tv Communicators with Representative Will Hurd CSPAN July 15, 2017 6:30pm-7:04pm EDT
challenges with mike pompeo. at 8:00, spacex ceo elon musk talks about emerging technologies at the national governors association of western yes -- national governors association's meeting. wasuncer: in 1979, c-span created as a public service by america's cable television companies, and is brought to you today by your cable or satellite provider. peter: congressman will hurd is a republican from texas, chair of the information technology , a former cyber security analyst and a former cia agent, and he is our guest this week on "the communicators." you have a bill that has passed the house that deals with information technology in the federal government.
what is it? rep. hurd: it is called the modernizing government technology act, or mgt. what it does is quite simple. if a chief information officer in the title government saves money by doing something like transitioning to the cloud, they saveble to use what they for up to three years in a working capital fund. why is that important? >> the federal government -- why is that of? -- why is that important? what the federal government spends on goods and services is outdated legacy systems. that is outrageous. we need to be using our dollars wiser. cioing able to have the have the authority to introduce new technology, a widget on the widget on the- a proverbial two guys in a garage, defendll help the cio
our digital infrastructure, and this will make our agencies more efficient. peter: is it possible to standardize how the government urges his information technology? -- purchases information technology? rep. hurd: we should be thinking about outcomes. we should be giving the authority to the cio's. the problem with the federal government, the person who assigns the service is not the person using the service, and that creates a disconnect, and that's why you have procurement officers that don't have experience in the technology they are trying to hurt us, -- chase, and that will create problems. the cio does not work directly to the deputy agency had. that does not fly in the private sector. the private sector ceo's recognized that your i.t. group
is not just a cost center, it is an agency that can drive interbank -- drive innovation and improve your bottom line. we need the federal government to start thinking that way. these are basic things that smart people are trying to bring to the federal government that ensure that we have the federal government being innovative in how they defend our digital infrastructure and how they provide services. passed theas house. what is the push back in the senate? rep. hurd: the senate takes its time, and i am sure we will get this piece of legislation the senate -- through the senate. we have a deal with a cbo score. last year when we tried to get this done, we did not have those same problems. i feel confident.
i feel like this is some nvidia illustration is interested in seeing -- something the administration is interested in seeing happen. this is something industry is interested in seeing happen. this is an example of a simple piece of legislation that is going to have tectonic impact on how the federal government is able to provide services. peter: joining our conversation is tim starks, cyber security correspondent for politico. tim: some objections have been voiced. talked to those panels, or have you heard from those sponsors on the senate side about trying to alleviate concerns they still have? rep. hurd: we have talked to both, and we have talked to our senate sponsors. we are trying to get ron johnson's committee to mark this up fairly soon.
we are going to be having conversations over the next several weeks about that topic. some of the concerns that senate appropriators are bringing to the floor, some of the same concerns that we talked through before we even introduced the current form of the legislation. somethinghink this is that we will get through, some of these concerns. there might need to be a tweak word two here. i think we can get this done. when i was an undercover officer in the cia, chasing terrorists in back alleys, i was thinking about running for congress. i keep your pyramid -- i.t. procurement was not one of the issues i was thinking about. thati got here, i realized when you change the way the federal government operates, you change outcomes, and this is the kind of change we need to see.
not many things pass the house withis significance support of the majority leader, the minority whip, and this is something that i think will give the right momentum and incentive and bring this across the finish line and onto the president's desk. there is another information technology law that you paid close attention to, called -- you have held a number of hearings on how agencies are doing and implement some of these reforms, even ones recently where some of the agencies saw a downward turn and mark your democratic colleagues said this could be a tribute to the trump administration's policies and approach to hiring i.t. officials. how do you think agencies are doing overall? are they taking a
downturn? things we one of the score, and we score four or five different symbols. store datawe consolidation. not every agency needs to run its own data center. many of them have dozens, if not hundreds. we have tried to force the consolidation of these data centers or move into the cloud. the federal government operates under a cloud first policy. some of the pushback that we got from the agency was that just consolidating data centers was not indicative of of some of the changes that they made, so they account take into optimization, and that's basically how much of the service are they using at a certain time. are they using it the best of their capability?
they said, sure, if that's what you think is more fair. cap the greatest optimization, half is whether you consolidate the datacenter or not. when we did this, most stores with down, except for two. that is one of the issues that caused these pressures. we made the change based on the input from these agencies. i think it is about half of the agencies that don't have a permanent cio. this is a problem and something that needs to be rectified. getting a federal cio i think it is a high priority, because the role that person plays. but this is a problem that has existed for multiple administrations, and you can't just point to one as being a problem. i want to talk to you about
broader cyber security issues. we saw the big outbreak of the ransomware where people's computers were essentially held hostage by cyber attackers. we are now seeing a new kind of attack that is surfacing in the news. what is going on? is this the wave of the future? how do we combat this in any way, shape, or form? the wannacry, before it really hit the u.k. and much of broader europe, months before that, you saw a number of hospitals in california dealing with this issue of ransomware. i think you saw hospitals across theiruntry reviewing digital hygiene and what they needed to do. i think that's why you did not have the impact in the united states that some expected. but yes, the number of attacks that are digital infrastructure
thenly going to increase more interconnected our economy and society gets. the number of connected devices that we are going to see in a is a number so big, it is mind-boggling. we have to be prepared to think about cyber security, and we also need to make sure that the federal government and the private sector are actually working together to defend our digital infrastructure. it is everything from following good cyber hygiene. you've got to be sure you patch your software. you've got to have a strong password which is over 14 and mosts, importantly, employees and individuals can't click on stuffing emails that comes from someone who is not in your address book. these are some of the basics and
deal with kind of 80% of the problems we see. when it comes to what you call apt, anddustry an advanced persistent threat, these are the smartest folks. we've got to be working and sharing information between the federal government and the private sector. peter: congressman, the attack on opm a wild back, how sophisticated was that? rep. hurd: the opm hack actually was not very sophisticated. in the cyber security industry, you have something called a zero day attack. a zero day is something that has never been seen before. it is something that takes advantage of a vulnerability that is not known. when it came to opm, the attackers used existing vulnerabilities that have been known to the cyber security community and broader community for some time. they were able to use that to
escalate the privileges once they got onto a network, which allowed them to rummage through the system. the fact that most americans know what opm is is an indication of how cyber security is coming to the forefront of folks' minds. i represent a big part of south and west texas, 820 miles of the border. i have done 400 events in the past two plus years. i always get a question about cyber security. this is something that most americans are concerned about, especially as we become more interconnected. tim: one of the ways in which americans are getting more of a taste of cyber security over the past year was what happened with the election. re was a conclusion that russians attacked some of these
targets. i want to get your impression of what could be done to secure the elections as far as the infrastructure itself, and if there are things that are not being done vis-a-vis responding to russia? rep. hurd: months before the elections, i was calling for, at a minimum, the russian ambassador to the kicked out of the country. i thought that was a minimum attempts to manipulate our elections. russianery clear that intelligence was trying to influence our elections, but they did not manipulate any of the vote tabulation machines. after the election, my committee held a hearing looking at the threat to our vote tallying machines. it is hard to, in mass,
0's.ulate the 1's and this is something we should be focused on. they should be reaching out to the department of homeland security for additional resources, if they need that. there are some states that have systems that are vo-tech letting machines that are too old and should be out of service. we need to find a way to figure out how to replace that. i think that will be additional money. we saw that after the 2000 election, where some of the funds available for the state to access this kind of information. again, this is an example of the hack that was used to get into the democratic national committee and the democratic congressional campaign committee . it was not a sophisticated hack. they were able to get access because somebody clicked on the wrong information. the question is, what should the response have been at that time?
we have a number of folks -- my former colleagues in the cia and nsa that are chasing terrorists, and kept our country safe for ,he last 16 years since 9/11 and we know how to do counterterrorism. but what is our national strategy when it comes to counter covert influence? a covert influence or covert action campaign? this is something we need to think about not just with the government, but the broader society, because russians are coming again. they have been trying to use asymmetrical warfare. they have been using asymmetrical warfare for the last couple of decades in eastern europe. they tried to use it in our last election. we have to be prepared for 2018 when i think they are going to try to do it again. how do we harden our
infrastructure, but also how do we counter this covert influence? these are the conversations we should be having about this threat and how to deal with it in the future. to be clear, when you were talking about additional funds for making voting machines savor, were you thinking of federal funds, or do you have an idea of how much this should cost? reporter: rep. hurd: -- rep. hurd: i am not clear on the amount that was allocated back in 2000, but there is an existing program that would ultimately appropriate. the conversations are going on about being the time to do that again. about $90n you talk billion being spent by the federal government on information technology, does that include cyber security? rep. hurd: it does, and that's a big number. i think that money should be spent more efficiently. one of the frustrations i have
is that some of the things we need to be doing are not difficult. it was up until last year that agencies were not using two-factor authentication to get access to sensitive parts of their network. that is a basic thing that people should be following. something simple like knowing all the software that is on your network. the federal government, when you buy software, you buy a certain number of licenses. if you don't know how many of those licenses are being used, if you are using less than you are paying for, you are wasting money, and if you don't know what software is being used, you can't keep that patched. to theot vulnerable latest attacks. these are some of the basic things that require leadership. a lot of the problems of cyber
security are not technical challenges. it is making sure we have the right leadership in place in order to have the discipline to see the organization do things like basic digital hygiene. a resistancere from agencies to changing how they use software? rep. hurd: absolutely. one of the things we saw with fatara is we are trying to give the cio's authority over everything on their network. as a member of the oversight committee, if i am going to shine my flashlight on problems and i want to hold someone accountable, they need to have the authority to do everything they need to do. cio's were not having clear authority over everything they were able to purchase to defend the network. we want to push that power to the chief information officers. they were starting to get friction from cfo's within the
agency. what did we do? when we started doing hearings, cfo toght the cio and answer questions together. there is always going to be an inertia in the culture of some of these big agencies, and that's why congress is so important, to continue to shine a light on that and put pressure and let them know that we will continue to follow these issues. tim: congressman, one of the causes you have advocated for to improve several security expertise is the creation of something like a cyber national guard. i want you to talk about it that is helpful. also, have you finalized the mechanics of it? rep. hurd: thanks for asking. here is the problem. the federal government is never going to be able to compete with talent in the private sector.
we need to recognize that and accept that. the idea of a cyber national guard is this. since you were in high school and you wanted to go to college and study something around cyber security, we are going to find you scholarships to go to college. you graduate, you have to work in the federal government, not nsa or dod, but in the department of interior, or at the census bureau, and you are going to do that for the same amount of time that you got the scholarship for. when you finish that time and federal service and go work in the private sector, the private sector is going to loan you back to the government for the proverbial one weekend a month 10 days a quarter where this will of truth the crop optimization ideas between the public and private sector. state, in 2015me there were 42,000 computing jobs
that went unfilled. the average salary was $89,000. that year, texas only produced 2100 oversight is. you don't -- 2100 computer scientists. you don't have to be a map nature to figure out the problem. jobs --e about 50,000 excuse me, i think it is to jobs that are,000 unfilled within the i.t. space across the federal government. we have to make sure we are focused on growing people into those jobs. our sons ande need daughters and nieces and nephews to go into this industry, because that is what is going to protect us in the future, and we've got to make sure they are prepared for jobs that don't
exist today. tim: do you have a timetable for that? rep. hurd: we are working on starting to put pencil to paper. i don't have an exact time frame, but trust me, tim, you will be one of the first to know. peter: you talked about moving the government to the cloud. jury --e extra should extra security issues with that? rep. hurd: when you talk to folks resisting, they think there is. they think they can do a better job of defending a database than someone who does this every second of the day. this is why we have a cloud-strategy within the federal government, and we should be transitioning into the cloud. some people act like the cloud is new technology. it is not. this is something where it can
save us money and also in security. the federal government is always going to have a role in defending infrastructure, whether it is a server somewhere working on the cloud, and that is where we should ease spending our time, not being resistant to an innovation like the cloud. did you find it helpful during the obama administration to have a enteral cio in place? rep. hurd: absolutely. i think tony stott did a great job. this is a nonpartisan issue. we worked very closely with tony scott. i am sure we will work closely with the new cio. this is a topic that is very important. administration came in on the transition team, they weretalking about why cios not reporting directly to agency heads, why some agencies had.
issue of -- why some agencies had 14 people. this issue is something that is important for this administration as well. of the few pieces of cyber security legislation that congress has the cyber security of the nation sharing act -- information sharing act from 2015. you have talked recently about shortcomings with information sharing. how do you fix those? rep. hurd: the way you fix those is make sure what the private sector is needing and helping to defend the infrastructure. we also have to understand the talent that we have in the private sector that the federal government could be leveraging. i always say in the financial services industry, those folks know where the next level of malware is going to be coming take thoset's
assumptions and turn those into collection priorities. we need to get information on what the hackers are up to and get that back in the hands of our american companies to defend the elves, -- to defend themselves and all of our information. we are able to start having this conversation, the fact that the department of homeland security has been established as the bellybutton thenteraction between government and private sector, are all important, and that we've got to stay focused on proving that relationship and getting the right information in the right hands. when you do that, you are going to keep bad guys on the run and away from our system. prior to starting this interview, mr. starks and i were
chatting, and i was picking his brain. besides yourself, he named some speed onbers up to this issue, and they were all younger members. to the older members understand these issues? .ep. hurd: they do kevin mccarthy is running an innovation initiative. i think he has been the key to getting a lot of these uses of legislation off the house for because he understands it. steve scalise is doing well. a computer science background as well. he understands these issues. look, our information gets stale, and i would say most of our colleagues recognize the importance of cyber security and the need to be focused on this. i think that's why a lot of them take the time to try to understand these complicated issues. will hurd is the chair of
the oversight and reform subcommittee on information technology. thank you for your time. rep. hurd: thank you. peter: tim starks, what did you learn? tim: he is someone i have heard talk about these issues a fair amount. i expected some of these answers. peter: is he a go to person about some of the -- a go to person for whom to talk to you about how congress is doing? tim: he is. he is advanced on all these issues, but as we were discussing, some of them are newer members. congressman ted lieu's second term. peter: california? tim: yes. and he has given his background. he is always going to have something thoughtful to say. peter: are these bipartisan issues? most part, although
one of the things we are seeing as a result of the controversies over the alleged russian hacking of the election, is that people are throwing these issues at each other a little harder than they might have in the past. there have been democrats writing pointed letters about trump's own cyber security on at mar-a-lago. it has gotten maybe a little more partisan, but if you go withto several years ago senators lieberman and collins, there was a debate over regulation versus non-regulation. we have seen this as the way to do it, keep it regulation free, but i do wonder if there are more major attacks, you might see more calls for regulation and it becomes more partisan. the pushback you have been hearing about the modernizing government technology act? tim: it still has a price tag
attached. the earlier version of the bill authorized something in the sorry,f $30 billion -- $3 billion, and this one is more like $300 million. they have scaled it back, but it and have money attached, some lawmakers don't want any money attached. peter: >> c-span, where history unfolds daily. 1970 nine, c-span was created as a public service by america's cable television companies. it is brought to you today by your cable or satellite provider.
"americanekend on history tv" on c-span tv, appellation state university professor judkin browning the failed attempts to take the confederate capital and richland. >> they have not done a lot of research about what this peninsula looks like and what marching along the peninsula would be like. but he is dead set on not conceding to lincoln that he puts his army on the virginia: -- peninsula in the spring of 1862. p.m., on the6:30 anniversary of the salem witch they discuss the primary sources compiled in the book "records of the salem witch hunt." >> this is why we know so much
about the pleas of innocence, because it was taken down. there is a reason, it reads like a play. she says this, he says that. hear.ould not all of those descriptions come from samuel parish and his shorthand. fornd at 8:00 p.m., a jfk'sporter talks about five-year campaign. >> i was a junior in college and it was the first time i heard the word charisma. he had charisma. richard nixon didn't have charisma. lbj did not have charisma. but jack kennedy had charisma. that could have possibly tipped the balance in some people's minds.
complete american history tv schedule, go to c-span.org. >> sunday night on "afterwards," naomi klein on her book "no is not enough." she is interviewed by medea benjamin. tell usder if you could a bit about how the stage was set for trump. >> i see this as a bipartisan process, this table that was set for trial. it is not about politics, it is about media, news coverage. all he needed to do was show up. we were already treating elections like reality tv shows. we already had a media landscape that was much more interested in interpersonal drama between candidates than in-depth
coverage between the issues. we already had a democrat using the tools of corporate branding themselves. president obama was a fantastic brand. he used cutting edge marketing techniques, and many of us felt that behind the claims that he was leading this deep change and transformation that there was not enough change, and that also helped set the table for trump. "afterwards" at 9:00 p.m. next, cia director mike pompeo talks about counterterrorism challenges and threats from north korea, russia, and iran. this was added dinner for security and intelligence. it is just under an hour. >> tonight, i am pleased to announce cia director mike pompeo. as director