That defined what progressivism is said one of the first to use that to sell to identify. He was the United States senator that was recognized by his peers in the 50s as one of the five greatest in American History in a proponent of world war i, he stood his ground to advocate for free speech. He was about the people. After the civil war america changed radically from a nation of Small Farmers and producers and manufacturers and by the late 1870s 1870s, eighties and nineties we had concentrations of wealth and inequality and concern about the influence of money and government. He spent the later part of the 1890s giving speeches all over wisconsin 51 to the speaker for your groupon bob would give a speech. County bears, every kind of event that you can imagine. And by 1900 he was ready to run for governor advocating on behalf of the people. He and had an issue of the direct primary no more electing candidates at conventions. Number two, a stop the railroads. The assistant attorney general john carlin. [applause] thank you for your warm introductions and inviting me to the annual csec [applause] thanks for your warm introduction as well as inviting me to the annual summit. Le in the National Security. In establishing an annual gathering focused on Cyber Security challenges, the chamber of commerce continues to demonstrate its commitment to keeping the nation secure and lower the barriers for the the businesses to compete fairly in our global economy. The fact that this is your third annual Cyber Security summit is a testament to the growing magnitude of these threats and your commitment to make cybersecurity central to the business plans. This is an important business issue and one that i know the chamber has exercised as a part of its national Cyber SecurityAwareness Campaign which kicked off in may. In the campaign roundtable events that occurred throughout the country the chamber stressed the importance of the Cyber Risk Management and reporting Cyber Incidents as to the Law Enforcement. I couldnt agree with these two recommendations more. Todays event is our opportunity to discuss how we can take the steps and others to best protect ourselves and to the nation. Cyber security threats affect us all and they affect our privacy for our, our safety command our economic vitality. They present collective risk and disrupting them is our collective responsibility. The attackers we face range and sophistication, and when it comes to the nation states and terrorists, it isnt fair to let the private sector face these threats alone. The government ought to help. We do and we need to do more. At the National Security division we focus on tackling Cyber Threats to the National Security. In other words those posed by terrorists and nationstates. I will talk a little bit later about how we have restructured the division to focus on bringing all tools to bear against these threats. Likewise, Chamber Members have an Important Role to play in our strategy. Youve are looking for the consequences living through the consequences with alarming frequency. According to brookings and 97 of the fortune 500 companies have been hacked. Price water cooper house released a report that found the number of detected Cyber Attacks in 2014 increased 48 over 2013. As fbi director james comey noted there are two companies in america those that have been hacked and those that dont know that they have been hacked. So we are on notice and we are all targets. I would venture to say that everyone in this room has been affected by a Cyber Security breach. At best a minor inconvenience, reissued credit card, at worst a devastation to the companys reputation, loss of Customer Trust and injury to your bottom line. Without taking proper steps it is a question of when and not if the public major breach will occur. With that will come questions about whether you did enough to protect your company, your customers and your information. Have you thought ahead to the day when you will have to face your customers, employees, board and shareholders when you have to notify them that somebody has infiltrated your company installing your most valuable and private information . If that day was today could you tell them that youve done everything in your power to protect your companys future . Had you warned them of the risk would you be able to say that you have minimized the damage . Do you have a plan . It is a daunting scenarios that there is no surprise that surveys of the general counsel around the country identified the cybersecurity as the number one issue on their minds today at the surveys also show that over a quarter of the fortune 500 Companies Still dont have an established response to the cyber intrusions. This is a Risky Business and we know that we will never achieve the defenses that will remain vulnerable. But you can take step is to mitigate the risk, protect yourselves and companies and ultimately the cybersecurity of the United States. Weve identified for each central components of the corporate Cyber Risk Management. First, he quit and educate your self and make sure that you have a comprehensive cyber Incident Response plan and review it. Ive spoken with many ceos and councils that have not reviewed or cannot decipher their companies plan. These are Risk Management decisions and we cant manage the Corporate Risk if we dont understand it. Who is involved and who needs to be notified in a major breach and what will you disclose and when will you notify the client, while enforcement and the public . Second, note that your contacts create risk. Actors can exploit outside vendors no matter how easily and your defenses may be unique to worry about those outside the company that you do business with and consider guidelines to govern the access to your network and ensure that the the contracts require vendors to adopt appropriate cybersecurity practices. Third, protect your bottom line. Companies are increasingly considered on Cyber Insurance and you should consider how this may fit into your Risk Management strategy. Cyber insurance may offer some financial protection and also incentivized companies to audit the defenses. Finally do not go it alone. Some of our attackers are linked to deep face military budgets and resources and when they are it is not a fair fight to take on the loud. We must Work Together so it can be one more complaint of the Risk Management strategy. As more breaches are acknowledged, the public will ask how quickly and effectively you responded and asked leaders will have to answer to the shareholders, board members, customers, the media and the public. You will want to say that you did everything you could to mitigate your financial loss and your reputation will depend on it and we can help. We may be able to take actions to disrupt and detour. You are on the frontline of the battles but we are with you. We are committed to working with you to protect the networks can identify the perpetrators, disrupt their efforts and hold them accountable. At the department of justice this is among our top priorities. At the National Security division we recently appointed new Senior Leadership to strengthen our capacity to protect our National Assets from Cyber Attacks and economic espionage. We created and trained the nationwide National Security cyber Specialist Networks to focus on combating Cyber Threats to the National Security. These are specially trained prosecutors and every Attorneys Office across the country. And as the doj we will follow the facts and evidence where they lead weather to a disgruntled employee or a loan hacker to a syndicate in russia or yes even a uniformed member of the chinese military. Indictments and prosecutions are a public and powerful way to which we the people governed by the rule of law legitimizing to prove your allegations. As attorney general holder said it may enough is enough. We are aware of no nation that publicly states the information or commercial gain is acceptable and thats because its not. Nevertheless in the shadows so me and coverage and support corporate theft for the propagandist ate owned enterprises and we will continue to denounce those actions including by bringing criminal charges and we wont stop until the crimes stop. A core part of the response must be disruption and deterrence to raise the cost to people that commit these and to detour others from emulating their actions. Of course we recognize that the Justice System is just one tool in our toolbox and in addition to prosecution we are working in conjunction with partners to explore how to play the designations and other options to confront the challenges. These changes help us fulfill our responsibility and help us work with you because we rely on cooperation to bring the cases from identifying the malware and its functions to pinpointing the location of the servers come in demanding botnets and removing the Malicious Software from computers. Take as one example last springs takeover of that description a big success for our colleagues in the criminal division. This wouldnt have been possible without close cooperation. As the fbi put it, it was the largest fusion of Law Enforcement and industry partnerships ever undertaken in support of the fbis cyber operation. Across the International Boundaries and affected hundreds of thousands of innocent users computers. We recognize one of the best ways to protect the nation is to support you in your efforts. Thats why he and 2013 that federal agents involved over 3,000 companies that their Computer Systems were hacked and that they are working to provide the Additional Information as much as they can about the who and the how and every day the fbi works with Companies Targeted by the activity ranging from the lowtech denial of service to the sophisticated intrusions by statesponsored military support units. We are not limited to helping in the aftermath of an intrusion nor do we see our role as only a collector of information we also share Sensitive Information with you so you can defend against the attacks and engage in the disruption efforts. In the past year alone the fbi presented over 3,000 three dozen specific briefings to Companies Like yours. The information we share may enhance your ability to detect future intrusions into your engagement with Law Enforcement can help connect the dots between your breach and a broader threat. We may be able to help identify what was stolen, locate the perpetrator of the attack and in certain cases mitigates the effect of the past intrusions. Given the importance of the cooperation the department of justice is committed to lowering barrier of sharing information through extensive meetings which are inhouse legal teams and learn what you perceive to be the hurdles to the cooperation and we are working to address them as we can. We clarified certain laws and antitrust statutes are not impediments to sharing information with the government. We understand trust on both sides is an essential predicate and about our work with you weve been striving to protect the Sensitive Data including trade secrets, detailed of the architecture and the personally identifiable information. The bottom line we can help you manage your risk and you can help us keep our nation safe. The commission concluded recently in its ten Year Anniversary report that we are at september 10 levels and preparedness and they warned that history may be repeating itself in the cyber realm. We must stand together to keep that from happening. We also prepare ourselves for data that we can see coming over the horizon. If we think about the tools for cyber criminals use, the Intrusion Software affecting millions of computers, botnets used by criminal actors the tools are generally used for financial gain but it doesnt take much imagination to imagine these tools can also be used to disrupt or destroy. Terrorists have stated that they want to exploit the vulnerabilities to harm our way of life. Al qaeda announced its intent to conduct civilian attacks in the financial system. In the department of homeland security, recently confirmed that the investigating the two dozen cybersecurity medical devices and hospital equipment that could be exploited to injure or kill a patient with a few strokes on a keyboard. The threats are real. We know the terrorists have the intent to acquire the Cyber Capabilities and that if they succeed in acquiring them that they wont hesitate to deploy them. Its a race against time and one with highstakes consequences. If the department for also looking at the gaps. Most were not written with cyberspace in mind and they dont contemplate the access of the extraterritorial crimes. They dont facilitate the multijurisdictional and they dont empower us to bring the authority to bear swiftly and effectively. We are committed to working with the relevant law or rule makers that support not a rising of the law. The cyber legislation in several areas including information sharing is needed. I want to conclude my remarks by discussing the perceptions of being hacked. Among the consumers there is a growing understanding that companies are going to get breached but that doesnt mean we turn the other way. There is a downside to taking the approach to the cyber threat. Consumers expect companies will adopt industry standards and when these intrusions happen as we see the consumers expect companies to respond promptly and acknowledge the intrusion publicly and cooperate with Law Enforcement to mitigate the damage. The chamber of commerce and its members are uniquely positioned to drive the corporate change to ensure that the companies and partners treat the cyber breach as much as technical problems come into recognize that Security Operations are not insulated from the Business Operations and to discuss to the boards and employees and industries the importance of Cyber SecurityRisk Management. As we face ever more threats in cyberspace which incorporate the publicprivate cooperation into the toolkit the threats are not but threats are not letting up and neither should we. Thank you very much for inviting me. Questions for mr. Carlin . Lefty rely on you. I had. I had a radio show at the National Press club on Climate Change. In my radio show i deal with a lot of ngos that dont trust the government and when they see the government partnering in the private sector, they get really nervous. Ideally there was a chamber of commerce that hired a number of offensive cyber firms to engage in the Cyber Attacks against some of these ngos. I dont know that the department of justice or anyone else in the federal investigated or prosecuted that. Im not sure on the liability repercussions. And it is really thick among the Community Working on the Climate Change into a lot of other things when we consider the full weight of the government and the private sector standing on our backs. What i would like to know if have you considered that the federal government might reassure all americans that its working to protect everyone and not protecting members of the chamber of commerce when things like this happen. At its private consumers, companies or nonprofit organizations, and in fact we have seen too often got they are targeted on the cyber attack bday by the nationstate adversaries or criminal groups. And so i would encourage those who are who suffered a breach to come and work with Law Enforcement as the crying as they would have in any other circumstance. And we would be happy to work and are working on cases like that all across the country other questions on todays topic if you would please politico cybersecurity. Youve spoken in the past on the indictment of the chinese officials and all of the government approach. The problem in those remarks it was promised that this is not the end, this is a new normal. What are the type of circumstances that will lead to more aggressive movements by the government against the nationstate what types of things are sort of the threshold to see more of the tools being deployed . I think for too long when it came to the nationstate actors there was a lot of good work being done on the intelligent side of the house to find out what was going on. But for too long on the criminal side of the house, we were not working day in and day out to see whether or not it involved the nationstate actor that we could bring appropriate criminal charges and thats why in 2012 we started the National Security network and how the prosecutors trained all throughout the country on both have a handle on the one hand and the complexities of the electronic evidence and on the other hand how to deal with the sensitive choices and methods and expertise the prosecutors have been bringing to bear. Now that people are looking at the cases in that manner and the fbi is regularly sharing intelligence with the specially trained prosecutors, the case will be brought and we proved that was the case by bringing the case against the members of the Liberation Army 6198 earlier this spring. The prosecutors and agents continue to work and we will see additional cases because the crime continues of stealing the economic information. At the same time, we need to look with our partners and our developing sentience from the department of treasury, commerce and to the designations bringing suit to make sure that we leave no tools in the toolbox grade we bring everything to bear to increase the cost so at the end of the day those that have information from hardworking american businesses and customers decided that it isnt worth the risk of getting caught john with American Express thank you for coming today. Can you shed a little bit of light on the impact of some of the latest takedowns . And in partnership with some of the private private Sector Community to affect that . Once again, that is an example of a takedown where several things were happening at once. The unique action inside the United States in order to disrupt the commandandcontrol servers that keep them from sending the commands. You need the cooperation of the partners because many of the servers and the infrastructure so that they could simultaneously take action and to the extent that we could and we did, you need to find attribution of the bad actors responsible working with the countries to bring them to justice. That collaborative action that took place in the u. S. Government, Foreign Government abroad into the private sector was able to the thousands of computers that had the malware on them and bringing to the individuals to justice. That is the type of action that cannot take place without the help of the private sector into the private private sector was essential in the speed with which you are able to remediate some of the damage to some peoples computers and that is what i think bob anderson referred to in the future. Can you go over some of the challenges that you have with the obtained digital evidence . I know in the metropolitan area there are a few organizations with the exception of the local fbi agency that has the ability to gather the information that is to maintain it and keep it secure. So what are some of the challenges that you have in the country . It is a challenge. Weve proven to that they cant. There are cases where we can have attribution and we know that person involved. With that said its a difficult case in part because the difficulties of gathering electronic evidence and thats true domestically let alone the challenges of gathering electronic evidence outside of the reach of our orders which require close cooperation with our foreign partners. And i think that we have come a long way in that regard proving we can bring some of these cases but we need to go further and continue to work on developing those relationships with our partners and making sure that they have parallel statutes on their books that allow us to acquire electronic evidence and further that criminal investigation. Thank you very much for coming here today. We appreciate the good work of view and the team. Thank you. I look forward to working with the chamber of commerce in the future and as i worked together on this joint threats. Thank you. [applause] pam just calling to tell you how much i enjoy q and a5 00 on sunday on the west coast of the things stop sector of my phone saying get my coffee the most enjoyable hour on television the guest of very informative with good opinions i enjoy listening in the commons done today. He was accurate and on point he was not using his own personal innuendo. And i greatly enjoyed it i hope you have more guest like that. Bay he was right on target this morning. Came calling to say that cspan is wonderful but as criticisms i have none. But the reason i have almost none is you do a tremendous job to show just about every side the way people look at things in washington d. C. And elsewhere. I take my hat off to you. Thank you very much. Can everyone here me . Well come to the chambers third april cybersecurities of the faq for joining us. We could talk about the bill itself them up prospects . Let me introduce the two speakers we are so glad to have you here as you all know that californias senior senator Dianne Feinstein has built the voice a voice between public tientsin democrats to have a commonsense solution since the into 92 working in a bipartisan way to build a significant record low accomplishments, combating crime and violence in battling cancer and protecting Natural Resources in california. And then assuming the chairmanship of the committee on intelligence rishis overseas 16 intelligence agencies in the first female senators to hold that position is also my pleasure to reduce sex be chambliss in 2008 he was elected to his second term in the United States senate. Consistently named as one the most influential georgians highly visible and wellrespected presence in washington. Us straight talking lawmaker his leadership in experience during his tenure in the house of representatives have earned him the Senate Select committee on intelligence for years been vice chairman since 2011 and a strong advocate of human intelligence gathering. Thank you both for joining us. You have ever propaganda we are big food ha why the two of you decided to put this legislation together. And will begin bellamy say first of all, it is my understanding the chambers prepared to support this legislation and it is important if i could speak for the vice chairman and myself to the whole committee bet on a personal level want to say let the great pleasure it is to work with you. We put out intelligence authorization bills, and ladies and gentlemen, one of the things i have learned in 40 years of public life with the twoparty system to get something done and compromise is not a bad word. As we sit down and i try to share everything nine no with senator chambliss either he has to give more id do and we have found a very productive way to produce for the people of this country. I remember before our Intelligence Community we had a classified be freed and will was happening in the United States with regard to cyberattacks then the director of the fbi said there is one thing that is common. 90 though they have been attacked the heather 10 may not that virtually every big American Company today has been attacked but by how much . It is fair to estimate the cost to the economy is estimated in the trillions of dollars. So it is very serious. We voted on this with a different bill and we put it together on the floor indic got 56 votes in the needed 60. It only had one republican vote. So the key was to do a bipartisan bill