Morning for the longest 13 hours of my life, i worked with my staff to track down testimony that had been submitted in the Committee Hearings that had not been read. During the next hours, i read every single one of their stories out loud. With aere real people very, very personal stories to tell. Many of whom had never, ever given voice to their story before. To another human being. Worried, my staff was that i was reading them a little too fast because 13 hours, as you can imagine, is a long time to fill. But amazingly, throughout the day as word spread through the what wasbout happening, our email started withng up filling up stories that were coming in from women and men all over the state of texas. In fact, by the time that it was over, we had received over 16,000 personal stories. Hungeringple who were to be heard. I have to tell you at some point during the day, i stopped worrying about earning afford about running out of time or running out of stories, i started worrying about running out of time did when i stood up at my desk that day, i had no doubt that filibustering the bill was the right thing to do. But i had no idea that it would trigger such an overwhelmingly positive response around the country. Across the state and of course across the country, there was an outpouring of support from texas women. Thinge most remarkable about it is that stories that otherwise never would have been told were suddenly national news. Heard ins that we support of my filibuster that night are not the ones that we normally hear amplified across the state of texas. And i think a lot of people who live outside our state are surprised that the even exist. But texans know that the voices in our state that shop the indest have not often been one that speak for everyone. That night, the nation was introduced to a force within our that is going to have a lot to say about the shape that the future of texas takes, the shape that america takes. Entireill show the segment with wendy davis, texas state senator, tonight at 8 35 p. M. Eastern here on cspan. Mayor and Council Chairman vincent gray face each other in one of the most contentious and expensive elections in bc recent century. In d. C. Recent history. Vincent gray won the public over as an affable and effective chairman. Shortly after gray took office in 2011, brown, who had also run for mayor, told the Washington Post that he was paid and offered a job in exchange for disparaging information during the election. Federal investigators soon discover that much of brown for the story was true. They also uncovered david even bigger secret the shadow campaign. Basically you had a campaign that was going on, the regular campaign easy, and then you had another set of folks who were in an office right next to the great campaign. During the campaign, there is so much going on im a unit several workers actually complaining, several official workers complaining about the other workers because they felt that they were getting paid more, and there was a lot of confusion as to who was paying them, etc. It was not until a year later that folks started putting things together when federal investigators began asking questions, and they realize wait a minute, the folks who were next door, we cannot find any record of them in the canon the campaignfinance records that we see. So how did those folks get paid, and who was in charge of them . Nikita stewart looks aggression in looks at corruption in d. C. Politics. The former director of the cia and nsa Michael Hayden talked about the electric grid and protecting it from cyber attacks. He talks for about 50 minutes. Good morning. If everybody would take a seat. I amnt to welcome everyone. Joe krueger, director of environment at epc. Bpc. For those who dont know us, bpc was founded in 2007 by four Senate Majority leaders. We like to say we are bipartisan, not nonpartisan. We work with people who are strongly partisan of various parties, but who believe with good and rigorous analysis, negotiation, and respectful dialogue, you can actually come to agreement on policy issues. It sounds crazy, right . But it is what we do. I think it is needed now more than ever. Cybersecurity really is a type of issue that can and should be bipartisan. We will hear from our keynote speaker in a minute that the threats are real, and we will hear that from a lot of the speakers today, and the potential economic and human cost of a successful cyber attack are potentially huge. So this workshop today is to sort of look at, are we ready for this . What is going on within the government and private sector . What still needs to happen . It is part of a Broader Initiative at bpc on cybersecurity, a joint between home and security and cyber security. Our goal is to develop recommendations for how multiple and sometimes overlapping agencies plus private companies can protect north american grid from potential cyber attacks. Our frame we are using is not a really technical necessarily what should each specific company do to protect their operations, but the frame is governments. How to get organized to address these threats. Things like, who is responsible for preventing attacks . What is the role of government . And by government i mean federal, state, and local government. There are some standards already with the electric grid. Are more standards needed . Are there other approaches that would be more effective . Those are the kind of issues we are grappling with. How do we share intelligence between private sector and the government . And how do we ensure there are appropriate privacy protections while we do that . If there is an attack, how do we limit that and how do we respond to that . How do we respond so we are prepared for that . Our overall initiative on cybersecurity is chaired by general hayden, cochaired by general hayden whom we will hear from in a moment, and were also working with a good group of experts on cybersecurity and we expect to release a report with some recommendations for policymakers in the fall, so stay tuned for that. I am going to stop there. Thank you for coming. Thank our partners for helping us with this workshop. One housekeeping thing, the end of each session, we will have time for questions and there are microphone stands set around the room. We ask people to come up and introduce yourself before you ask your question. With that, let me introduce my colleague, carrie lamack, who is the director of bpcs Homeland Security program and she will introduce our keynote speaker. Thank you. Good morning. I know you didnt all come here to listen to me, so i will make this short and sweet. Im the director of the Homeland Security project at the bipartisan policy center. For those not familiar, it is chaired by former governor tom kane and former congressman lee hamilton. They were cochairs of the 9 11 commission. They have come together with a group of 14 other experts to do their part to make sure our country is keeping vigilant and remaining ready to sort any threat we face. Cybersecurity is something a lot of people are talking about, but not a heck of a lot is known on what to do about it. That is why were so thrilled to be working with the energy team at the bpc on this very important electric grid cybersecurity initiative. Today we have general hayden to speak to us this morning. He is the cochair of this initiative. General hayden is a renowned expert on the issue of cybersecurity. He was the director of the cia and nsa, now a principal at the Chertoff Group. He is going to spend a few minutes talking about the threat as he sees it and then we will open it up to q a. We will be happy to hear your thoughts in his answers. General hayden. [applause] good morning. Thanks for the chance to chat with you today. I will try to limit my transmission up here to about 20 minutes or so and then leave about 15 minutes for any questions or comments that you might have. As i already suggested, my purpose here is what my army buddies used to call the big can the little map. I get to do the strategic overview. What you have following me are people far more expert than i in the specific definitions of the problem and specific responses to the problems that i think were all going to identify here today. Folks in government, folks in industry, federal government, state and local government, think tanks. Perhaps begin to map out a way ahead that we certainly want to see reflected in our final report. Let me begin. Big hand, little map, broad concepts. As the day goes down, we will get into specifics. This cyber thing is pretty important and i think it is here to stay. We kind of messed it up. I actually did that at a black hat conference about four summers ago in las vegas. Im in the ballroom of Caesars Palace with 3000 reformed or semireformed hackers, kind of leaned into the darkness out there with the bright lights on me and said, look, as an american g. I. , i view cyber as a domain land, sea, air, space, cyber. I know who did these four and frankly, i think you did a reasonably good job and i think i know who did this one, and that is you and i leaned into the darkness and said, and i really think you messed it up. Thankfully, no one said, get a rope. The response was kind of mild giggles. And we moved on. But we did kind of screw it up. Look back at the history of this thing. We are lucky enough to have the people who created this still among us. Vince serf comes to my class to talk to students, been out there at stanford and starting to plug things in and respond to the statement of work from arpa, you me something that connects a number of labs and universities so i can move information quickly and easily. Keep in mind what that statement of work was. Quickly, easily, limited number of notes, all over my trust. That remains the architecture today and the world wide web. That is why we are in the position we are in. It wasnt built to be protected. It made no more sense to build defenses into that original concept than it would be for you and i to put a locked door to join our kitchen and dining room. I mean, the whole architecture of the house designed to get food from the kitchen to the dining room while it is still warm, why in gods name would you put a lock door between the two . That is kind of what we built here. It is an unlimited number of nodes, most of which i dont know, and a whole lot dont deserve to be trusted. As clear as i can put it, statement of the problem. Let me go down one layer and talk about cyber sins and sinners since ive already suggested it is a pretty tough neighborhood. Three layers of sins. First layer, just dealing with stuff. Former defense secretary, bill lynn, pointed out almost all the things that we fret about on the web is in the range of stealing your stuff. It is cyber espionage, criminality, personal identifiable information, your pin number, credit card number. They are stealing your stuff. The second layer, and you will get the tone of this commentary in a moment that this is getting worse, the second is not just stealing your stuff, it is disrupting your network. Estonia 2007, remember patriotic Russian Hackers crashing the estonian internet system because they were mad they were moving the memorial out to the suburbs . Same patriotic Russian Hackers in 2008, invasion of georgia, brings the georgian net to its knees. More current, more problematic, more personal for you and me, chamoun virus, 35,000 hard drives wiped clean. Pick your enterprise. Imagine yourself going back to wherever you work and imagine 35,000 hard drives being wiped clean. You get the picture. Frankly, although our government has not announced yet, i think you and i know it is the iranians. Apparently, the iranians somehow feel offended and the cyber domain the iranians somehow feel offended in the cyber domain. Serial attacks against bank of america, wells fargo, Jpmorgan Chase and the list goes on. I spoke to a Security Office and says under normal day, they get hit 15,000 times. Theyre getting 3 million hits a minute at the height of the iranian attacks. A lot more disruption. Stealing your stuff, disrupting your network, and finally, using this domain up here to create affects not confined to my thumb, but effects down here. The most rheumatic is stuxnet. Stuxnet almost certainly conducted by a nationstate because it is too complicated to be done in your garage or basement. But given my background, former director of cia and nsa, blowing a thousand centrifuges i will describe what i just described to you in slightly different words. Someone almost certainly a nationstate just used the cyber weapon to destroy another nations critical infrastructure. Ouch. That is a big deal. You may or may not have seen me on 60 minutes about a year ago in which i characterized that as someone crossing the rubicon. Lives are going to be very different. Those are the sins. Who are the sinners . Nationstates. You know that. Criminal elements. The third group that i have trouble defining anarchists, activists, anonymous, will sec, 20 somethings that have not talked to the opposite sex in five or six years. [laughter] blessedly, the capacity to do harm is pretty much the way i laid out the taxonomy. Governments are by far most confident. Criminal gangs are the next layer. Then you have this group down here. As bad as governments could be, sooner or later they can be held to account. You have got criminal elements, and they can be pretty dangerous and they are kind of guns for hire, but fundamentally, criminals want to make money. They enter into a symbiotic relation with whatever their target is. And it is a strange creature, a strange parasite in nature who enters into a symbiotic relationship with a host they want to kill or destroy. So i think even criminals are somewhat limited. What worries me is this game down here. Right now they are least capable, but you know better than i, the tide is coming in on all the boats in the harbor are coming up. So this group is beginning to acquire capacities for maybe a year or two or three ago we equated only with some of the more confident, more capable groups. As time goes on, were going to see this group down here whose demands are actually hard to define, whose demands may be unsatisfied able, beginning to acquire the capacities that we now associate with nationstates. Let me drill this down to something specific. If and when our government grabs Edward Snowden and brings him back to the United States for trial, what does this group do . Well, they may want to come after the u. S. Government that, but frankly, it is about the hardest target in the United States if they cannot create great harm, then who are they going after . Who for them are the World Trade Centers . The World Trade Centers as they were for al qaeda . So i guess what im suggesting is, it is going to get worse before it gets better. I mentioned it being very hard up here. The me give you a couple of reasons why it is really hard for us to defend ourselves. Let me put you through a dod double and talk about intelligence and operations for a moment, but bear with me, i think there is a relevant point. Down here in these domains where, frankly, i conducted intelligence for most of my career, intelligence is what you do before the operation. You got to know your enemy before you conduct an operation against your enemy. So it is sequential. Intel first, operation is next. I also suggest to you as hard as intelligence was sometimes, intelligence almost always pretty close to universal rule intelligence gathering almost always was easier than the actual operation you are going to try to perform eventually. For example from the cold war, you got the soviet union and the missiles out there, threaten the United States. Finding those missiles was kind of hard. Deal with those missiles, much more difficult prospect, proposition. That is physical domain. Now up here to my thumb. Reconnaissance appear still happens before operations. You got to know the target before your operating against the target. But unlike the physical domain, the reconnaissance is harder. It is more difficult to penetrate and network, live on and undetected, extract what you need from that network from a long period of time, and continue to operate on it is far more difficult to do then figuratively or metaphorically taken the front door and something. In other words come up here, the attack, the disrupt or destroy thing, the attack is a lesser included case of reconnaissance. If i can live on your network undetected for intelligence purposes, i have already established far more than enough control to use your network for disruption or destructive purposes. Do you see the parallel im trying to draw here . That is why president obama in this years state of the union when he kind of makes a cyber point about midway through the speech talked about enemies on our networks. Enemies on our grid. And why that is so disturbing. If theyre on there and undetected, they already have whatever their intent, whatever they intend, they already have the capacity to do harm. Without question, the country is skewing our stuff the most is china. There is evidence if you read the white paper put out several months back about the chinese, there is evidence they are out there penetrating. Frankly, i find it hard to imagine circumstances where china would want to do something incredibly destructive to any american network, the grid, absent a far more problematic International Environment in which the cyber attack is itself part of a larger package of really, really bad things. Bear with me for a moment. I mentioned iran a few moments ago. What would prompt iran, second rate power overall but a very bright nation with technically competent people, what would prompt iran to try to inflict economic pain, economic damage on the United States . Sanctions . Sanctions with no hope of relief . What we used to call limited connecticut action against Iranian Nuclear facilities . Look, these are all fanciful scenarios and im not trying to be predictive up here, im just trying to be illustrative. It gets worse before it gets better. Ok, how do we make it better . Ok get the idea a lot of this is heading south. What are things we can do to stop it from heading south . What are steps we can take is a prudent people . It is much harder for us to defend ourselves up here. I already talked about the geography. We created it incorrectly. We didnt build any routines come oceans, so defense is very hard. But it is hard for anothe