Skip to main content

tv   Homeland Security Officials Discuss the Departments Cybersecurity Mission  CSPAN  April 8, 2021 3:53am-4:56am EDT

3:53 am
and goes. this is one hour. >> the senior advisor and i lead the democratic institutions project here at csis. i was formerly the undersecretary for what was then called the national protection and programs director and is now the infrastructure security agency. we are very excited to be able to have this conversation this afternoon about the cybersecurity mission with a wonderful group of people who are really my friends and colleagues.
3:54 am
i am hoping that as a result, this will be very lively conversation, all of these people know each other and have worked together and are continuing to work together. i will introduce our panelists to get us started. uncle daniel is currently the president and ceo of the cyber threat alliance. -- michael daniel is currently the president and ceo of the cyber threat alliance. their goal is to come together to share real-time, high-quality cyber threat information to improve the cyber ecosystem. michael served from june of 2012 to january of 2017 as the special assistant to president obama and the cybersecurity coordinator on the national security council staff. that is where michael and i
3:55 am
worked closely together. he lead the interagency development of cyber security strategy and policy on the national level and oversaw agency implementation of that policy. prior to that, michael spent 17 years at the office of management and budget. bless you. chris krebs was the first director of the cybersecurity and infrastructure security agency, having succeeded where i failed in getting that congress to move on that legislation. two transition into this. prior to that, he was serving as senior counselor to the secretary of homeland security.
3:56 am
these are the transition efforts that we had underway. he is someone that i turn to frequently for advice. tim mauer is the current senior counselor for cybersecurity. prior to joining, tim was the writer of the cyber policy coalition and that is where tim and i worked together on issues around cybersecurity. particularly, tim led an effort to -- in research analysis and then implementation, looking at the geopolitical influence of the internet and when cybersecurity was a focus on the global financial system as well
3:57 am
as influence operations and other issues. tim is an author. the published his book largely about the use of properties by nationstates and cyber. before joining carnegie, he was the director of the resilience project at new america and head of research for their cybersecurity initiative. this is another alum of dhs, kemba is serving in microsoft's digital crime unit enters responsible for launching and leading that ransomware program. she started her career at microsoft. providing counsel to the democracy program through the 2020 presidential election but she spent a decade at dhs serving at several attorney l
3:58 am
evels. including lead attorney as it represented to the committee on foreign investment for the united states and she was a cybersecurity attorney which is where i got to know her. she was also for some time the primary sample security legal advisor to the election task force. that is now called the election security initiative. a wonderful team we have here today to have this converstaion --conversation to better understand the role of cybersecurity. i want to remind everyone that is watching that you can ask questions. there is a big green button, ask questions here. hit that button and typing your questions. my colleague will be putting
3:59 am
those together and providing them to me so that i can ask our panelists at the end of our motivated conversation. we will start with tim. i think this is your first public appearance as the senior counselor to secretary mayorkas. i don't think that is a role that many people are familiar with. i thought we could start with you talking about about this role. i know it is you to --new to you as well. you have not been in a very long but tell us how you see the role and how you interact. how does it relate to the other parts of dhs? tim: thank you. thank you for hosting this event. thank you for your leadership when you were in government. also at csis and it is great to reconnect.
4:00 am
i am delighted to be part of this fantastic panel. before i describe my role, let me highlight this team that the secretary has been building at dhs over the past 2 months. the team has come together. jen is a leading legal expert and scholar. jake brown is a senior advisor in our management unit. we have eric and david. this team, laments the cyber expertise the department already has. we are enormous legwork for four brandon wells and the staff at csis.
4:01 am
we are deeply grateful for all of the work that the staff has been doing. not just in the past few weeks but the past few months. you mentioned some of the roles that i had and chris had before. it was not until chris became the leader, it was a growing reflection that cybersecurity remains a top priority for government, that we continue to face a lot of challenges. secretary mayorkas has made cybersecurity one of his top priorities. in order to reflect this as a priority for him as a secretary, he decided that one of his senior counselors would be dedicated to this issue. unlike counselors at some of the other departments, dhs's other
4:02 am
different. given the deep bench we have on cyber expertise, my role is finding out what needs to rise to the level of secretary so i can either read him or prepare him. we will have information ready to go so he can make decisions. it means i engage with three sets of stakeholders in my day-to-day job. starting with the department itself and then going to the secretary's priorities. as i mentioned, we have the benefit and luxury open department to have touched. -- of the department to have this fantastic team. the second part is dealing with our partners at the other agencies so we can help advance the agenda and priority of the administration and as you have seen, president biden already
4:03 am
during the transition made cybersecurity one of his priorities and he is committed to elevating it across all levels of government. i am delighted to have kwmv -- kemba on this call as well. given that we can not implement this vision alone, we need to be in lockstep with partners outside of government as well. concretely, my role, when i started it, we wanted to outline the goals for the department. i spent the past few weeks working with the department and our partners to put together the decision that the secretary announced last week. >> we want to get into that,
4:04 am
some of the content of the secretary's speech. i might ask you to expand just briefly on -- you talked about your work with the other components of dhs. chris put csis on the map. i think there were other parts of the department that have important cybersecurity relations. if you could talk a little bit more about those. mr. krebs: happy to -- >> happy to. looking back at the past year, i think it was a challenging year for everybody to truly focus their attention on protecting the election. with respect to the work and
4:05 am
division for the department that the secretary outlined last week. for those of you that are not familiar with cisa, let me recap that. cisa's role is focused on protecting the civilian agencies. cisa has a key roll to play here. -- role to play here. it is a key interlocker. we to focus on what we can do to protect and help our respective partners across the country. what a lot of people are not aware of is in addition to cisa, the department has a number of components with important missions. the u.s. secret service has a
4:06 am
two front mission. the first one everyone is familiar with with respect to protecting the president and senior cabinet officials, this even service has an important cybersecurity mission. they investigate cybercrime. they have for decades. it is very much focused on investigating cybercrimes. the department is not just focused on the resilient aspect and what we can do to increase basic cyber hygiene and protecting, that is cisa's focus. last but certainly not least, the coast guard is also part of the department of home security and also has an important cyber mission because it is the sector with respect to the maritime transportation system.if you consider
4:07 am
the amount of imports and exports, that gives you a sense for the enormous task with respect to the transportation system. this coast guard -- the coast guard is working on some of that and obviously, protecting the coast guard edwards as well. the previous administration had a plan that we are continuing to implement. tsa is not only focused on airports but it has some important responsibilities with respect to service transportation and cybersecurity . cisa is the top priority as far as focus but there are a lot of sectors that we try to empower. >> at think it is important as well, i'm not sure that people don't understand that cisa
4:08 am
is not just a cybersecurity agency. congress very intentionally left the all hazards mission for cisa . . it is responsible for both physical and virtual threats to our infrastructure. that is important given the convergence between physical and cyber. as you prioritize risks and reduce those risks. you need to look at both the physical and the cyber. i know that you get that and chris understood that from day one as well. tim, i want to jump into the secretary's speech. you talked about some sixty-day sprints. i think we want to jump on that. mr. daniel: this idea of the
4:09 am
series of sprints came up -- mr. maurer: this came up with respect to the components like the department but any large company like that is how do you channel the attention of the most senior leadership to empower the work that is happening across the organization? how do you provide strategic direction and a sense of urgency to keep priorities forward. the series of sprints is designed to help facilitate the work across the department and also use the secretary to help drive forward a specific set of priorities. the series of sprints we announced for the coming year, each sprint will last 60 days. we will focus on tackling ransomware more effectively, second, the cybersecurity workforce which includes the workforce at the department but also the role we can play with respect to the federal government's workforce.
4:10 am
the third was focused on industrial trust systems. also, the vulnerabilities associated with that. the fourth was focused on transportation and cybersecurity. making sure that we continue to implement that. the fifth, we will focus on election security, making sure that continues to be a top priority and the last will focus on the international dimension of the department's work. sixty-day sprint is designed to think through how we can elevate existing initiatives that have been taken forward by the components. third, are there gaps that can be filled with new initiatives or threats, speaking of ransomware. during that sixty-day time, we can move along.
4:11 am
the work does not end within the 60 days. i wish we could software ransomware but that will not be happening. it is more designed to draw attention to a particular area and empower the components. then there are four areas where the secretary sustains leadership attention to ensure the protection of the federal government and that work, given the recent campaign. last, that is a more on the horizon issue, preparing to come from it the series of sprints -- complement those series of sprints. >> michael, you're familiar with sixty-day sprints. i remember sixty-day sprints during our time but this is a lot of issues.
4:12 am
do you think it is the right issue? the right set of issues? is there anything you would add to that list? it is pretty long already. maybe you can talk from the white house perspective. michael: sure. one of the things that is very true in a large organization is that processes will expand to fill whatever time you give them. if he spent six months on it, it isn't like anyone will get it done early. it will always expand to fill whatever time you give it. by setting those rapid deadlines, let your enabling is the process to move and not get mired down. just a natural sort of pure
4:13 am
aquatic tendencies. they are very useful tools. i think tim framed it in the right way. you will not solve the problem in that time. don't frame it like that. this is where we will put focus for a while. we are going to move the process forward so you knocked out some roadblocks. in terms of the set of issues, i agree those are some of the key issues to deal with. if you take ransomware, that has transition from what was an economic nuisance eight years ago to a national security and public health threat today. we were mostly locking up individual laptops and the ransom was $100. now, they are encouraging holes -- encrypting whole school
4:14 am
systems and putting forth ransoms in the millions. that has emerged as a national security problem. we have to change the way we are approaching it. as a government and a private sector. what we have been doing is not enough. there are other issues we refer to in the workforce. industrial control systems and transportation security. all of those things that are critical in their. -- in there. the challenge for the department will be managing those sprints in the crises that will inevitably, -- inevitably come up.
4:15 am
as my friends like to say, the bad guys get a vote in what h appens. the department gets to have some resources that are deployed to whatever those emerging crises are. some of them you can almost set your clock by. which is, tim i would tell you whatever, be ready for whatever is going to happen around the fourth of july. the bad guys know when our holidays are. it is not an accident. we will have to deal with those circumstances. i think that is a good set of priorities for the department to have. michael: great -- suzanne: great. kemba, i know that you and michael have been part of a group that have been looking at ransomware as an issue. outside of your work at microsoft, microsoft has also been very engaged as a company.
4:16 am
i hear that the group that you are now going to be providing legal advice to will be focused on ransomware. talk about the work that microsoft has done and some of the things that you are doing with regards to how we approach and change our approach to dealing with this growing threat . >> absolutely. there is a lot that i have learned since the presidential election. the first is that as michael alluded to, ransomware is a high priority at this point with little to no barrier to entry. it has evolved since -- as a service. it is now modular. kemba: someone like me who has
4:17 am
never coded anything can get into this business. what do i mean by that? you can purchase access to networks and you can lock up an entire hospital or school system. it is human intelligence driven so the bad guys know exactly how much you can afford or potentially afford to pay to unlock the system. they understand the sensitive nature of the data. they are prepared to sell it on the black market or spilled in public and they ransom victims that way -- spill it in the public and they ransom victims that way.
4:18 am
this is a complex crime. we need to treat it like that. we need to treat it a criminal enterprise. microsoft's response, i can talk about that a bit more than the task force. our plan is to reduce profits, hit them where it hurts, we will do that by disrupting the payment system, the cryptocurrency, the flow in crypto but we can also do it by disrupting the negotiation process. at the same time, our approach is to increase the cost entry by improving microsoft product security and engaging and collaborating with other platforms that may be used as a
4:19 am
resource. in the broader sense, microsoft is working across the industry, we are working with government entities, we are working very closely with dhs, particularly secret service and i'm security -- homeland security. we are seeing where we can make it more challenging for the ransomware criminal enterprise. like everyone here has acknowledged, we are not solving the problem right away but our plan is to make a sizable dent by adducing the profitability of it and by increasing the cross -- cost of entry. suzanne: that is a lot and an
4:20 am
interesting array of activities for a private sector company. when you talk about disrupting the flow of cryptocurrency to the bad guys, i assume you're doing that in coronation with some piece of government, fbi? kemba: absolutely, we are doing it in coronation with the fbi, the u.s. postal inspector, the expertise that goes into that is vast. the crypto economy is a specialized area. the government really does have quite a few in deep expertise in that space. it is not always widely publicized but it does exist and there are a lot of resources we can use. there are forensic tools we can use to analyze the flow of
4:21 am
transactions and the on ramps and off ramps, there is a sizable cyber insurance. we work with cryptocurrency exchanges, obviously the large financial institutions and then the courts, of course. but that is where we intend to have our largest impact. of course, microsoft still works in the threat intelligence space and works with law enforcement to assign attributions to criminals in that space and that is also -- that is vast work. that is complicated work. it is not easy to assign attribution to these. we are also disrupting -- we are
4:22 am
also disrupting the infrastructure. we work with victims, particularly those that might be customers of microsoft. you can mediate the problem to try to extract the ransomware bad actor in their networks but also harden it and close the gates so they can't be victimized -- re-victimized. the part that i am focused on is making it harder for people without development skills to enter the market. suzanne: great. chris, you saw this. we were on the front lines when you were at cisa, fighting this
4:23 am
threat. it is interesting. this has come up in this private sector. -- in the private sector. talk about some of the challenges that cisa faces when trying to face. when responding to something as massive as ransomware. chris: 2018 is the year that ransomware really hit the main
4:24 am
stage, atlantic, baltimore, the colorado department of transportation, 29 counties in texas, louisiana, the top three targets are hospitals, schools and state local governments. when i was most frustrated about three years ago now at this point is it did not rank in terms of cyber threats, ransomware. we were focused on state actors and the exquisite threats posed by the chinese and russians. what i was seeing on a daily basis was american communities were being functionally disrupted by ransomware on a daily basis and that is what the american people see. i was concerned there was a death by thousand cuts coming our way where citizens would be losing confidence in the ability
4:25 am
of the government to deliver the key core services. we started turning it up on ransomware, with probably the most notable development in 2019, the late-summer where we made a heart pivot on election security toward ransomware as a threat toward state and local election systems like the registration database. that is when the light turned on for a number of people. when i think about what the new administration might want to do, i think it has three parts. we have to improve defenses but defenses alone will not stop this.
4:26 am
the second is we have to look at the business model in ransomware. we have to look at the financial transactions, though systems. we also have to have some hard policy conversations about ransomware as an enterprise. are you things we need to do in the criminal system both in terms of looking at payments? i'm not saying that we re-victimize the victims but we have to take a closer look at that. we have to go more aggressively after the actors. the one thing the federal government can do is provide more support to state locals. that was what was behind my picking up the ball that you are
4:27 am
carrying on cybersecurity advisors and providing more direct on the ground support across the country. i was glad to see the cyber state coordinator provision and that was going to bribe -- provide for around 50 two work directly with state and local agency cios. but as we talk about infrastructure investments, i think it is well past time for a 21st century digital infrastructure act where we provide the equivalent of a block grant, state and locals where they can modernize their i.t. infrastructure. it will boost american tech companies, revived more high paying tech jobs more americans and yes, it will help stop ransomware. it will improve defenses by
4:28 am
going to cloud-based services, just that one thing will really put a dent in the current iteration of ransomware. suzanne: great. i sense a growing discussion and debate around public policy with regard to payment, ransomware, demands. i think that is something we will have to really wrestle with, it is a very complicated issue. >> if i could go and pick up on the point that chris made, thankfully, cyber policy has been an area where there has been a fair amount of continuity across administrations and parties. chris, what you just alluded to in the mission of this and the steps we can take to protect against ransomware, a lot of the
4:29 am
steps will also help us protect against a whole series of other potential threat factors. ransomware currently poses this risk and has woken up a lot of people across the country to this malicious cyber activity. also, the opportunity that chris was alluding to. there was an awareness across the country that this is a risk. this increases the basic cybersecurity level for a whole range of other factors. our concern was that under the previous administration, cisa issued a joint alert with the fbi warning of the impact ransomware could have on hospitals and health care facilities. if we think about the runout of
4:30 am
vaccines and the transportation and deployment, it is obviously something where we are concerned, it is not just about people making money. this is why we are particularly concerned about it right now. why we made it a priority. we wanted to make sure that we managed this risk and used it to have a broader systemic impact. >> i just want to build on something that chris was pointing out. this is something that i have very much come to over that same time. looking at the disconnect between where a lot of the government's focus was and -- if you talk about what affects most americans, they will not
4:31 am
run into the russian svr. it will run into ransomware, business, other scams. that is what we arguing with. the larger point is we are not saying it is your job to fight cyber criminals. we need cyber command to focus on the nationstate threats. we have to continue building our communities and law enforcement. we have to change the way we think about law-enforcement in the 21st century. the metric for the fbi and secret service has always been guys in cuffs. we may not be able to get to some of these hackers. we need to broader -- broaden the level of success.
4:32 am
is an fbi agent being successful at their job? it is not just about the arrest and the prosecutions. it is about the broader disruption. it is unlikely can forget about the russians and chinese and iranians and north koreans but we have to deal with the criminals as well. the u.s. government is capable of doing that but it means we have to have that level of prioritization. >> it also means we have to have a level of coordination across the government. something that makes sure that while the fbi is making the shift and taking this key role and is doing so in lockstep with cisa in terms of being able to derive the information that is meant to get out to everybody else so all defenders can raise their game and all of that and
4:33 am
state departments, with respect to the international cooperation in the private sector, with respect to the important work that banks are doing, let's talk a little bit about that what has coronation -- white house coronation -- white house coor dination. congress thought it was a good idea and made it a legal requirement. put it into law. the administration has established a deputy national security advisor. they are still setting up how they are going to make that office and who will lead it. you have given this a lot of thought. you were the cybersecurity coordinator.
4:34 am
i would be very interested in your thoughts both on what you think it should look like but more importantly, how both of these roles -- how the white house can best support cisa and dhs in its important mission and particularly, its mission where it is being asked to work the agency, to lead, to guide, so coordinate certain issues at the cisa. level. >> the white house has an extremely important role in coordinating cybersecurity issues. one of the key reasons is cybersecurity is one of those yes issues. is it a national security issue, yes. is it a law enforcement issue? yes. it is yes to all of those things.
4:35 am
that is an issue that will never just be in one agency's job jar. you listen to how all of us have been talking this morning. tim and all of the interlockers he works with and the agency names. we have not even gotten to some of them. for the u.s. government, you need people in the white house focused on coordinating across all of those bureaucratic structures. it is not because those people are not competent and mission focused but their job is to focus on the mission and you need someone to be an enabler for them. i also think that --
4:36 am
i was able to find someone to do that job but there were some things that the national security council is not really well set up to do. two of them are interacting with the private sector and interacting with congress. that is something that you very much need to be doing in cybersecurity policy. that is why i think having a national cyber director which is an office within the water executive office of the president, it is critically important. it can take on those functions. that is why it is a presidentially appointed, senate confirmed position. that is why it has the authority to act with the private sector.
4:37 am
i think with -- when you look at that, there is a lot of work to be done there. i think there are some dangers there. one of them is making sure you get that relationship with the national security -- deputy national security advisor right. there is a lot of work to do. it is not like it has to be a bureaucratic turf war because there is plenty of work to go around. but you need to get it structured by so they are not constantly clashing. the other thing is you need to structure that position so it is not just a super cisa director. we have one. as i argued when we were in the running for this, i said chris already has a boss, he does not need another direct boss telling
4:38 am
him how to do his job. he needs someone at the white house who enables him to do his job or enables whoever the next cisa director is to do his job. we should be looking at those and focusing on those issues that don't fall squarely in chris -- in cisa's job jar. you need to be paying attention to what cisa is doing here so we go with a unified voice to the energy sector, the health sector, the transportation sector, whatever it is so that the u.s. government looks like it knows what it is doing when it goes out there. those are the things that they should be doing. my own view is that means you focus the ncd on being the strategic enabler for the government. it becomes that focus of where do we need to be 3-5 years down
4:39 am
about? --down the road? how do i build the capability in cisa? the epa? how do i build that so that the government is ready to do the missions they want to do? that is where i think the real value could be of the ncd. suzanne: you certainly have a unique perspective on that. that is very helpful. chris, you and i spoke often. you were frequent artistic bent in those cybersecurity meetings. i know that you share michael's concerned about how this cybersecurity director will relate with cisa and how important it is to get that right so that they will empower
4:40 am
cisa and not undermine the power given to cisa. you also recently suggested that you think it is important to nominate a director for cisa, to have somebody in there who is senate confirmed even though you and i both think very highly of brandon wales. why is it so important to have a senate confirmed head of cisa? what are your thoughts? chris: brandon has been doing a fantastic job. it is just one of those constant -- the plan that we put together for succession in case of my untimely departure that we have some sort of continuity. brandon has been doing a fantastic job.
4:41 am
when you look at the mission, when you look at the scope and the scale of the mission of cisa , the budget, the personnel, the leadership challenges, given the fact that it is an established agency that has such an important mission, you need to have a leader in place there as the administration continues to work through its 60 day review and beyond of the national cyber director position. to michael's point, his last one was the most critical in my view about the need for someone to be setting a vision for what the federal civilian executive branch, what does it look like in 3-5 years? it is not just the implementation of it but it is how we set budgets across the agencies so they're are putting their part into the pie.
4:42 am
to date, we have not seen a lot of total complaint in terms of paying for some of the security services that cisa has been offering. the second thing is someone has to do it, whether it is an newberger -- ann neuberger or someone else but someone has to be running some sort of god's eye view over cybersecurity operations. whether it is military, law enforcement, defense, i think that is probably better suited for the national security council. nonetheless, that has to be a clear mission set for someone. suzanne: kemba, please. kemba: from the private sector,
4:43 am
no that i am here, one of the things i have observed is the private sector has a hard time finding the right bellybutton. they have a lot of signals, a lot of information. the private sector wants to tell the government wants and not have to navigate through the interagency to find out who is responsible for what. having the structures in place i think will help with better, actionable information sharing operations across the private sector and the government in a way that has not occurred so smoothly in the past. suzanne: to put it mildly. you're being gentle. tim, we have another question
4:44 am
from our audience related to the growth trajectory for cisa and the comments from secretary mayorkas saying that cisa needs additional resources to do the mission it currently has. the question is if it can really wait until the fy 22 into -- fy 22 funds are available. do they have enough to deal with the vast set of issues that are currently on your plate? tim: we are currently working on the budget proposal. we were delighted to see that congress provided additional funding through the american rescue hack because of the recent campaigns we have experienced.
4:45 am
this is something that we very much welcomed and considered a down payment for the work that needs to be done in the coming weeks and months but also, most likely years, looking at the state some of the systems are in and some of the work that is required to modernize them. with respect to the trajectory, thanks to the work of the cyberspace commission and members of congress who integrated several of the proposals the commission shared with congress last year, the last year and the defense of the rotation act included the broad areas of new authorities to cisa that we are focused unemployment inc.. ranging from providing assistance to other federal agencies to see if hackers are in the networks to shorten the
4:46 am
amount of time it would take for us to detect them and then take action. it includes a joint cyber planning office that will increase our capability to plan and be prepared for future incidents. that is another key development. . we want to make sure that as we think strategically that cisa's authorities and expectations from the public, with all of the work that has been done, that those expectations and authorities aligned with the capacity of the organization. that is a big management challenge that we are very focused on. this is where we are keen to work with congress and other partners to help cisa further mature and make that next sleep and make sure we can act as that trusted interlocker when it comes to public defense.
4:47 am
it could be the quarterback for government, working with our other partners across the agency. accommodations like these are helpful to get into. that is how we are thinking about the trajectory. suzanne: we only have a few minutes left but i want to put a provocative issue out there. we sort of skated over that. talking about cisa's role in all the activities it does and all the work in response to the two year, solar winds on the microsoft exchange, has raised, and again, the issue. our domestic agencies capable
4:48 am
and equipped to defend our networks inside the united states. particularly when our adversaries are using u.s. infrastructure to carry out much of its malicious cyber activity. or, which makes it unlawful for an essay. nsa, currently, does not have the authority to sit on domestic networks or prowl through domestic networks for its activity. it has been for at least a decade, if not more. it was given to dhs about whether an essay, cyber, and those entities typically foreign focused should be given broader authority within the united states to look for this kind of activity happening on u.s.
4:49 am
infrastructure. and so, i'm curious what all of you think about this suggestion, and, chris, you are smiling. let's start with you. chris: i am rarely of the opinion that more government surveillance is a good thing. i am similarly of the opinion that additional government bureaucracy is rarely a good thing. look, to the point about needing to have more meaningful, operational relationship and information ship between government and industry, i think there is a whole lot that can be done in terms of working with industry to get them to share better information about what's happening across their platforms, if their platforms are being abused, then we can ask a few additional requirements. the last administration and the 11th hour executive order issued a know your customer requirement
4:50 am
for service. i think that is a great approach we can affect that the department of commerce i believe is among other things looking at. i think that is where we start, but i'm uncomfortable with any sort of additional domestic intelligence capabilities being sought or given. >> michael, i see you taking your mute button off, i assume you want to weigh in? michael: it's the wrong way to go for several reasons. i agree with chris, we have dealt with this in a number of different situations. even after 9/11. and i think that, really, the answer is not to set only task in and say cyber command with something new, we need them doing their mission overseas and to stay focused on that. we have domestic agencies who have the abilities to get this
4:51 am
authority already through the department of justice and the fbi. we can use that. maybe we actually need the fbi and nsa to share more internally, and do a better job crossing those bureaucratic silos, just like we had to do with counterterrorism information in the early 2000's. now we need to do more of that with cybersecurity information. the other thing is, i think that there is still this idea that cyberspace is this thing out there that is in the ether. but when you actually start really focusing on what it would mean, you were alluding to this, suzanne, that's not just having nsa float gently over kansas. that means actually having the government go probe and poke at somebody's network that they own. right? that is owned by an american, and a business, or something
4:52 am
like that. an organization. and that takes on a very different task when you actually put it in those concrete terms. so, it's an easy talking point, but the reality of it is way more complicated. so i think that rather than focusing there, the effort should be on figuring out what stats we have in the information, and then who already has that. chances are, also, between companies like microsoft, google, facebook and palo alto, semantic and cybersecurity providers, i bet we already have a lot of it. the issue is how do we cross correlate that and bring that together in a useful fashion? >> and as you point out, michael, that while the nation state adversaries, if they were the ones ultimately doing in
4:53 am
attributing these attacks, may have taken some of their last steps using u.s. infrastructure, you have to believe that there was a fair amount of planning for this that was done back at their home offices, and their nation states, which is where we expect our foreign intelligence folks to regather information about plans and intentions. so as was said earlier, with respect to coordinating the interagency inside the united states about several players, there is plenty of work to be done, plenty of work to be done with respect to understanding and detecting our nations data activity overseas and domestically for folks in their mission spaces. i think that's exactly right. so, unfortunately we are out of time. i want to be respectful of people's schedules. but, this was a great conversation, we barely scratched the surface, and i
4:54 am
have already decided i want to try to get the gang back together again before too long. because there are always important issues for us to discuss. i think we helped illuminate the role of c.i.s.a. through a deep dive around ransomware. and the relevance of the organizational structure that goes with that in the role of the private sector as well. so, i want to thank each of you -- i know you are all very busy people, for taking the time to join.
4:55 am
this runs 90 minutes. janet: good afternoon. welcome, everyone. thanks for joining us today for

2 Views

info Stream Only

Uploaded by TV Archive on