract. they must make certain code available to us to review. do i think that completely solves the problem? no. and i think that's another one where the problem is speed because what we tend to do there is we're writing policy about what the known threats are and what known has happened. that's what you do. again, how do we get ahead of that is the challenge there. what's the next place that the threats will go to look at even in the supply chain or what else will they try to do in marketing different tools. i mean the other problem you have in today's contracting world is the fast pace of what company owns what company. that is a concern for us. you know, you find out -- >> in terms of foreign ownership? >> yeah, absolutely. so that's -- and again, it's just the pace. the pace at what change happens in every aspect in the cyber
i.t. world makes acquisition harder because while you must acquire with higher speed, you also must do all the extra due diligence that the threat -- i mean, they're absolutely in opposing affects so how do you balance that? that will continue to be a challenge. >> last question, mark thompson. >> cycling back to that hastert hearing last month and i think you said, yes, we are enforcing accountability among our people who are responsible for poor cyber hygiene. when you're asked, well, what did you do, you declined to say. if you're trying to change the culture, isn't there an element of deterrence in letting folks know if you make this error, this is what's going to happen? why you won't say for the chairman of the joint chiefs intrusion, without naming the people, what accountability was meeted out? >> there's the deterrence in the people who inside the d.o.d.
need to know that. i don't think that's a topic i need to talk about outside of the d.o.d. like going to "time" magazine saying when you do editorial review boards, do you publicize that? >> when we make a mistake we publicize it an print it. >> i don't see much other than the one letter retraction with a mistake. i don't see that the reporter was -- we say we took the proper action. we are saying the same thing. i'm not going to tell you what specifically happened by individual. what actions we take. >> how about general? >> generally what we have done in some places we have applied ucmj where that's appropriate. written counseling where that's appropriate. we have taken the appropriate actions given the tools that d.o.d. has to take those actions. >> has anybody ever been fired? >> absolutely. >> thank you. >> on that cheery note, we'll -- thank you both for doing this. we really appreciate it. >> thank you. thank you. they were great questions. thank you. >> thank you.
>> on the next "washington journal" daniel garza, executive officer of the libra party. and secretary treasurer of the afl-cio discusses issues of women working in low-wage jobs. "washington journal" is live with your phone calls, tweets and facebook comments every morning at 7:00 a.m. eastern on c-span. after that, nato supreme allied commander will update reporters on operations at u.s./european command at the pentagon's daily press briefing. watch live at 10:00 a.m. eastern on c-span. combatting isis, the closing of guantanamo bay and the paul ryan election to house speaker were the focus of today's white house briefing with press secretary josh earnest.
>> good afternoon, everybody. nice to see you all. >> two down. >> apologize for the delay in getting started. >> two more to go. >> reporter: [ inaudible question ] >> we'll meet again. i'll never pass up an opportunity do that. just enjoy a little sip here. [ laughter ] >> rub it in. rub it in. >> here we go. now that we have that out of the way. we can go straight to your questions. >> i wanted to ask about new speaker ryan. has the president talked to him yet? called him? congratulated him? and can you give us a sense of when they might have the first
meeting? >> the president yesterday had an opportunity to telephone speaker ryan and wish him well as he ascends to this leadership role in the house of representatives. obviously, this is a position with substantial responsibilities and the president has spoken publicly in the past about the respect he has for congressman ryan despite their significant policy differences. and the president is hopeful that he'll be able to work with congressman ryan to make progress on behalf of the american people. as we've said all along, the american people have elected republicans to be in charge of the congress and a democrat to run the white house. and that means for anything to make its way through the legislative process it's going to have to be bipartisan. and the president is hopeful that speaker ryan will lead the house of representatives in that spirit and with that fact in mind.
>> in this conversation, this phone call, did they identify an agenda item now that the barn is cleared? what's next? >> well, the -- they didn't establish a time frame for a meeting or anything but i think the things that are at the top of the president's legislative agenda are the kinds of things we have been talking about for a little while now. obviously, criminal justice reform is a prominent item on that agenda. the president's negotiators recently completed negotiations on the tpp. then chairman ryan played an important role in building a bipartisan majority in the house for trade promotion authority legislation over the summer, so obviously, when it's time for congress to weigh in on the tpp agenda we'd hope we'd be able to
work effectively with the speaker's office to build that bipartisan majority and build support for that bill. there are some other undone items that could have been part of the barn cleaning but weren't. the most prominent is the transportation budget. obviously, there's some additional funds that need to be dedicated to upgrading and modernizing our infrastructure. the administration has put forward our proposal for we believe is the best way to do that. i anticipate that will be a discussion moving forward. the house did vote yesterday. i believe it was yesterday. on reauthorizing the export/import bank. this is something that has long been supported by democrats and republicans in capitol hill but both democratic and republicans presidents have supported the xm bank. we were gratified to see more than 300 members of the house voted to reauthorize the export/import bank and that
-- getting that reauthorized would obviously be good for our economy and something we'd like to see congress do so -- there's still work to be done. cyber security, i know the senate took an important step in that regard. so there's a lot of important work facing members of congress but i'll end where i began which is that none of it will get done if there is a renewed commitment on the part of republicans to try to pass those priority items along party lines. we're in an era of divided government and democrats and republicans are going to have to work together to make progress on those priorities of the american people and if republicans in congress are interested in doing that, if the new speaker of the house is interested in doing they will certainly find a willing partner in the oval office. >> if i could change topic to the news that china is changing its one-child policy to a two-child policy. do you -- does the white house see this as progress? >> well, while this recent
policy change does represent a positive step, we also look forward to the day when birth limits are abandoned all together and the united states and our work around the world continues to oppose coercive birth limitation policies, including things like forced abortion and sterilization. so this is -- this would fall in the category of policies that are directly related to universal human rights and the kind of human rights that the president of the united states and this government advocates for around the world, including in our dealings with china. okay? jeff? >> can you give us an update on the president's deliberations about sending special forces to syria? >> jeff, i know there's been some reporting about this but a couple of things that i would say about this. the first is that i don't have any new announcements to make today. the second iat