Values. At this time let me introduce the participants of the asked discussion today entitled theed battlegrounds of perception, courtneying threats to free and open societies. Ion heresy ali is a refrp fellow at the Hoover Institution. Served as a had minister of the Dutch Parliament from 2003 to 2006. While in parliament she focused on furthering the integration of nonwestern immigrants into Dutch Society and on defending the rights of muslim women. Larry diamond sat senior fellow at the hoover stumts and the institute for international studies. For more than six years he directed fsi center on Democracy Development and the rule of law. Where he now leads the program on arab reform and dpkz and the Global Digital policy incubator. H. R. Mckaufrt is a senior flow at the hoover stiegs 26th assistant to the president for the National Security affairs and served as a commissioned officer in the United States army for 34 years before retiring as a Lieutenant General in june of 2018. The moderator for the panel is neil ferguson. Neil is the mill bank family senior fellow at the Hoover Institution and senior fellow for the center of European Studies at harvard he where he standarded a lawrence a tich professor of history. Please join me in welcoming this esteemed group to the stage. [ applause ] well, good afternoon. Thank you, tom for that introduction. And thank you, ladies and gentlemen for joining us on such a beautiful afternoon when you could be out playing frisbee. Im extremely excited to be moderating this distinguished panel. When you come to think of it we have some just amazing expertise up here on the platform. We have a former National Security adviser who really was the master mind behind a author o remaking of National Strategy back in 2018 and well talk a little bit about his contribution to that. To my far left Larry Diamond whose recent role as editor of a major report on clienz influence operations has caused a major stir all around the world, both sides of the pacific, and sitting on my immediate left pb ayon heresy ali has been the leading critic of islamic extremism and fundamentalism. And i should in the interest of full disclosure acknowledge that she also happens to be my wife. But let me reassure you [ applause ] there will be no softball questions on this panel. I want to begin with a quotation from this is a first, actually, i think the first time we appeared on stage together. We put it off and put it off. And finally hoover talked us flew it. Incidentally our two sons are the first hoover fellows to be bred in captivity. I want to begin on a serious note by quoting from one of the grand masters of strategic thoughts and American Foreign policy. Henry kissinger for a man who just turned 96 has an astonishingly acute grasp of the issues that we are going to be discussing this afternoon. He has written on Artificial Intelligence and in his book world order, he made the following observation. And i quote. The pervasiveness of Network Communications in the social, financial abindustrial and military sectors has revolutionized vulnerabilities. Outpacing most rules and regulationsen indeed the technical comprehension of being regulators it has in some speculates created the state of nature, the escape from which according to hobbs providing the motivating force for creating a political order. Asymmetriy and a kind of conjentle world disorder are built into relations between cyberpowers both in diplomacy and strategy. Absent articulatation of rules of international conduct, a crisis will arise from the inner dynamics of the system. A couple more kwo quotes just to frame the subject. Admiral michael rogers, former head of the National Security agency and u. S. Cyber kpand said a kwum of years ago, we are at a tipping point. And finally i want to quote from nsa crypt graver Robert Morris senior his famous rules of computer security. You want to make note of these, ladies and gentlemen, because everybody these days has to be concerned about computer security. Rule one, do not own a computer. Rule two, do not pirate on. Rule through, do not use it. With that to set the scene, i want to turn to h. R. Mcmaster. General, i want to ask you about the National Security strategy to begin with. Because it really did radically change the u. S. Posture on a range of issues of which probably the most noteworthy was our stance towards china. But it had some interesting things to say about cyber warfare. And ill briefly remind you of something you said. Cyber attacks offer opportunities to low cost opportunities to damage or disrupt critical infrastructure, cripple american businesses, weaken or federal networks and attack the tools and devices that americans use every day to communicate and conduct business. The United States will impose swift and costly consequences on foreign governments, criminals and other actors who undertake significant malicious cyber activities. So let me begin with a question. Can there be effective deterrence in cyberspace . Thanks. Thank you, neil. You asked overall, too, what motivated in dramatic shift in policy that you saw broadly in the december 2017, highry readable just in time for the beach for all of you National Security strategy. Does december, 2018 is when we were able to put it all in place. And and i think it was really a sense that we were at the end of the beginning of a new era. But we were behind, behind behind largely because we were no the competing effectively against adversaries and rivals. And the reasons that we were behind is due fl large measure to overconfidence, overconfidence in the 90s associated with your oh triumph in the cold war, the collapse of the soviet you know yn, the lop sided victory over the sixth largest army in the world during the 19919 gulf war and sustained Economic Growth through the 90s. What some people called the rulings in military affairs associated with the technologies. The first big dot come boom in the valley as weapon pep we were flushed with overservice that led to complacency. Then we confronted difficulties arrive ov i the mass murder attack against our nation upon september 11, 2001. And unanticipated length and difficulty of wars in iraq and afghanistan. And of course the 2008 financial crisis. And i think that jolted our confidence fl a way that we actually became, i think, passive and didnt engage competitively for reasons of pessimism, rather than overoptimism. We made a conscious choice to figure out how to reenter arenas of competition from which we had been absent. Cyber is one of those. And to answer your question more succinctly at this point is that, yes, i think you can deter certain attacks in cyberspace. Really by two fundamental means. One allowed to in the appraise which is to impose costs on a cyber actor or make clear that you can impose costs far beyond those which the cyber actor factored in at the outet set of the decision to attack you. Now those are cyber offensive capabilities. But also capabilities outside of cyberspace that you can bring to bear American Power in physical space, through sanctions, and Law Enforcement actions, but when you when you have the authority to do so military action as well. But the other aspect of deterrence is really to go back to thomas shelling in the 60s. Ke terrence by defile. Convincing potential adversaries that they can not accomplish their object he was through the use of the capability that involves some defensive measures. In fact, making our infrastructure more resilient. And ensuring that any systems, any of our systems can degrade gracefully rather than fail catastrophically. We have a reminder of the ran some ware attack on the city of bullet. These are problems with us right now. I think we have to recognize that our enthusiasm for technologies that made our life so much easier have made us more vulnerable. And maybe prone to catastrophic collapse. I mean, im reminded of elton morrisons book from the 60s as well. Entitled men, machine and modern times. In it he said that man and woman he is writing in the 60s have expended a great deal of effort in trying to tame his Natural Environment. But in so doing has created an artificial environment that is much more complex than the Natural Environment ever was. And so i think were on the right track in terms of recognizing this as a competitive domain. I think you have seen a lot of critical actions taken to make it easier to use, for example, offensive capabilities as a part of deterrence and defense. But i think there is certainly a long way to go. Both on deterrence by defile and the ability to impose costs. Before i turn to the ayon and larry you want i want to pursue that. We have an opportunity to learn from somebody who was there the in the room making and remaking policy. Joe nye of harvard wrote a recent article on this subject. Ill quote from it. Process deterrence is is cyberspace is more like crying governments can only imperfectly prevent it. Its not like deterrence in the age of the cold war where you had to deter the soviet union from firing a missile, because if they fired a missile that is it it we were in armageddon. In some way cyber warfare is a permanent state. Its just keeping the level down so you dont suffer serious disruption. Is that the right way to think about it. I think that is. Because i think cyber actors are trying to avoid the imposition of costs back on them as well. And cyber is a way where we have seen rivals, competitors, such as russia, china, but north korea as well, and iran, try to accomplish objectives below the threshold that would elicit a concerted response back against them. We have to do a number of things. One is to develop a range of capabilities that can be ploid against the actors. I think you have seen that in the last election for example. In the in the midterm elections. I think more and more will be known overtime. But we can did act much more aggressively than we in the past against those trying to disrupt our elections. And there are other actions we can take as well that arent purely defensive but in many ways innoculate ourselves against the effects. I know that larry and ayon are going to talk about influence provision operations and cyber enabled information warfare. But we can can educate ourselves and the public so we are less susceptible to manipulation by the actors. Or we can figure out a way to present credible Information Base the on, you know, verifiable sources and be able to access that routinely in a way that sort of blocks out some of that attempts at disinformation and propaganda. Can we draw that distinction out a little bit more . Because i think there is a distinction between drawn between cyberwarfare and information war. Process and in some whiches the United States spent much more time thinking about cyber warfare prior to 2016, maybe because we kind of invented it. And our assumption was well if we can do certain things to iran sooner or later someone will do that to us. We should worry about computer virus z and malware that might disrupt our software that controls infrastructure. But in fact what the russians did in 2016 was something different, which was information warfare. Can you help us understand the difference. I think it goes back to this complacency problem. I think we believed in the 1990, the corollary to the overconfidence we believed there was a arc of historiry gaerning the froh and open societies over closed authoritiarian systems our privacy from them. It was our confidence that came under attack, our confidence in who we are as a people, our common identity. We no he that 80 of the of the messaging and bot traffic and so forth on social media from the Internet Research agency, the the gru, the russian intelligence arm was aimed as dividing americans along lines of race. The second highest distant second was on immigration. And then gun control. Whatever could be a polarizing issue that can pull our politty and society from each other and pit us against each other and then attack our election so we also dont have have faith in our democratic processes and institutions. And so i think that we came late to the game on this. We certainly did. I think it was again because we were overconfident in just the inherent strength of our society and our system. And im glad you observed the moments ago that we did up our gim and although it didnt get much coverage, the fact that there wasnt effective disruption of 2018 midterms has to be down to the way the administration hit back the Internet Research agency and actually disrupted its communications. So you could i think say that we did learn and learn pretty quickly from 2016. I think one of the lessons overall to get back to your point on deterrence is you cant separate in cyberspace offensive and defensive. We know its Public Knowledge that you know if you develop a cybertool and you use it it has a shelf life of about 96 hours until there is a countermeasure deployed against it. What you have is what cloud warfare isright is a tinnous interaction of op sits. Thats happening now at electron speed, internationally, in in new form of competition. And so what we had to do is align the authorities for knows who are operating to defend us, to defend us from these these actors, to employ combinations of offensive and defensive capabilities. This is a good moment to turn from you to ayon and remind ourselves that although there has not been a major islamist terrorist attack in the United States for some time it hasnt stopped around the world. And just to remind the audience, these are numbers from the u. S. National consortium for the study of terrorism and responses to terrorism, that their most recent report data for 2017 records 10900 terrorist attacks of all kinds around the world which killed more than 26,400 people. The top three perpetrators were Islamic State, the taliban and alshabab. Overwhelmingly the terrorism is driven by radical Islamist Groups. I wanted to begin with a question about those groups. The ways in which they have used the Technology Developed in the west. Yes. To organize, to mobilize and build far Bigger Networks than al qaeda had back in 2001. Talk a bit about that, educate us about how the networks currently operate. Well, thanks. I wanted to start by, you know i was listening intently to my colleague, h. R. And thinking here we are talking about operations. This is cyber. Here are the people our adversaries using cyber. And in the 15 years that ive been in the United States, the one thing maybe even since 1989, the one thing we rarely talk about, ideas, ideologies and grounding principles. So when h. R. Said the core of our identity, i automatically assumed very subjectively that the core of our identity is are these Classical Liberal ideas that the United States is established upon. And what we then forget is that there are in fact people who organize, who have political and social frameworks that are radically different from ours. So when you think about islamism, it is a political and social philosophy with a religious underpinning. And when the agents of these or the poem who believe in these ideology i think you look at islamism and you see a tree with two main branchs. And one branch is the use of violence to achieve their aims, to achieve what they think of as their utopian idea. And the utopian ideal is to establish a society on a local level, regional level and maybe global level to achieve an end goal, that society is based on the rule of god. Thats their interpretation. Thats their organizing philosophy. Now, does this think of it as a true. One branch is the use of violence to reach that goal. And thats called jihad. And i think most americans everywhere i go i ask people ask raise your hand if you think you know of the concept of jihad. Just raise your hand. And thats exactly it. A lot of people, maybe 80 to 90 of a room like this will say ive heard of the concept of jihad, read about it, im familiar with it. And then i asked people raise your hand if youve ever heard of the concept of dawa. Sorry. Its one, two, three, four its always a minority. But that is the other main branch of the islamist tree. And what does that mean . It means that the believers in in particular political and social philosophy that has the underpinning in religionouses or puts together an effort in engaging in campaigns, afrgts, thinking, propaganda, in short it is the effort to promote the ideas its the effort to persuade. And thats where cyber comes into. I know that when it comes to jihad and we are focusing on that, and you know these big companies, google, twitter, whatever, they focus on the jihadi aspect. When are they plotting a terrorist attack . Where is the attack going to be . What kind of medium is that going to use . Thats all under the branch of jihad. But when it comes to dawa you have to ask yourself, how are they using cyber to raise awareness to recruit people to their cause . How are they using sieber to organize, strategize, Exchange Tips and tactics . How are they using cyber to raise money . And yes, information warfare. How are they using to propagate conspiracy theories. The United States of america is out to get all muslims. That is one Conspiracy Theory. They are colluding with the state of israel to destroy islam. Thats another Conspiracy Theory. If you ask me i will say the concept of isla