That defined what progressivism is said one of the first to use that to sell to identify. He was the United States senator that was recognized by his peers in the 50s as one of the five greatest in American History in a proponent of world war i, he stood his ground to advocate for free speech. He was about the people. After the civil war america changed radically from a nation of Small Farmers and producers and manufacturers and by the late 1870s 1870s, eighties and nineties we had concentrations of wealth and inequality and concern about the influence of money and government. He spent the later part of the 1890s giving speeches all over wisconsin 51 to the speaker for your groupon bob would give a speech. County bears, every kind of event that you can imagine. And by 1900 he was ready to run for governor advocating on behalf of the people. He and had an issue of the direct primary no more electing candidates at conventions. Number two, a stop the railroads. The assistant attorney general john carlin. [applause] thank you for your warm introductions and inviting me to the annual csec [applause] thanks for your warm introduction as well as inviting me to the annual summit. Le in the National Security. In establishing an annual gathering focused on Cyber Security challenges, the chamber of commerce continues to demonstrate its commitment to keeping the nation secure and lower the barriers for the the businesses to compete fairly in our global economy. The fact that this is your third annual Cyber Security summit is a testament to the growing magnitude of these threats and your commitment to make cybersecurity central to the business plans. This is an important business issue and one that i know the chamber has exercised as a part of its national Cyber SecurityAwareness Campaign which kicked off in may. In the campaign roundtable events that occurred throughout the country the chamber stressed the importance of the Cyber Risk Management and reporting Cyber Incidents as to the Law Enforcement. I couldnt agree with these two recommendations more. Todays event is our opportunity to discuss how we can take the steps and others to best protect ourselves and to the nation. Cyber security threats affect us all and they affect our privacy for our, our safety command our economic vitality. They present collective risk and disrupting them is our collective responsibility. The attackers we face range and sophistication, and when it comes to the nation states and terrorists, it isnt fair to let the private sector face these threats alone. The government ought to help. We do and we need to do more. At the National Security division we focus on tackling Cyber Threats to the National Security. In other words those posed by terrorists and nationstates. I will talk a little bit later about how we have restructured the division to focus on bringing all tools to bear against these threats. Likewise, Chamber Members have an Important Role to play in our strategy. Youve are looking for the consequences living through the consequences with alarming frequency. According to brookings and 97 of the fortune 500 companies have been hacked. Price water cooper house released a report that found the number of detected Cyber Attacks in 2014 increased 48 over 2013. As fbi director james comey noted there are two companies in america those that have been hacked and those that dont know that they have been hacked. So we are on notice and we are all targets. I would venture to say that everyone in this room has been affected by a Cyber Security breach. At best a minor inconvenience, reissued credit card, at worst a devastation to the companys reputation, loss of Customer Trust and injury to your bottom line. Without taking proper steps it is a question of when and not if the public major breach will occur. With that will come questions about whether you did enough to protect your company, your customers and your information. Have you thought ahead to the day when you will have to face your customers, employees, board and shareholders when you have to notify them that somebody has infiltrated your company installing your most valuable and private information . If that day was today could you tell them that youve done everything in your power to protect your companys future . Had you warned them of the risk would you be able to say that you have minimized the damage . Do you have a plan . It is a daunting scenarios that there is no surprise that surveys of the general counsel around the country identified the cybersecurity as the number one issue on their minds today at the surveys also show that over a quarter of the fortune 500 Companies Still dont have an established response to the cyber intrusions. This is a Risky Business and we know that we will never achieve the defenses that will remain vulnerable. But you can take step is to mitigate the risk, protect yourselves and companies and ultimately the cybersecurity of the United States. Weve identified for each central components of the corporate Cyber Risk Management. First, he quit and educate your self and make sure that you have a comprehensive cyber Incident Response plan and review it. Ive spoken with many ceos and councils that have not reviewed or cannot decipher their companies plan. These are Risk Management decisions and we cant manage the Corporate Risk if we dont understand it. Who is involved and who needs to be notified in a major breach and what will you disclose and when will you notify the client, while enforcement and the public . Second, note that your contacts create risk. Actors can exploit outside vendors no matter how easily and your defenses may be unique to worry about those outside the company that you do business with and consider guidelines to govern the access to your network and ensure that the the contracts require vendors to adopt appropriate cybersecurity practices. Third, protect your bottom line. Companies are increasingly considered on Cyber Insurance and you should consider how this may fit into your Risk Management strategy. Cyber insurance may offer some financial protection and also incentivized companies to audit the defenses. Finally do not go it alone. Some of our attackers are linked to deep face military budgets and resources and when they are it is not a fair fight to take on the loud. We must Work Together so it can be one more complaint of the Risk Management strategy. As more breaches are acknowledged, the public will ask how quickly and effectively you responded and asked leaders will have to answer to the shareholders, board members, customers, the media and the public. You will want to say that you did everything you could to mitigate your financial loss and your reputation will depend on it and we can help. We may be able to take actions to disrupt and detour. You are on the frontline of the battles but we are with you. We are committed to working with you to protect the networks can identify the perpetrators, disrupt their efforts and hold them accountable. At the department of justice this is among our top priorities. At the National Security division we recently appointed new Senior Leadership to strengthen our capacity to protect our National Assets from Cyber Attacks and economic espionage. We created and trained the nationwide National Security cyber Specialist Networks to focus on combating Cyber Threats to the National Security. These are specially trained prosecutors and every Attorneys Office across the country. And as the doj we will follow the facts and evidence where they lead weather to a disgruntled employee or a loan hacker to a syndicate in russia or yes even a uniformed member of the chinese military. Indictments and prosecutions are a public and powerful way to which we the people governed by the rule of law legitimizing to prove your allegations. As attorney general holder said it may enough is enough. We are aware of no nation that publicly states the information or commercial gain is acceptable and thats because its not. Nevertheless in the shadows so me and coverage and support corporate theft for the propagandist ate owned enterprises and we will continue to denounce those actions including by bringing criminal charges and we wont stop until the crimes stop. A core part of the response must be disruption and deterrence to raise the cost to people that commit these and to detour others from emulating their actions. Of course we recognize that the Justice System is just one tool in our toolbox and in addition to prosecution we are working in conjunction with partners to explore how to play the designations and other options to confront the challenges. These changes help us fulfill our responsibility and help us work with you because we rely on cooperation to bring the cases from identifying the malware and its functions to pinpointing the location of the servers come in demanding botnets and removing the Malicious Software from computers. Take as one example last springs takeover of that description a big success for our colleagues in the criminal division. This wouldnt have been possible without close cooperation. As the fbi put it, it was the largest fusion of Law Enforcement and industry partnerships ever undertaken in support of the fbis cyber operation. Across the International Boundaries and affected hundreds of thousands of innocent users computers. We recognize one of the best ways to protect the nation is to support you in your efforts. Thats why he and 2013 that federal agents involved over 3,000 companies that their Computer Systems were hacked and that they are working to provide the Additional Information as much as they can about the who and the how and every day the fbi works with Companies Targeted by the activity ranging from the lowtech denial of service to the sophisticated intrusions by statesponsored military support units. We are not limited to helping in the aftermath of an intrusion nor do we see our role as only a collector of information we also share Sensitive Information with you so you can defend against the attacks and engage in the disruption efforts. In the past year alone the fbi presented over 3,000 three dozen specific briefings to Companies Like yours. The information we share may enhance your ability to detect future intrusions into your engagement with Law Enforcement can help connect the dots between your breach and a broader threat. We may be able to help identify what was stolen, locate the perpetrator of the attack and in certain cases mitigates the effect of the past intrusions. Given the importance of the cooperation the department of justice is committed to lowering barrier of sharing information through extensive meetings which are inhouse legal teams and learn what you perceive to be the hurdles to the cooperation and we are working to address them as we can. We clarified certain laws and antitrust statutes are not impediments to sharing information with the government. We understand trust on both sides is an essential predicate and about our work with you weve been striving to protect the Sensitive Data including trade secrets, detailed of the architecture and the personally identifiable information. The bottom line we can help you manage your risk and you can help us keep our nation safe. The commission concluded recently in its ten Year Anniversary report that we are at september 10 levels and preparedness and they warned that history may be repeating itself in the cyber realm. We must stand together to keep that from happening. We also prepare ourselves for data that we can see coming over the horizon. If we think about the tools for cyber criminals use, the Intrusion Software affecting millions of computers, botnets used by criminal actors the tools are generally used for financial gain but it doesnt take much imagination to imagine these tools can also be used to disrupt or destroy. Terrorists have stated that they want to exploit the vulnerabilities to harm our way of life. Al qaeda announced its intent to conduct civilian attacks in the financial system. In the department of homeland security, recently confirmed that the investigating the two dozen cybersecurity medical devices and hospital equipment that could be exploited to injure or kill a patient with a few strokes on a keyboard. The threats are real. We know the terrorists have the intent to acquire the Cyber Capabilities and that if they succeed in acquiring them that they wont hesitate to deploy them. Its a race against time and one with highstakes consequences. If the department for also looking at the gaps. Most were not written with cyberspace in mind and they dont contemplate the access of the extraterritorial crimes. They dont facilitate the multijurisdictional and they dont empower us to bring the authority to bear swiftly and effectively. We are committed to working with the relevant law or rule makers that support not a rising of the law. The cyber legislation in several areas including information sharing is needed. I want to conclude my remarks by discussing the perceptions of being hacked. Among the consumers there is a growing understanding that companies are going to get breached but that doesnt mean we turn the other way. There is a downside to taking the approach to the cyber threat. Consumers expect companies will adopt industry standards and when these intrusions happen as we see the consumers expect companies to respond promptly and acknowledge the intrusion publicly and cooperate with Law Enforcement to mitigate the damage. The chamber of commerce and its members are uniquely positioned to drive the corporate change to ensure that the companies and partners treat the cyber breach as much as technical problems come into recognize that Security Operations are not insulated from the Business Operations and to discuss to the boards and employees and industries the importance of Cyber SecurityRisk Management. As we face ever more threats in cyberspace which incorporate the publicprivate cooperation into the toolkit the threats are not but threats are not letting up and neither should we. Thank you very much for inviting me. Questions for mr. Carlin . Lefty rely on you. I had. I had a radio show at the National Press club on Climate Change. In my radio show i deal with a lot of ngos that dont trust the government and when they see the government partnering in the private sector, they get really nervous. Ideally there was a chamber of commerce that hired a number of offensive cyber firms to engage in the Cyber Attacks against some of these ngos. I dont know that the department of justice or anyone else in the federal investigated or prosecuted that. Im not sure on the liability repercussions. And it is really thick among the Community Working on the Climate Change into a lot of other things when we consider the full weight of the government and the private sector standing on our backs. What i would like to know if have you considered that the federal government might reassure all americans that its working to protect everyone and not protecting members of the chamber of commerce when things like this happen. At its private consumers, companies or nonprofit organizations, and in fact we have seen too often got they are targeted on the cyber attack bday by the nationstate adversaries or criminal groups. And so i would encourage those who are who suffered a breach to come and work with Law Enforcement as the crying as they would have in any other circumstance. And we would be happy to work and are working on cases like that all across the country other questions on todays topic if you would please politico cybersecurity. Youve spoken in the past on the indictment of the chinese officials and all of the government approach. The problem in those remarks it was promised that this is not the end, this is a new normal. What are the type of circumstances that will lead to more aggressive movements by the government against the nationstate what types of things are sort of the threshold to see more of the tools being deployed . I think for too long when it came to the nationstate actors there was a lot of good work being done on the intelligent side of the house to find out what was g