Another like crowd today. Good afternoon. Before we get started i would like to bring up Homeland Security advisor tom bossert to tell you about executive order on Cyber Security at the president just signed. He will take a few of your questions and respectfully i ask that you keep your questions for him on the topic of the executive orders. Dont worry, i will come back and answer the rest of your pressing questions when he wraps up. With that i will turn it over to tom. Tom bossert thank you. Thank you very much for your time. A couple things positive to report. The first is that President Trump about an hour ago signed an executive order on Cyber Security. That executive order is going to keep his promise that he has made to the American People to keep americans safe. Including in cyberspace. I would like to do a few things. I promise we will district distribute the executive order. I will preview it for you, walk you through it and then take your questions. Among other things, at least as an observation for me i think , the trend going in the wrong direction in cyberspace. It is time to stop that transfer trend and reverse it on behalf of the American People. We have seen increasing attacks from allies, adversaries, primarily nationstates and not nation state actors. Sitting by and doing nothing is no longer an option. President trumps actions today is a very heartening one. There are three sections. They are in priority order. The First Priority for the president and for our federal government is protecting our federal networks. I think its important to start by explaining we operate those federal networks on behalf of the people, and they often contain the American Peoples information and data. Not defending them is no longer an option. We have seen past efforts that have succeeded and we need to do everything we can to prevent that from happening in the future. A few things on federal networks. We have practiced one thing and preached another. It is time for us, and the president has directed his departments and agencies to implement the framework. A Risk Reduction framework. It is something we have asked the private sector to implement and not force upon ourselves. From this point forward departments and agencies shall practice what we preach and implement that framework for Risk Management and Risk Reduction. Second, of note point, protecting federal networks, we spent a lot of times and inordinate money protecting antiquated and outdated systems. We saw that with the opm packed hack and other things. The president has issued a preference from today forward in federal procurement of federal i. T. For federal services to protect ourselves instead of fracturing our security posture. Third point i would make is the executive order directs all departments and agency heads to continue its key role, but also centralizes risk. We view federal i. T. As one Enterprise Network. If we dont do so, we will not be able to adequate understand that adequately understand what risks exist and how to mitigate it. A number of thoughts on that. Among other things that will be a very difficult task. Modernizing is imperative for our security, but modernizing is going to require a lot of deference. The president s American Technology council will run it on behalf of the president in the white house. We have great hope there will be efficiencies but also security. I will note other countries have taken two or three years to learn we had in two or three months. You cant promote innovation without first thinking through Risk Reduction. Doing that together is the message we have learned. Doing it together is a message we would like to encourage private sector folks to adopt. Point number two in the executive order, the president directed the cabinet to begin the hard work of protecting our nations most critical infrastructure. Utilities, financial and Health Care Systems, telecommunications networks. He directed them to identify additional measures to defend critical structure. And promote the message that doing nothing is no longer an option. And not only requires the departments and agencies to help those critical infrastructures, but to do it in a productive since. Sense. A towards action. We have seen bipartisan studies and observations over the last eight years. Both parties have made powerful recommendations. They have not been adopted for various reasons. This executive order adopts the best and brightest of those recommendations in my view. I will stop with those three and take questions. Actually, if i could brian, go ahead. Reporter was the russian hack in any way responsible or and if it is for this . I talked i. T. People who say putting stuff on the cloud can be problematic as far as security. What additional security measures will you apply to the cloud to make sure it is not as risky as some of the i. T. People tell us it would be . Mr. Bossert let me say three things. The third section of the executive order speaks to two halves. Its base to not only the need to develop the norms and interoperable open to medication system that is the internet. United states invented the internet and is time to maintain our values on it. It speaks to a deterrent policy is long overdue. The russians are not only adversary on the internet. The russians are not the only people that operate in a negative way on the internet. The russians, the chinese, the iranians are motivated to you cyber capacity and cyber tools to attack our people and their government and their data. That is something we can no longer abide. We need to establish the rules of the road and determined those that do not want to abide by those rules. The answer to your first question is no, it was not a russian motivated issue. It was the United States of america motivated issue. Reporter and the cloud . Mr. Bossert we dont move to shared services, we have 190 agencies all trying to develop protection and collection efforts. I dont think thats a wise approach. There will always be risk. The question is are we still at risk . Yes. Im not here to promote the year of the president has signed a second order and create a cyber secure world in fortress usa. That is not the answer. But if we dont have shared services, we will behind the eight ball for a long time. Thank you. Reporter sitting around doing nothing. Is it your contention that that was the Obama Administrations a approached the Cyber Security sitting around doing nothing . , you talked about one Enterprise Network. Does that mean every system throughout the federal government under this executive order, the ambition is to make them all the same and protect them in the same way . Mr. Bossert no. I will answer those in reverse order. We need to view the federal government as an enterprise as , opposed to just reviewing each department and agency as its own enterprise. The department of Homeland Security and secretary kelly will play a large role in this effort and lamenting the second executive order. The Enterprise Network covers 340,000 employees and the contractors and so forth. They are responsible and the secretary of each agency will remain responsible for securing those networks. We need to look of the federal government as an enterprise as well so we no longer look at the opm and said he can defend the network but the money commiserate for the opm responsibility. Opm is the crown jewel of our information on all of our background and security clearances. What we would like to look at that and save the highrisk, bear t for us to bare. Maybe we should look at this is an enterprising put collectively more information to protect them than other was put into opm looking at the relative importance. Not just their budget is based webbased on what they do. Not just their budget but based on what they do. Each department and agency has a responsibility to protect their networks, but now they identify the rest of the president so we can look at what they have done and what risk they know they are accepting but not not mitigating. Theres a lot of identified risk, but not a lot of identified with on remediated risk. We have seen other countries, israel, adopt a centralized view of Risk Management and acceptance. The second question reporter was that the previous administrations approach from your Vantage Point . Mr. Bossert i think the observation is we have not done the basic block and tackling. Right . Thinking of the internet is something the American People benefit from. What weve done is focus on the federal i. T. Portion. I think a lot of progress has been made in the last administration but not nearly enough. I think we will change that. Looking at this from the perspective of a deterrent strategy, yes, they should have done that and had an obligation to do it and did not. Reporter i wonder if the administration might know what constitutes an act of war . Mr. Bossert there is a lot we will talk about with what constitutes a cyber attack and what is war and not. I think the most important answer is we are not going to draw a red line in cyber war at this point today. That is not in the direct scope of the executive order. It would violate the president s primary mission to not telegraph our punches. If somebody does something that we cannot tolerate we will act. , reporter the goal is to secure the internet as something americans use and enjoy. The technical standards for most things on the internet are put together by Many International standards organizations and engineers and things like that it often are not in the United States. Has it been any talk of outreach to these sorts of bodies try to build in security for the next generation of protocols . Mr. Bossert absolutely. The message is not just protecting the people of america. We have an America First perspective, but the idea of having likeminded people with similar viewpoints like our allies developing with us the open operable internet is something key to figuring out how we will define what is and is not acceptable. Cut off the internet at our borders and expected to operate in a viable way. If they are good ideas that are germany, we will take them. If there are good ideas on a few peoria, we will take is as well. Reporter will there be tech leaders coming here . There are reports the president had a few phone calls with someone like Mark Zuckerberg. Should we expect to see some of someone like Mark Zuckerberg working closely with administration when it comes to that counsel . Mr. Bossert instead of telling you who the president did in not talk to there is a lot to be , learned from private industry. That stuff needs to come into the white house in an appropriate way. We talked on a regular basis to leaders, some that are technical leaders and some that are business leaders. My point of calling out the American Technology council is to point out they will have a leadership role in modernizing federal i. T. That has a lot of reasons. These are the cost savings that are beyond just security. The executive order speaks to the security component of it. I would directly to the American Technology council and their efforts to think about those other efficiencies. As an example, weve heard numbers that suggest the federal government spends upwards of 40,000 per employee on their i. T. Service costs. That is so out of line with the private industry that secretary have a hard time believing they are making a lot of money off of a company that poorly invested their dollars. You will see innovation come from those leaders. Then in terms of what will you see, i dont know how to answer that specifically. I would like to take the opportunity before sarah pulls me to thank two or three people. One is mayor giuliani. I would like to thank him for the vice given to me and the president and others as we formulate this thinking. I would like to thank representative mccaul and a few other members of congress. Senator nunez, collins, senator mccain in particular. Senator burr. There are a number of people that provided thought leadership and it taken action to pass legislation all the things that , improved our Cyber Security in the last eight years. I dont want to be critical of things that happened in the last eight years, but i look forward to improvement. Reporter a former Obama Administration official who dealt with other countries and other entities in other countries said there were tens of thousands of attempts to hack into Government Systems daily. Can you quantify that, confirm or deny that . Mr. Bossert no. The answer is we see that happen and within we then start getting into a numbers game. What i think would be a better argument, not the cut off the question, it is a reasonable but one, the better answer is for us to figure out how to provide a better collective sense of defense of federal i. T. Networks and data we operate. If we do it based on an individual attack basis, we are probably looking at it in the wrong way. Reporter where the correct when they said entities from around the world . Mr. Bossert without numbers, the trendline is going in the wrong direction. We see additional attacks additional numbers, additional , volume and occasionally additional successes that trouble us. Thats how i can quantify that for you today. You are welcome. Thank you. Reporter can you say why the cybersecurity order was delayed . This was going to come out one day early in the administration. There has been a lot of talk about concern from Silicon Valley and tech leaders with the direction it was going. Do you have some sense of the kind of support this order has or not from the tech world . Mr. Bossert i will answer and reject part of your question. I think it will be clarifying. First of all, i reject some part of your question. We did see some concerns, but i dont think they remain. I look forward to their response after they read the president s executive order today. One concern arose when they read the voluntary call from the president s order, which reduces greatly the number of bot attacks in the United States, and reduce the number of denial of service attacks. That will require a lot of cooperation between owners of privately held companies. From Service Providers to manufacturers of goods. Those things are going to have to happen voluntarily. What the president calls for is that for the government to the basis provide the basis for the coordination without defining who is in and who is out. Its a voluntary operation. We have have the technical capacity to come together on behalf of the American Public. The president was them to do that. Hes asking for the secretary of home insecurity and secretary of commerce to facilitate that. What we thought we saw was reflections of a concern that there would be a compulsion. I think that is something i can put to rest today. But if i could, the broader question of delay. I dont take that either. I think we having criticized for doing things too quickly in our being criticized for doing things too slowly. Maybe im right in the middle of the sweet spot, but the president has hit the timing perfectly and i will tell you why. One of the block and tackle things was get the money right. He has picked a cabinet full of know Business Operations and business functions if you dont the right money and back off the infrastructure to implement those things, you have to change your vision or change your amount of money. I thought you might ask that question. The first a predictably answered. We dont take innovate on the policy innovation side and the policy Security Side without doing that in tandem. He saw the president sign on friday the Technology Council any sign today the Cyber Security order. Lastly, in between now and then the president s fy 18 budget allocated 219 million. An increase of 1. 5 billion across all environments departments involved in cyberspace. Both his first budget request in his future ones the right size and align that amount of money to keep america safe. That might answer all three components of your question. Sarah wants to pull me away so you for your time. I appreciate it. Reporter you mentioned facebook, they are very political. Sanders he will be happy to come back to questions later even later. He was wrong about one thing. I wouldve gladly let him stay up here and talk about Society SecurityCyber Security. A few announcements and as promised it will get to all of your many pressing questions. I would like to announce the president also just signed another executive order establishing a bipartisan president ial Advisory Commission on election integrity. This will be chaired by Vice President mike pence. The president is committed to the thorough review of registration and voting issues in federal elections. That is exactly what this commission is tasked with doing. The Bipartisan Commission will be made up around a dozen members, including current and former secretaries of state with kansas secretary of state chris coop serving as ice chair. That will include individuals with knowledge and experience in elections, election management Election Fraud detection and , voter integrity