Epidemic, and that is very inspiring to us, to see these small news organizations that are struggling because they have lost so much advertising over the past decade, and still putting resources into this story is really important. So we cheer all those people on. Ms. Casey where does this go from here . Mr. Rosen i think the story that we did will get local television stations now to say lets cover it in our area in the bigger way. Lets not just cover the car crash or local three alarm fire, lets devote resources to this. When that happens, here is how it works in washington. Those stories happen, people at home get outraged, they call their senator and congressman, the senator and congressman look at the mail and the incoming phone list, and says oh, i better do something about that. Legislation has been proposed maybe to remedy it. Law enforcement, maybe the vote is more resources in a proper way. To theely, it goes executive branch that says this is going to be a big voting issue in 2020. And then it happens. In many ways, it begins with the media coverage. It is being recognized now in the local level, which is from we most important level at the media in the moment. And once it finds its way to washington. Ms. Casey should we watch out for more collaborations between you . Mr. Higham yes. Mr. Rosen yes. Ms. Casey ok. [laughter] youcasey anything else want to say about that . The journalist in me is mr. Higham we will not be doing the chicago cubs. [laughter] ms. Casey gentlemen, thank you so much for sharing some insights into your reporting. Let me remind you we have been rosen, producer at 60 minutes and responsible for the story there, and our reporters at the washington m and lenny higha bernstein. Thank you for joining us today. You can follow all of our Upcoming Events at washington ostlive. Com. [applause] cspan recently sat down with Hillary Clinton to discuss her new book, what happened. She gave her reaction to a recent speech by george w. Bush on the current atmosphere of american politics. Bush on thursday talked about the cruelty in american politics. He did not mention the president by name. Your reaction to what he said . An clinton i thought it was important speech, and i really appreciate it president bush delivering it. He covered a lot of ground. He talked about how White Supremacy is an absolute blast to the blasphemy american creed. He talked about the importance of listening to each other and working with each other. I did not always agree with president bush, as i think any democrat sitting across from me would say, but i never doubted his patriotism, and i never doubted that he worked really hard all day, went to bed worried, woke up concerned about what he would do, i was in the oval office with him two days after 9 11 as a senator from new york. I looked into his eyes, i understood a lot of what he was having to face. And so i appreciate him coming out and making a thoughtful critique of where american politics is right now, because we are on the wrong path. Watch our interview with Hillary Clinton, talking about her book, what happened . That is on book tv on cspan two. Next on cspan, a look at enforcing Immigration Laws and strengthening Border Security with acting immigration and Customs Enforcement director Thomas Holman. This is one hour and a half. Good morning, welcome to the Heritage Foundation and our douglas and serum douglas and Sarah Alderman auditorium. For those inhouse, we would ask thatlast courtesy, to see your mobile devices have been silenced or turned off, and for those watching online, you are welcome to send questions or comments at any time, simply emailing speaker heritage. Org. Leading the conversation is paul rosen flies, the former director of policy of the u. S. Department of Homeland Security. He is also the founder of red red branch consulting, as well as the Senior Advisor to the group. He is a professor lecturer and law ath in law in George Washington university, and has a background in National Security as well as a editor to the welfare blog. Please join me in welcoming paul rosen flight. Paul . [applause] it is great to be here, it is an honor to be asked to host todays event. I want to welcome you to the heritage allison auditorium. Our discussion today about immigration. Immigration has had a storied history in american life, beginning of course back with the founding and continuing to this day, it has in many instances and times been a contentious subject. If we think about immigration, we could probably identify three basic themes that have animated the debate. Some look at immigration and see it through the prism of commerce. They see borders as controls on the free flow of goods and labor , and they see immigration issues as ways of resolving what, if any, should be the appropriate way of managing the flow of labor across borders . Others look at immigration and see it through the prism of cultural significance. A nation is defined by those who live with in it, and Border Control,nd immigration more or less, allow the country to define who its citizens are, who may be in the country, and thus define the nature of the culture that that nation expresses. Is one ofprism security. National security, personal security. They see borders as defining a Defensible Space and immigration as a way of enforcing that defense to the betterment of the national commonweal. It is, i think, fair to characterize the debate between these prisms of immigration as an ongoing one, certainly since the last steps of Immigration Reform in congress in the 1980s. We as americans have been engaged in a vigorous debate as to which of these conceptions of immigration state take a prominent. The Obama Administration is, rightly, i think characterize as having leaned heavily on questions of commerce and culture. Advancing them over issues of National Security, and the Trump Administration is also rightly seen as reversing some of those trends and putting a greater emphasis today on National Security issues as they relate to immigration and Border Security. The structure of our discussion today is going to be very simple. A are going to begin with short Panel Discussion with two of my colleagues from heritage, and follow that with a keynote address from tom holman, who i will introduce at a later moment. For now, let me introduce my two colleagues, daily david and sarah. Four foreign and National Security policy. He specializes in Homeland Security issues, including cyber and immigration policy, and the protection of Critical Infrastructure. David joined heritage in 2012. He holds a ba in government and economics from the college of william and mary, and a masters in Public Policy from george mason. Is hanscloser to me vons the coffee, who is an authority on a ride range of issues. Wide range of , and a senior legal fellow the coauthor with john fund of the book who is counting, how bureaucrats put your vote at risk, and obamas enforcer, eric holders justice department. Before joining heritage, hans served two years as a member of the federal Election Commission, the authority charged with enforcing campaign and finance laws for campaign and president ial elections. Lets begin with you, david, and some introductory remarks. Thank you, paul. I would like to focus a little bit on some of the problems and issues around Immigration Enforcement, especially from the perspective of dhs, and provide some solutions along the way. I know hans can talk a little more about what is going on from the doj cited things and with state localities around the country. Responsibilities on order and regarding immigration, but to notable ones two notable ones i want to point out today. The first is Border Security and interior enforcement. I will start with Border Security, because it seems most appropriate to start from the outside and work our way in. Border security gets a lot of talk in the United States, border barriers, walls, the number of order control agents, cameras, technology, these are the types of things that we have often heard during campaigns and we hear now itd make sense that we should talk about these things, the control of ones borders is the start of good enforcement. If you do not know who is entering the come read country, it makes subsequent enforcement efforts that more difficult. We have 674 miles of fencing on the seven border, that might be going up, around which 350 four are pedestrian fencing and 300 miles or vehicle fencing. Only about 30 miles have a second layer of fencing in the same place. In terms of staffing, at the end of 2016, the Border Patrol agents patrol had just under 20,000 agents. While there are many important arguments regarding more agents, additional barriers, and other things, i think it is important at this event to step back and talk about how Border Security investments are part of a larger enforcement system. Fencing, their ears, walls, these may dissuade some Illegal Immigrants from crossing into the United States, but in many cases, Border Security alone is not enough of a deterrent. Many Illegal Immigrants are going to cross the border illegally if they think once they get past the border, they are going to be allowed to stay. Nearny areas, the border mountainous and dented desert region, a border wall is just a short delay in what is otherwise going to be a several hour or day long trek to get to a city or town. Thise best way to stop ilLegal Immigration happening in these areas is to intercept these folks at the technology is essential. Finding these people to pick them up in those areas. Walls barriers and other are most essential are in these areas in your towns and cities. In these areas, cubicle immigrants can cross the border and quickly disappeared into the regular hustle and bustle of people, houses, and businesses. In these areas, those extra few minutes gained that takes Illegal Immigrants to block in order because of the barrier is an essential point of time illegalo detect the Border Crossing and get agents there to be able to respond and stop them. The best security is built around technology and border barriers that are tailored to regional needs. This is the approach endorsed by former secretary john kelly, who has testified that his recommendations would be it will all make sense here, Technology Makes sense over their. It needs a costeffective approach to Border Security is a wreck have forward. I want to move beyond Border Security. Why i want to move beyond is because i view the most important part of this enforcement puzzle as the interior enforcement being done by ice. Im very excited to have the iced director, because i have a key question. When an immigrant is picked up by Border Patrol, what happens when they get past the Border Patrol, when they overstate you legal visas, what happens . Some of theons are most important that we need to answer in this debate. If an individual believes that once they get past the border, they are unlikely to be deported, senses and Border Patrol are small obstacles in what is otherwise a safe tear in the United States. Even worse, if they believe they can turn themselves in and get interior, theys. Will definitely view a trip of the United States as having a high likelihood of success. Bordering we done in security and Border Control are ultimately sadly facilitating the movement of these Illegal Immigrants into the interior of the United States if we continue the policy of catch and release. Must be backed up by other parts of the immigration system. Price, immigration and Customs Enforcement, and the United States citizenship and immigration services, as well as parts of the department of justice. Border security will include more space, funding, and authority for these agencies so Illegal Immigrants can have these cases quickly and in an expedited manner when possible. This ensures that multiple that most are being in the interior, but are being removed as to not overwhelm the Immigration Courts. For immigrants that do make it to the interior, either by crossing the border or by overstaying a legal visas, interior enforcement is necessary to back up these efforts in the border. It is not enough to make it difficult to enter the United States, it also must be difficult for an illegal immigrant to remain and work in the United States lawfully. Once found illegal, they will be subject to removal through all the tools we have at our disposal and perhaps more. This includes increasing the use of removal, which i know the Trump Administration is already starting to do. Program, the 287 g which trains at the resizes stay and local lawenforcement to help enforce federal Immigration Laws. And properly improving an increasing workplace enforcement. Unfortunately, the Obama Administration is the opposite. It was significantly weakened by the modest the Obama Administration which reduced the number of individuals being deported. Returneddhs removed or 450,000 individuals. About 1. 2 million Enforcement Actions occurred. Of6 is the lowest levels removals and returned since 1971. As ive mentioned, the policy when somey to catch people tried kind of order to allow them to be released into the interior. The average wait times in Immigration Courts that have tripled under the Obama Administration. I think its upwards of two years for a court date. Together with the unlawful and unconstitutional deferred action programs known as dr. And daca, that reward and encourage nor does more agreement immigrations, enforcement was occurring and failed to deter more immigration. Thankfully, the Trump Administration began to reverse many of these policies. Its critical that it continues to move forward so we can deter it and reduce the number of immigrants currently in the United States. Im looking forward to hearing directors remarks on this and see what the administration will be doing moving forward. Theres also an important discussion being held about the importance of Legal Immigration betem and how it can structured to deter ilLegal Immigration and incentivize Legal Immigration. I just wanted to throw that out there that theres Something Else that can be a whole another event. Thanks, david. There were two papers that were handed out for people in the audience that came in. One paper that i wrote a couple of years ago, on the steps that totes can legally take assist the federal government and enforcement of our Immigration Laws. Its very important for the state to do that. Without the assistance, its tough for Homeland Security to do its job. There are a lot of things they can do. I urge you to take a look at that. The second paper is one i just released, how the Immigration Court should be streamlined. I dont think a lot of people realize that illegal aliens have very expensive Due Process Rights, everything from the ability to be represented by counsel to most of the same rights that all of us enjoy as citizens in the court. There are a lot of things that could be done to streamline the court system. Im going to concentrate on probably what is one of the biggest fight still going on in the courts, sanctuary cities. This false claim is constantly againstt if you are ilLegal Immigration, if you want to see Immigration Laws enforced, then you must be racist. That is simply not true. No nation can exist that doesnt control its borders. We are the most generous country in the world when it comes to ilLegal Immigration. We have taken one million Illegal Immigrants a year. Thats more than any other country in the world. The best statement on this was made by barbara jordan, she was an icon. One of the first africanamerican elected to the Texas Legislature then she went on to congress in the 1990s. Bill clinton put her in charge of his commission on Immigration Reform. She said we disagree with those who laid efforts to control immigration as they and hurling antiimmigrant. This is both a right and responsibility for Democratic Society to manage immigration so it serves the national interest. Unless this country does a better job curbing ilLegal Immigration, we risk a rapidly undeniably to ilLegal Immigration. The fight thats going on in the courts and otherwise on sanctuary cities because the Trump Administration as very torectly said they are going not allow cities and counties to century policies in place that obstruct enforcement of federal Immigration Laws to apply for and receive discretionary grants from the department of justice the department of justice. What are century policies . Cities and counties that do two things. They forbid their local Law Enforcement from exchanging any information with the federal government on the immigration status of individuals they arrest for committing local crimes. They refuse to honor federal detainer warrants. Issued by the department of Homeland Security when they learn local lawenforcement has arrested a criminal illegal alien and them to hold them for 48 hours. Forbidding local Law Enforcement from exchanging information with the feds is illegal under federal law. Theres a federal provision, an Immigration Law that says no local entity can forbid its officials from exchanging citizenship information. When the say of chicago tells its lawenforcement that you can notify dhs, when you arrested an illegal alien for a local crime such as rape, sexual assault, or glory. That is against federal law. We know that it is legal because when the law was first passed, the city of new york under its former mayor Rudy Giuliani sued and said the feds couldnt do this, this law was unconstitutional because it commandeered local resources. Went to the Second Circuit u. S. Court of appeals in 1989. The Second Circuit throughout the city of new yorks case. They said this law does not commandeered local resources, because the federal government isnt telling cities that you have to follow the feds. Theyre just saying that you cant tell your local sheriff that he is forbidden from calling the feds if he wants to to notify them. Or to get information about somebody they arrested. Having a legal discussion here, we are having a Public Policy discussion. Note, i get really annoyed and tired of local officials in the sanctimonious attitude they take as if they are on the moral high ground with their sanctuary policy. What they are doing is creating sanctuaries for criminals. They are saying that if an illegal alien commits a local crime, lets say robbery, or assault. They are sentenced to six months in the local jail. At the end of that time, they would rather that the criminal be released back into the local community, where they can victimize more individuals. Thats better than calling up the department of Homeland Security so the dhs can come pick them up and remove them from the country. Our americans victimized by this . Yes they are. In 2005, some in the Accountability Office did a study and released a report. What they did was look at the criminal histories of 55,322 is legal immigrants who were federal state in a local presence. Individuals who entered the country illegally, they were in the country illegally when they committed the crime. These 55,000 illegal aliens were arrested almost 460,000 times. They committed almost 700,000 criminal offenses, averaging 13 per alien. They want in jail for immigration crimes, 12 were for Violent Crimes such as murder, robbery, assault, and sexrelated crimes they 15 were for burglary, larceny, none of these crimes would have occurred if these individuals were not in the United States, many of them would not have occurred if, after they had served their sentence for committing this crime in local jurisdiction the dhs have been called and they had been removed from the country. In 2011, they did an updated study looking at 251,000 criminal illegal aliens, they were arrested 1. 7 million times for committing 3 million criminal offenses. The second policy the refusal to honor detainer warrants, these local jurisdictions are treating illegal aliens better than your citizens. What i mean by that is if you are stopped on the side of the road by a state triple state trooper because you were is the statet trooper going to do after you hand him your drivers license . Hewas back to his car and checks to make sure it is a valid license. They check to see if there is an arrest warrant or you. The other thing he does is check the fic system. The National CrimeInformation System maintained the fbi. States but the arrest warrants into it, the federal government with their arrest warrants into it. If i stop in virginia for speeding and theres an arrest warrant for me in california, im not just going to get a speeding ticket, i will be detained though california officials can come and make arrangements to pick me up. Same thing if there is a federal warrant on me. Sanctuary cities are saying that if there is one on me because im an illegal alien, they are not going to honor that. That is why kate steinle is dead. She was murdered in San Francisco a couple of years ago. She is dead because of the city of San Franciscos policy. The illegal alien who killed her was in jail, he was a seventime tire fell in. A detainer warrant was filed with the city of San Francisco asking that they be notified or he would was released. And they decided not to press drug charges against him and not to honor the detainer warrant. They released him and he was killed. What is so tragic is that is not the first time it happened in San Francisco. In 2008, another family had their father into teenage sons and two teenage sons killed, shot by a ms 13 gang member who was arrested and convicted twice the beasley, once for a game related assault and the attempted robbery of a pregnant woman. Instances, San Francisco, because of their sanctuary policy, refused to notify dhs so it wasnt that the. He was in the streets able to kill three members of this family directly because of the sanctuary policy of the city of San Francisco. Dhs, thisd informed would not have happened. One other story, which tells the results of when local and state reviews to assist the of federal the federal government and try to obstruct enforcement of federal Immigration Laws. Another alien within the u. S. Legally, he entered as a tourist. Then he became a student without changing his immigration that is and overstayed his visa. Theas detained will and portable from the first moment he was in the u. S. At 12 on 9 p. M. On saturday morning 12 9 00 a. M. , he was stopped for driving 90 miles per hour. The trooper neither asked him any questions about his immigration status, nor did he check with the federal government Law Enforcement support center. The support center is maintained by dhs, its open 24 hours a day, seven days a week, so lawenforcement officials can call dhs and check the immigration status of individuals the detained and arrested. Contactedtrooper had if he had contacted the center, he would have known he was illegal in the u. S. And been the detained. Instead, because maryland doesnt participate in this, he was given a 200 speeding ticket and let go. The ticket was found in glove compartment of his car at new york airport after he blew united 93 into the ground in pennsylvania. That is the direct result of that states refusal to assist the federal government. Critics of proenforcement policy say any migrants, but that kennedy further from the truth. Favoring the rule of law is not meanspirited or racist, it is the foundation of what the u. S. Was founded on and it is the core of why americans welcome immigrants. I will end with this. This sums up what our immigration policy should be. Credibility and immigration policy can be summed up in one sentence. Those who should get in, get in, those who should be kept out are kept out. Those who should not be here will be required to leave. Thank you. [applause] im going to ask a couple of questions. Let me start with you david. Your discussion was rather critical of the Obama Administration. Is there anything the Obama Administration did right . Are there things they did that are wordy of parties . Worthy of praise . Yes. One of the things they did was removing more people caught at the border. This is a bit of a numbers game. Traditionally, when people are caught, they were returned to their home country. Most americans would think or would think of return and removal as the same thing. They are two different things. A return and a removal. Traditionally, immigrants who are caught, most were returned. Arrests occurring in the interior resulted in removals. What president obama started doing is he started removing people. This is a good thing, because people were removed if they reentered the United States, there is a penalty attached to it and if you remove someone you are disincentive i think them to come back illegally. They stop removing people from the interior and all his people all of those people will return are now being moved to the border, which is why the net sum of people being removed fell, but it was a good thing to remove more people who are caught at the border, but because of the agal consequences, but its bit of a shell game in terms of there were other areas that were on at the same time. Im going to give you a magic wand that you may waive and you may get congress to pass any single change in Immigration Law that you wish. What is it . I would do two things. I give you one. I gave you one, the goahead. The first is i would make the everify system mandatory. The way to get the largest numbers to self deport is to dry up their ability to work. One of the ways to do that is to make everify mandatory. That is what arizona data on a did on a state basis. The second thing i would do explain what everify is. If you want to get a job United States, your employer is required to check your documents to make sure that you are a u. S. You are ar that if noncitizen, that you are legally in the country and have a Work Authorization to do that. Its a system set up at dhs, they can easily call and check with dhs to see if you are entitled to work in the United States, but it is a voluntary system. The state of arizona made it mandatory and said that any employers who after using the everify system didnt knowingly if they hired an illegal alien they could lose their business license. The u. S. Chamber of Congress Commerce sued over that, it went to the u. S. Supreme court, they said it was perfectly legitimate. That kind of a system throughout the United States would help to dry up the jobs, which is what drives the large majority of people that come here illegally. A large amount would self support if they can earn money and send remittances back to their home country. The other thing i would do is correct the misinterpretation of the 14th amendment, which has caused the United States to legalize birthright citizenship. We are one of the few countries in the entire world. It makes no sense that the misinterpretation of the 14th minute amendment. If one of your parents was born here then of course, if both were here illegally, it makes no sense and is a misinterpretation. David, i will give you the wand. Do you want to use it . If i were to use the wand, i would probably change some of the things along the lines of what hans was talking about. Also, the to a seven g program, i would make it that you did not require your insurance to the program, but if they wanted to enforce federal Immigration Laws been dhs would be allowed to. What state and local governments who want to help out. With the schedule i have come we have about five minutes more before we are going to turn to the keynote address. I have lots of questions. Im happy to open it up to anyone in the audience. Would you wait for microphone and tell us who you are . My name is john redman and im a member of Heritage Foundation. The question i have is really when an illegal alien is detained in the interior, what are the bases of the law that gives them due process . That is a good question. What the courts have said is when the United States is going through the removal process to try to take someone out who has been detained, the amount of due process they get is only what congress decides to give them. That is basically what the courts have said. To the extent that Congress Wants to limit those Due Process Rights, they have the ability to do it. Thats why congress some years aliens being removed had the ability to go to Immigration Courts, which are administrative courts within the department of justice. They dont like the decision a trial judge gives them, they can appeal it to the board of immigration appeals. The abilities of the federal courts have been limited. They can only go to federal courts of appeal. I dont see any reason for that, i think they get more than they should in the Due Process Rights they are given. I think congress should take away the ability to go to federal court of appeal, which are being flooded with a lot of meritless frivolous appeals. The followup question is how many other countries provide the due process that the United States provides . There is a great difference in what they provide and dont. States, in the same way, one of the most general generous countries in the world when it comes to ilLegal Immigration, is quite generous in the due process right it gives to the legal aliens. Theof the best things administration did was and the catch and release policy. When illegal aliens were in the interior of the country, they would give them a date to appear before an immigration judge and then release them. He talked to border agents, they refer to the catch and release policy as catch and run policy. Whichngterm rate at illegal aliens did not show up for their Court Hearings was over 40 . There is there arent any other courts in the country that have that kind of a nonappearance rate. I was always amazed by that and i wondered about the 60 who showed up. From their perspective it is a questionable decision. In the back, if you would wait for a microphone to come back to you. One question for hans. Why do mayors of sanctuary cities get away with not enforcing laws and can you speak to that a little bit . I really dont quite understand that at all. I think part of it is the way they try to for the residents of their city. They try to paint sanctuary policy as something that protects all of their residence and they say a lot of things that probably are true. They really just protect criminal illegal aliens from being removed from the federal government being notified about them. Foolingtheres a lot of of the public going on in this situation. We will take one more question. A short comic, and then a question. With regardmment is to given the Obama Administration the credit for the removal of the mexicans, that program basically was started by the bush administration. The Obama Administration just gets the credit for continuing it. The question is with regard to the issues of detainers and whether or not they have any legal standing, a judge in oregon ruled that you couldnt hold people without having a court order to do so. Therefore, it was illegal to be Holding People under the tainter requests and the Obama Administration agreed with the position that detainers where voluntary, rather than legal. Would you agree with that . I think thats a misinterpretation of the law. If the federal government has the ability to hold an illegal alien, i dont see how it suddenly is illegal or a state and local government to hold illegal aliens at the request of the federal government. The second part is what dhs is asking, this has been made clear in the case going on in chicago, where chicago has sued. They are asking that the federal government be notified 48 hours before the locals are going to release somebody. If an illegal alien is in jail and they are serving a sixmonth sentence, how in the world is it a problem if the federal government says 48 hours before you get a release you release this criminal alien for serving a sixmonth sentence, please notify us 48 hours before. How in the world could that be a problem . That just defies common sense that its somehow a problem and the city doesnt want to do that. With that, please bring me in thanking our two panelists. [applause] we will take a 32nd break as they exit stage left we will take a 32nd break as they exit stage left. 830 second break cash 30 second break. The genesis of this event was the wonderful opportunity that we had to invite to our podium one of the leaders in the Trump AdministrationImmigration Enforcement policy. Im deeply honored to be able to welcome to the allison auditorium, thomas homan. He is the acting director of u. S. Immigration Customs Enforcement, sometimes known as ice. It is the principal Investigative Agency of the department of Homeland Security. He became acting director on january 30, 2017. 2013, he has served as the executive associate director of the ice enforcement and removal operations. Is a 33 year veteran of Law Enforcement, and has nearly 30 years of Immigration Enforcement experience. He has served in numerous capacities in Law Enforcement, including as a Police Officer in my hometown of new york city. He has also served as a Border Patrol agent, a special agent with the former u. S. Immigration and naturalization service, which became part of ice. As well as a supervisory special agent for investigations at ice. He holds a bachelors degree in criminal justice, and received the president ial rank award in 2015 for his exemplary leadership and extensive accomplishments in the area of Immigration Reform. Please join me in welcoming him. [applause] i appreciate the invite. People ask me why i things like this, i want to get out here and send a message out to the public that what they are reading in the media is not accurate. I spent a lot of time trying to set the record straight. Just as importantly, what we dont know. I started in Border Patrol in 1984. I work the front line several years, then became a special agent. I investigated an organization that smuggled aliens into this country for 20 years. The last eight years, i was in charge of removal operations which arrests aliens in the interior, detention, and removal. I have worked the entire immigration lifecycle. Im not the smartest guy to ever see in this chair, but im the first cap sitting in this chair. I have done the job on the front line and im proud to do that. Januaryeneral 27 27. I got a call from general kelly asking me that the president would like me to run the agency and state. When the president asks you to serve, theres only one answer. So im back to serve my country best i can. Let me tell you what i read this morning. Are just a few of the press clips i read this morning. Migrant justice sues feds for immigration claiming harassment. Without country divided supported by government ministers. Backmith and jaipal are and in private immigration grade the less halls in 110 to be deported. Aclu, 18yearold resident supported by harvest and request claims deception after i detained father of four. A utah woman says she escaped severe abuse and violence in guatemala and now we are trying to send her back, that is racist. Those are a few of the headlines i had the pleasure of reading this morning. You know what they dont say . They dont say everyone of these people have been removed, heather due process in this country, they got an order from a judge issued from a bench and the job is to execute that order. This room is ignored a judges order, what would happen to you . They want to vilify the men and women for doing their job and executing a judges order issued from a bench. Shame on these folks. For people to say that we are racist white supremacists, they should be ashamed to wear the uniform, for enforcing the laws of this country. Thats what i get emotional when i start talking. 20,000 men and women that work for ice are american patriots by the very fact that they read this every day, they still strapped a gun to their hip, leave the safety and welfare of their security and families in their homes to defend this country to support Public Safety , event Public Safety and they get vilified for doing it. I appreciate the invite here today. Every time i do one might that gives me six pages of things i want to say. I can guarantee you i will get off on my tangents, which i think are meaningful because im passionate about what we do. Im passionate about getting the truth out to people of what ice does. The Heritage Foundation has been a friend and advocate. I want to thank you for this opportunity to talk to you today. I want to talk about ice enforcement priorities. My statements on the hill have been talked about a lot. Director homan said aliens should be afraid, looking over their shoulders. If you go down the highway at 100 miles per hour, do you were do you worry that you may get stopped . If you lie on your taxes, are you worried you might get an audit . People that knowingly violate the laws of this country , enter this country illegally, which is a crime. Crime, yoummit a should be worried. That is the way it is supposed to be. If we keep sending the message its ok to violate the laws of this country, then we will never solve the border crisis. It will never be solved as long as people think they get a free pass. I heard a lot of good comments here by the panel. We have allowed millions of people to enter this country and become citizens and part of our society, and they did it the right way. For the people who stand in line you have to admire them. There is a right and wrong way to come into this country. The wrong way is not acceptable. This president has made that clear. If you enter this country illegally, hide, or have a u. S. Child, you are never going to solve this border crisis. There is not another agency were where people asked them not to enforce the laws. Dea, name a fbi, federal or state or local lawenforcement agency where politicians say dont enforce the law, dont take it seriously. We enacted that law. You are sworn to enforce that law, but ignore it. No other agency has been asked to do what ice has been asked to do. This president signed executive orders, a lot of paper, words, but he could have said that in one sentence. Ice will not enforce the laws enacted by congress and on the books. We did not create new laws to enforce. This president said im taking the handcuffs off Law Enforcement officers. You can enforce the laws. That is what he has done. This country spends billions of dollars a year on Border Security, detention, Immigration Courts, attorneys, appeals courts, circuit courts, and at the end, if a judge issues a final order, they need to be executed. If they are not, there is no integrity to the system. Might as well open the border of. You give them due process and a federal judge makes a decision. That decision needs to be executed by the men and women of ice or there is no integrity in the system. Why would anybody follow the rules and laws if you dont make a decision. I get asked all the time, why do you arrest somebody who has been there for 1015 years . Why . If we dont and send the message enter this country illegally, go hide in the shadows, have a u. S. Citizen child or go to , Immigration Court and get an order and ignore it, but if you have a u. S. Citizen child, you are off the hook. The law Means Nothing to you. You are exempt from federal law. If that is the message we want to send, you will never solve the border crisis. If people think they come to this country and have a u. S. Kid and now they are immune from enforcement, you will never fix the border crisis. I have been doing this a long time. We have to stop sending that message. Last week, the administration laid out reforms. Those that like it, those that dont. The white house develop these priorities and policies, certain people, these policies were written by career Law Enforcement officers. They were not written by the white house. They ask us, give us what you think you need to enforce the law in a meaningful way. We have made great progress on the border this year. Whether you like this president or not, like his policies or not, you cant argue with results on the border right now. Why . Because we are enforcing the rule of law and sending a strong message. You will get your due process. Once the decision has been made, it will be enforced. The priorities and policy sent to the hill last week were created and written by career Law Enforcement officers, including myself. We put together our wish list of priorities and policies. Ci has to do same. These priorities reflect the input of Law Enforcement professionals throughout the three organizations. They laid the groundwork for serious Immigration Enforcement. This president takes Public Safety and Border Security seriously. The policies we sent up were clear and concise. From a Law Enforcement perspective, they make sense. This president and administration has allowed the ice officers to do what they are supposed to do, enforce the laws. The fact of the matter is you enter the country illegally, overstaying a visa, skipping Immigration Court, committing crimes illegally, if we dont address them, then there is no integrity in the system and we will never fix it. I have been around since 1984, i was here during the last amnesty. That was supposed to be the last time we did it. Did it work . No. Because as long as people think they can get into this country illegally and be immune from the law, we wont fix it. This president is fixing it. The numbers are at historical lows. We have to continue down the path to we are on the right path. We have made significant progress this year under this president. Both executive orders and priorities announced at the white house include measures to hold sanctuary cities accountable. Californias governor this month signed legislation making california a sanctuary state for illegal aliens, including those who have committed additional crimes. That will nearly eliminates all cooperation with with our Law Enforcement partners. It points to legitimate authority. It prohibits local Law Enforcement from contacting the federal government to house detainees and refuses the Law Enforcement agencies to contact us. Sanctuary policies are shielding aliens from enforcement. I will give you an example, two months ago in Sonoma County, im for guide was arrested family domestic battery triggering an alert to ice. , ice filed a detainer, Sonoma CountySheriffs Department released him on bail before ice could respond. Two weeks later, he murdered that girlfriend. Had we been given time to take custody, most likely he would be in guatemala. Every criminal immigrant tickets gets released by a sanctuary city that reoffend has committed a crime that has been preventable. I will say it again. Sanctuary cities are releasing Public Safety threats back into the public. That does not make sense to me. Even immigrant communities dont want criminals in their communities. If you are a child predator, do you feel the same way . They dont want these criminals back in their community. The irony of the sanctuary policies, let me explain. I got a letter from 1214 congressman about my reprehensible statements in response to the california sanctuary law. I said i have no choice but to arrest people in neighborhoods and at work sites. Let me explain my statement, which i explained to them. I explained to the people who created the sanctuary policy before they made it a law, when i go to a jail, they are going to arrest a Public Safety threat. That is why they are in the jail. Number one, they are in the country illegally. There already committed one crime against this country. Yet they commit another crime against the citizens of this country. This is a person in violation of federal law in a county jail , which is probably not a choir boy. There are county officers the dont allow us into the jail. To getw doesnt allow us the detainer. Which means what . When he gets released back into the community. My job is to locate him and arrest him. Its a Public Safety issues its a Public Safety issue. Arresting somebody in a county jail is safer for my officers. We know there are weapons. We know they dont have weapons. It is safer for the alien to be arrested in county jail because there will not be all this emotion in the street. It is safer for the community because the Public Safety threat is not in the community. That makes sense. Arrest the criminal inside the county jail safe, secure. , when sanctuary cities release them, i have to knock on the door the most dangerous part of , Law Enforcement, knocking on the door of a criminal on his turf with access to who knows what. When i made this statement by passing this law and not allowing access to jails, what you have done is forced my hand. Now i have to go to their homes, not only a public and officer safety issue, we have to knock on the door. In a jail, i will arrest the criminal. When i go to the home and find that bad guy, he will probably have other people with him who have immigration issues. New executive orders as says no one is off the table. Those politicians that shows to that chose to make a political statement over that of Public Safety that want to tell their communities that sank three cities protect the communities, wrong. Now you just put all of these people who were not on my radar on my radar. When we go to a home or place of business, we will find others. That is an intentional misconception, ms. Messaging by these politicians that sanctuary cities protect the communities, they dont. I am going to do my job. They can call themselves sanctuary cities all they want, my officers are going to do the job. Mores the message, officers in jail means less officers in the community. Thats simple math. Thats something you wont read in the media. Statement thata you are forcing my hand to do more operations in neighborhoods, you can call it anything you want. That is just fact. You have forced my hand to do that. Are you stoking fear in immigrants . Our politicians in the media stoking fear and saying ice conducts raids, sweeps . We arrest people in churches, hospitals, schools, when we dont. We dont conduct raids, we dont conduct sweeps. We conduct targeted enforcement operations. The fine men and women who are professional. When they go to arrest somebody, they know exactly who they will arrest and where to find them based on modern investigative work. We dont go into neighborhoods looking for people who look different than us. We remove people from over 104 countries last year. Many latino, many not. We are enforcing the laws. When the story is out ice conducts raids and does a never sweet, we conduct targeted enforcement operation. We dont set up roadblocks we , dont arrest people at churches, hospitals, or schools. We arrested somebody dropping their daughter off at school, several blocks from the school, after he dropped his daughter off and officers verified the mother was there to receive the data child in the day. Officers take great care in what they do. When you have a century city policy, thatcity you cant arrest someone in jail, you have these groups that tell you and others dont open your doors to ice, dont answer the questions. We cant arrest them in jail. We cant arrest them in their homes because they have been trained not to. What option does that leave us . We have to wait until they leave. When you are in new york, los angeles, chicago, and when you pull the car over, you are within a block or two from a church, school, or hospital. We dont arrest people hospitals, schools, or churches without prior approval from headquarters. It has to be a significant issue, to do that. That is a fact. You wont read that. It is a continued vilification of what we do. You are right to your opinion, but dont vilify the men and women of ice who are following their oath to enforce the laws of this great nation. This is the greatest country on the face of the earth. You cant want to be a part of this country and not respect its laws. You cannot have it both ways. Sanctuary cities are not the america i grew up in. For politicians and restrictions, and states and city localities to intentionally shield those in the country illegally and committed another crime and they are sitting in a tax payer funded jail, to not get access to a Law Enforcement officer is unamerican. It is not the america i grew up in. No matter how they want to spin it in their opeds, releasing public, risk Public Safety threats does not make sense and increases the Public Safety threat. Century citys entice sanctuary more illegal entry. Cities are a human smugglers best friend. What a sales pitch. I will get you into chicago or los angeles and you can get arrested and they will not work with ice. Replaced to be. Sanctuary cities are a danger to Public Safety. They are a violation of federal law. They entice more illegal behavior, more deaths occur because of this. People are dying to enter this country. I have had a long story of able say you want to arrest all of these people. You would understand my emotion. The smugglers dont care. They are out to make a buck. They dont care about the health and wellbeing of these people. I was in headquarters on detail when we found 19 dead aliens in the back of a tractortrailer in dallas. I got a phone call to lead the investigation, 19 dead aliens in the back of a tractortrailer. I went down there. The crime scene was kept secured. I walked into the back of that tractortrailer. I was surrounded by 19 dead aliens around me. They suffocated in the tractortrailer. One was a fiveyearold boy. That haunts me to this day. I had a fiveyearold boy at the time. What do you think that fiveyearold child went to the last 30 minutes of his life . What do you think the father who was holding that child went through in the last 30 minutes of his life knowing that he put that child in that position and could not change it and they are suffocating in the back of this tractortrailer . The Smuggling Organization doesnt care about them. What do you think they went through . When i was in phoenix, arizona, we rescued hostages all the time. Women were raped, children were molested. We did one investigation, we rescued a hostage and got into the house and he was in a closet wrapped up in duct tape. He had a hole and a straw so he could breathe, for days. When people say i am cold and heartless, you have not seen what i have seen. We have to end this stuff here it this president is taking it seriously. Call us anything you want. I have thick skin. We will not be bullied and not enforce this law. It is working. The numbers dont lie. Does the system need to be fixed . Absolutely. That is congresss job. It is working. We need to stick with it. The policies we are asking for to continue doing what we are doing our something we need to fix this entire system. Say when you talk about the actuary cities, not only does it entice people to our these organizations, puts people at risk, they will continue dying entering this country. You are bankrolling the criminal organizations that smuggle these people. These are organizations that smuggle weapons, dope, do drugs, and people who want to do harm to this country. The drug cartels in mexico control their pathways and their areas. You not going to do anything in that area unless you pay a tax. They control all that. By sanctuary cities putting people in more danger in making this dangerous journey, enticing people to make that journey, putting the Public Safety at risk. You are also bankrolling criminal organizations that want to do harm to this country. People say they want us to focus on the criminals. Ok. Focus on criminals, but dont allow me in your county jails. Right . Think about it. These politicians are suing the Trump Administration for threatening to withhold funding from sanctuary cities. They dont want to fund the border wall to keep them out, but they want to fund sanctuary cities to keep them in. That is backwards. As you can guess, i am passionate about sanctuary cities. Despite the refusals of some politicians to work with us, we we will have a positive effect. 22, we arrested more than 100,000 illegal aliens in the interior of the United States, a 42 increase. Is detaining over 80 . We have enforced the laws that we were sworn to enforce. I told you about the sense location policy. Message thato miss we arrest aliens. There is a jurisdiction passing laws that we cant arrest people in a school. That strokes fear. We dont do it. There is a message the hind all of that. House arrest. How dare we arrest a criminal alien . Think about that. Where ieen in court have seen fathers arrested for failing to pay Child Support. The judge said, you have not the Child Support in six months. You are going to tell me that a federal Law Enforcement officer cannot take custody of a criminal inside a courthouse . People say he has a right to due process. He also has an obligation to a federal court that already ordered that he be removed. When we arrest we arrest him outside. We will arrest him in a nonpublic setting. It has to be a last option. They have to be a Public Safety threat. Get him anywhere else. He is a Public Safety threat i am not going to let him walk back out into the public. That is not what we do. That is not what this country is about. Hill, testified on the people want to beat me up for the statements that i made. When i went to the hill to why shouldthat time, i not want the same thing for the men and women of ice. They already put themselves in harms way every day, but we want to increase it now . We want you to arrest people where it is more dangerous. Common sense. As far as courthouse, i want apologize. We will continue to do that. Combined with border apprehensions, data show priorities are working. We also made it a priority to enforce laws against ms 13. Criminal gangs are a priority. Ms13, we will take them out. I went to the president in new york city to do a presentation there. We arrested 1400 gang members already, in many ms 13. The focus on criminal gangs is a higher priority because they are vicious. A very violent gang. We will arrest them send them to prison and when they are done there, we will send them back to wherever they are from if they are here illegally. If there is not enough evidence to prosecute them criminally and they are here illegally, we will still send them back. It is the right thing to do for the safety of this nation. We are not looking to arrest them and remove them, we want to dismantle the entire organization. We have officers in 40 countries across the globe. We are working with officials. In el salvador. We will dismantle those organizations. We are not just talking about arresting them. We are talking about doing away with ms 13. The street officers, Law Enforcement officers, on the front line, they want to work with us. Believe me. I have talked to many of them. These are politicians making these decisions. The California Sheriffs Association came out against the latest sanctuary law in california. Chicago, illinois, highest crime rate in the history of that city. More gun deaths in the history of that city. Its a plague, right . Are they doing everything they can to protect the citizens of that city . No, because ice officers arent allowed in county jail. They dont share information or honor retainers. The percentage of criminals in the country illegally will get released right back into the community to reoffend. Anyone can google recidivism rates. 50 of those released, criminals, will commit another crime in the first year. Three quarters will reoffend within five years, so chicago has chosen politics over Public Safety. They are at war they declared on Immigration Enforcement. They want to release criminals back into the community rather than work with the department of Homeland Security. I have been doing this a long time, to be at a place where a sworn Law Enforcement officer cannot walk into a county jail to talk to somebody in the United States illegally and committed another crime in a taxpayer funded facility does not make sense to me. I want to tell you that Law Enforcement, the sheriffs want to work with us. I am not here to vilify the fine men and women that strap a gun to their hip every day and enforce the laws. They want their Community Safe also. But their hands are being tied , in many areas across the country. One of the presenters talked about a program where Law Enforcement agencies come to us and want to help us. We train them and teach them how to process people and identify people. We do it in a jail setting. It is like a force multiplier. They will screen everybody, and once they find someone here illegally, they will process them. They are supervised by a nice officer. It is a force multiplier. They want to work shoulder to shoulder with us. We will triple it by the end of the year. That has been a meaningful positive under this president. Numerous positives as far as Public Safety and this president. The executive orders ask us to expand these agreements. We will triple them by the end of the year. I went to texas about two months ago and i signed 18 agreements in one day, 18 sheriffs. I want to work with you all. I want some immigration authority. Then you have a place like california who does not want have anything to do with that program and they want to stonewall you doing your own job. That is the dynamics we are looking at. As far as detainers legality and nonlegality, there was a Court Decision on the fifth circuit saying they are legal. They want to argue in the courts over detainers. I wont hold them a minute passed i would normally hold them, but we will let you know when they are going to be released so you can arrest them. Sanctuary cities refused to do that too. Even though they have no liability there. But they refuse to do that. I am almost done. We are working with the doj on a lot of things. Again, sanctuary cities. I think we should file suit. We are hiring more attorneys come immigration attorneys, to make the system go faster. We are increasing ice personnel in foreign countries, Central America, europe. We want to push the borders back. Then secretary kelly said i would rather play the away game rather than the home game. I am all for it. Lets stop these criminal organizations where they start. If we can start an organization if we can stop an organization in san salvador or mexico before it gets to our shores, because once it crosses our border, they are here for a long time. If you look at the numbers in Central America in the last couple of years, it has skyrocketed. That is why Immigration Courts have over a 600,000 case backlog. What is a shame is most of them wont get it. They are taking advantage of the system. The backdrop is there are people in this world that really need our sanctuary, that are really in fear of political asylum and they get caught in this whole process where people are clogging the system. Thats part of the policies on the hill also. We have to look at the whole political asylum spectrum and have meaningful threshold so people can take advantage of it. Another thing this president has done, we used to have 26 recalcitrant countries the refused to take back their people. We have a Supreme Court ruling that we can only detain for six months. These are some serious criminals. The 26 are down to 11 or 12 now. We just sent notices to these countries saying you Better Change your ways or there will be visa sanctions. This president has taken this on headstrong and we are making progress and we are doing visa sanctions against countries that dont cooperate with us. They have a responsibility to take them back. They are not supposed to be here. We have to remove them. This president takes that seriously. We have to change certain Court Decisions in the ninth court. Consequence and deterrence is meaningful for illegal activity. Illegal activity will decrease if there is a consequence and deterrent to that activity. We all learned that has kids. And i truly believe that. When we had the searcher families in 2014 coming across the border, once we built family detention, we had a Court Decision that you can only hold them for 20 days. We will feed you, give you clothing, give your vaccination, what would stop it . We targeted those families and had a final order to remove them. Its a family. I get it. We have to execute those orders. When we did that, guess what . We took a beating in the media, but guess what . Those numbers were down again. My overall message today is that under this president we are enforcing the laws the way they were meant to be enforced and have had a Significant Impact on crossings across the border. The families and children are still higher than we want them to be. The traffic and victims protection act has good intent, but that is being abuse now by people who want to come and claim they are escaping violence. If you are a parent or sponsor that pays a criminal organization, put your child in the hands of a criminal organization, and you can hide in the shadows, we will put them in immigration proceedings. The first phase of it just finished. We will prosecute them first of all, and second of all, we will put them in Immigration Court and take them out of the shadows. If this eight or nineyearold is truly escaping persecution, that parent should be Standing Shoulder to shoulder with him. I call that parenting. As far as the family units, we are looking for some good judicial rulings on that. Again, let me explain something. I want to be clear. Do i feel bad about the plight of some of these people . To my officers badly about the plight of some of these people of some of these people . Absolutely we do. Law enforcement, i shared a few things with you, but every state, local Law Enforcement officer sees terrible things every day. Whenever they take a child away from the parent, families get destroyed over that and an officer has to arrest somebody, officers feel bad. They have hearts. I am a father. Do i feel bad about these people . Yes, i do. I have a job to do. If we dont do that job, it will get worse. Most people think ice officers are heartless. Shame on them. The men and women who work for me are fathers, mothers, brothers, sisters. I am not asking anybody to cut us slack. I am asking for recognition for the men and women of ice who have a difficult job and put their own safety at risk every day for this fine nation. Thank you. And without that i will end. Thank you. [applause] we have time for maybe 12 questions before we have to run. Would you raise your hand . Boy, lots of hands. Where are the microphones . I dont know right here in the front. If you would tell us who you are, please. I wanted to ask you about unaccompanied minors and the family units, the numbers have come up. You addressed it a little bit with the antitrafficking, but until a congressional change takes place, is there anything you can do . I know that especially the unaccompanied Minor Program is looked at as a recruiting platform for ms 13 in particular. Can you talk about that a little bit . They will get their due process, but when we get orders, we will execute orders. We have a search operation we just finished where we arrested 600. We will continue that. Once you have had your due process and a federal judge has ordered you removed, we will take those orders seriously and take people into custody and remove them. Thats what we do. Once people realize there is no free pass in the u. S. Hopefully they wont sell their ranch and everything they own to pay a criminal organization money to get here only to be sent back home. There is a lot of messaging going on in Central America. We have enforcement here that we are stepping up to send a message that there is no free pass. You are going home. We have messaging in Central America on just that. Then secretary kelly had a seminar in miami and invited officials from Central America, called, security prosperity. Big businesses that invest in Central American companies for more opportunities down there, so hitting them from both sides. That is what we are doing. From a lawenforcement side and helping those countries take care of their own people. When there is a consequence and deterrence and we put a plane full of families on a plane and return them, it is meaningful. People will think about it before they put themselves in harms way and give their life savings to a criminal organization. Let us not make that trip. We have time for one final question. In the back. Mark center for immigration , studies. The one thing you did not talk about was worksite enforcement. I know there are bureaucratic issues in ice about that sort of thing. Are we going to see a resumption of routine worksite enforcement . I am glad you mentioned that. I have eight pages of stuff here. Yes, the panel is right. Unless you remove the magnets, as long as they think they can come here and not be removed they will keep coming. , as long as they get jobs, they will try to come. We are stepping up worksite enforcement. I recently looked at how much time, what percentage of time is security oneland worksite enforcement, i will increase that by four or five times. We are taking worksite enforcement very seriously. We have already increased the number of inspections at worksite operations. You will see that significantly increase. We will do it different then how we have done it. We will prosecute, detain, and remove workers. With that, we have reached the end of what i trust you will of three was both an informative you will agree was both an informative and engaging discussion on Immigration Enforcement. Please join me in thanking, Thomas Holman for coming and sharing the day with us. [applause] some members of congress and what they are up to this weekend. Jeff fortenberry tweeted about his visit to a new immigration exhibit at the nebraska history museum. And a democratic representative from florida, stephanie, tweeted this picture. On monday withs the house preparing to pick up the Senate Passed budget resolution. We get an update now on where the congress is on emergency spending and tax reform. Instructionscific for the taxwriting committees to get to work on what the republicans have been saying is an ambitious tax plan. There is also 10 years of spending levels and entitlement over health they are looking at. The thingsnzi says that really matter are the tax reform instructions. How are they moving forward with the president s call for tax reform . We dont have many details. There has been few details so far about what the rates might look like and what kinds of tax breaks they are looking to keep or a limited. What we do know is that this is a big wave of momentum for senate and House Republican leaders considering that the Senate Amendment last night to include some of the house tweaks. Budget the Senate Passed last night included some negotiations with the house ahead of a Conference Committee which will speed things up and we could see some tax work next week. Says republicans are eager to speed up the timeline on tax reform. Why is that and how are they doing that . It has been a tough couple of mounds for the house and senate. They are looking for legislative victories. Any are still sore about the Obamacare Repeal attempts. They are now starting at this again and they are hoping for another shot at reconciliation. Something that is rare to try to do twice in one calendar year. They hope this will be the ticket to achieving this tax overhaul they have been talking about so much. And that the president made a central these of his campaign. Is there any democratic support . There were some signs last night that democrats could get on board with this. The senator from west virginia, heitkamp and heidi they are both vulnerable. They hinted at tax reform changes. Overall, the final budget does not include a single democrat. This is not unusual. These budgets are very partisan democrats are very partisan documents. The fact that there were a few democrats voting for the amendments could mean that they will be part of the process. What is the timeframe . Are anxious to get this done as soon as possible. They want to have Something Else to talk about. We will start seeing hearings from the house ways and means and the Senate Finance committee pretty quickly. Kevin brady has actually suggested that we could see this Tax Blueprint and actual legislation in the next week or so. Theaid that as soon as house and senate agreed to a joint budget resolution, we will start to see some legislative tax. The house is back next week. Before they left, the other proved disaster relief. What is the status of that bill . This has been a stickier process in the senate than expected. Senate republicans initially said they could get a vote right after the votearama thursday night. They said the next time they will vote on it will be next monday. The republican senators including bill nelson, have put holds on Donald Trumps nominees because they are so determined to see early for their home state. They say they may support the package next week but they are already looking ahead to the package in november which they say need to include a specific amount of funding for their home state. Politicos reporter. The house is expected to take up the Senate Passed budget resolution this week with a final vote by thursday. If that passes, it allows congress to proceed with tax reform. 00 coverage resumes to monday. The senate is also back on monday to consider an emergency supplemental for hurricane entirely. Already approved by the house. The procedural vote to advance the bill is set for 5 30 p. M. Eastern. You can watch the senate live on cspan2 and the house on cspan. Close your eyes for a moment. Close your eyes, i see you. [laughter] trust me. Empathy. I want you to stretch your imagination. [sounds of a car crash] open your eyes. That is how fast it happens. In a blink, no warning. Q a,nday night on executive director of paralyzed veterans of america and retired u. S. Marine Corps Officer talks about his own paralysis and his work to help paralyzed veterans. I am trying to tell them that this is the problem. This is what i see from the Patient Perspective and an advocate perspective. You have to empathize. That is what will make the the a the ideal provider. Sunday night at 8 00 p. M. Eastern on cspans q a. Now, to a Senate Armed ServicesCommittee Hearing on Cyber Security and defending against hyper attacks. Lawmakers heard from representatives from the Defense Department, fbi, and Homeland Security department. This is two hours and 20 minutes. Cyber attacks. The Senate Armed ServicesCommittee Held a hearing yesterday. [inaudible conversations] , one. Of morning. The Committee Meets to receive testimony on the u. S. Government policy strategy and organization to protect our nation in cyberspace. To begin id like to thank senators rounds and nelson for their leadership on these issues and our Cyber Security subcommittee. This hearing builds upon the good work that they and their subcommittee have done to tackle the critical challenge of cyber. This is a challenge that is growing more dire and more complex. Not a week passes that we dont read about some disturbing new incident, Cyber Attacks against our Government Systems and Critical Infrastructure, data breaches back compromise Sensitive Information of our citizens and companies, attempts to manipulate Public Opinion through social media and of course attacks against the fundamentals of our democratic system and process. Those are just the ones that we know about. This is a totally new kind of threat as we all know. Our adversaries, both state and nonstate actors view the entire information domain as a battle space and across it, they are waging a new kind of war against us, a war involving and extending beyond our military to include our infrastructure, our businesses and our people. The department of defense has a Critical Role to play in this new kind of war but it cant succeed alone. To be clear, we are not succeeding. For years we have lacks policies and strategies to counter our adversaries and we still do. This is in part because we are trying to defeat a 21st century threat with the organizations and processes of the past century. This is true in the executive branch and frankly its also true here in the congress and we are feeling. Thats why this committee is holding a hearing and why we have taken an unorthodox step of inviting witnesses from across our government to appear today. They are the senior officials responsible for cyber within their respective agencies, and i want to thank them for joining me and welcome them now. We have a consistent secretary of defense for Homeland Defense and Global Security. Scott smith, assistant director for Cyber Division, fbi, and chris krebs, undersecretary for the National Protection and programs director at the department of homeland scary. Id also like to note at the outset, the empty chair at the witness table. The committee invited the principal u. S. Cyber official, white house Cyber Security coordinator rob joyce. Many of us know him and respect him deeply for his significant experience and expertise on fiber and his many years of Government Service at the National Security agency. Unfortunately, but not surprisingly, the white house declined to have the cyber court nader testify, citing executive privilege and precedent against having non confirmed aniseed staff testifying before congress. While this is consistent with past practice on a bipartisan basis, i believe the issue of cyber requires us to rethink our old ways of doing business or to me, the empty chair before us represents a fundamental misalignment between authority and accountability in our government today when it comes to cyber. All of our witnesses answer to the congress for their part of the Cyber Mission, but none of them is accountable for addressing cyber in its entirety. In theory, that is the white house cyber coordinator job but that non confirmable position lacks the full authority to make cyber policy and strategy and direct our governments efforts. That official is literally prohibited by legal precedent from appearing before the congress. So when we, the elected representatives of the American People asked who has sufficient authority to protect and defend our nation from Cyber Threats, and who is accountable for us for accomplishing that mission, the answer is quite literally no one. Previous administration struggled to address this challenge between dod, dhs and the fbi, wellintentioned as it was, but the result was as complex and convoluted as it appears in this chart. Given that no Single Agency has all of the authorities required to detect and respond to incidents, it has created significant confusion about who is actually accountable for defending the United States from Cyber Attacks. Meanwhile, our increasingly capable adversary seek to exploit our vulnerabilities in cyberspace. Facing similar challenges, a number of our allies have pursued innovative models to emphasize increase coronation and consolidation. In doing so, they have significantly enhanced their ability to share information with the public. The United Kingdom recently established its national Cyber Security center, an organization that orchestrates numerous cyber functions across the British Government under one roof sitting sidebyside with industry. Todays hearing is an opportunity to have an honest and open conversation. Our concerns are not meant to be critical or of your organizations. Each of you are limited by the policy and Legal Framework established by congress and the administration. as the one who rushed to the scene that they were in charge with none having the authority or even worse, realizing after a cyber incident that your organizations were not prepared and resourced to respond based on a flawed assumption that someone else was responsible. I think the witnesses for the service to our country and the willingness to appear before this committee. As we continue to assess and address our cyber challenges. Senator reed. Thank you very much for holding the steering at the welcome our witnesses today. Let me also commend senator browns and nelson for the great leadership on this subcommittee. Cyber threats facing the nation does not respect organizational or jurisdictional boundaries, Defense Department, Intelligence Community, fbi, department of Homeland Security, are all critical encountering cyber threat. Each Agency Functions in silos and specialist laws and authorities. In order must develop an integrated whole of government approach to strategic planning, resource allocation and execution of operations. I am echoing the chairman points. This department is not unique to the cybersecurity mission. By the extremism, narcotics ad human trafficking, transNational Crime, weapons of mass distraction and other charges are effective whole of government response that cut across the missions and responsibly of departments and agencies. As issues become more complex these problems are becoming more numerous and serious overtime. The rubin various approaches to this problem. With little demonstrated success. White house generally have few tools at the disposal while the lead agency does need to address cross cutting jobs that must remain focused on the mission of its own organization. Last year president obama signed ppd 41, United States cyber incident coordination policy. It established a Cyber Response to group to pull together a hold of government response, but these are ad hoc organizations with little continuity that come together all in response to events. I believe what is needed instead is a framework with an integrated organizational structure authorized to plan cooperating in peacetime while the constant progression of cyber opponents. This arrangement as president. The coast guard is a Service Branch and the department of defense but is a vital part of the department of Homeland Security. It has intelligence authority, defense responsiveness, customs and border enforcement of Law Enforcement authority. The coast guard exercises these authorities judiciously and responsibly and enjoys the complement conference of the American People. We can solve this problem. We have examples. Last Years NationalDefense Authorization act really cross functional teams to address problems. These teams are composed experts in the functional organizations that rise above the interest of their bureaucracy. The team leads would exercise executive authority delegated by the secretary of defense pick such an approach might be a model for the interagency to address a crosscutting problem like cybersecurity. There is indeed urgency to our task. Russian attack our election last year. They attacked multiple european countries, the Nato Alliance in the european union. The Intelligence Community assures us russian will attack our upcoming midterm elections. So far weve seen no indication that the administration is taking action to prepare for this next inevitability. Finally the government cannot do this alone. As former cyber commit an innocent director general Keith Alexander testified, while the primary responsible of government is to defend the nation the private sector shares responsibility in creating the partnerships necessary to make the defense of our nation possible. Neither the government nor private sector can protect their systems and Networks Without extensive and close cooperation. In many ways the private sectors on the frontline of the cyber threat and the government must work with them if were to effectively counter that threat. We need to covet strategy but it must be in cooperation with the private sector. I think chairman mccain for holding the steering effort cosponsored my legislation that is the Banking Committee jurisdiction, the disclosure act which are federal securities laws tries to encourage companies to focus on avoiding cybersecurity risk before they turn into costly breaches. Thank you, mr. Chairman. Welcome witnesses. Mr. Rapuano, please proceed. Thank you, chairman mccain, Ranking Member reed and members of the committee. It is an honor to appear before you to discuss the roles and responsibilities the department of defense and its interAgency Partners in defending the nation from Cyber Attacks of the significant consequence. I hear today in my role as the assistant secretary of defense for Homeland Defense and Global Security as well as the principal cyber advisor to the secretary of defense, in which i oversee cyber policy in the department, lead the coordination of Cyber Efforts across the department and whether interAgency Partners, and integrate the departments Cyber Capabilities with its Mission Assurance and defense support to civil authorities activities. I appreciate the opportunity to testify alongside my interagency colleagues because these challenges to require a whole of government approach. Dod is developing cyber forces and capabilities to accomplish several missions in cyberspace. Today i will focus on our mission to defend the United States and its interests against high consequence Cyber Attacks, and i would execute that mission in coordination with our interAgency Partners. The departments efforts to build defensive capabilities to the Cyber Mission force, or cmf, play and especially key role in turning out this mission. For both the deterrent and response standpoint the 133 cmf teams that will attain full Operational Capability in september of 2018 are central to the departments approach to supporting u. S. Government efforts to defend the nation against significant Cyber Attacks. With the goal of ensuring u. S. Military dominance in cyberspace, these teams conduct operations also to deny potential adversaries the ability to achieve their objective and to conduct military actions in and through cyberspace to impose costs in response to an imminent ongoing recent attack. In particular, the cmf 68 Cyber Protection teams represent a significant capability to support a broader domestic response. These forces are focused on defending Dod Information Networks but select teams could provide additional capacity or capability to our federal partners if and when necessary. Dod is role in cyberspace goes beyond adversary focus in operations and includes identifying and mitigating our own vulnerabilities. Consistent with statutory provisions related to these efforts when working with our u. S. Domestic partners and with foreign partners and allies to identify and mitigate cyber vulnerabilities in our networks, computers, critical to the infrastructure and weapons systems. While dds dod is made significt progress there is more to do alongside with her as Agency Partners in the broader whole of government effort to protect u. S. National interests in and through cyberspace. The outward focus of dod Cyber Capabilities to mitigate foreign threats at points of origin complements the strengths of our interAgency Partners as we strive to improve resilience should a significant cyber attack occur. In accordance with policy, during cyber incident, dod can be called to directly support the dhs in its role as a lease for protecting, mitigating, and recovering from domestic Cyber Incidents or the doj in its role as a lead investigating, distributing, disrupting and prosecuting cyber crimes. The significant work of our departments has resulted in increased common understanding of our respective roles and responsibilities as well as our authorities. Despite this, however, as a government we continue to face the challenges when it comes to cyber Incident Response on a large scale and it is clear with more to work to ensure we are ready for a significant cyber incident. Specifically, we must resolve gap issues among various departments, clarify thresholds for dod assistance, and identify how to best partner with the private sector to ensure a whole of nation response if and when needed. Dod has number of effort underway to address these challenges and to improve both our readiness and that of our interAgency Partners. For instance, when refining policies and authorities to improve the speed and flexibility to provide support, and were conducting exercises such as cyberguard with a range of interagency and state and local partners to improve our planning and preparations to respond to Cyber Attacks. Additionally, the cyber executive order, 13800 signed in may will go a long way in identifying and addressing the shortfalls in our current structure. Although the department has several unique and robust capabilities, i would caution against ending the current framework and resigning more responsibility for Incident Response to dod. The reasons for this include the need for the department to maintain focus on its key mission, the longstanding tradition of not using the military for civilian functions, and the importance of maintaining consistency with our other domestic response frameworks. Its also important to recognize that he significant realignment of Cyber Response roles and responsibilities risks diluting dod focus on its core military mission to fight and win wars. Finally, putting dod on lead role for domestic Cyber Incidents would be a departure from accepted response, practice and all other domains in which a civilian agency have the lead responsibility for domestic Emergency Response efforts. And it could be disruptive to establishing that critical union of effort thats necessary for success. The federal government shouldnt maintain should maintain the same basic structure for responding to all other national emergencies, whether theyre natural disasters or Cyber Attacks. Theres still work to be done both within the department and with our federal partners to improve dod and u. S. Government efforts over all in cyberspace. Towards this and im in the process of reinvigorating the role of the principal cyber advisor, clarifying the departments internal lines of accountability and authority in cyber, and better integrating and communicating dod cyberspace strategy, plans, and train and equip functions. We will also be updating our dod Cyber Strategy and policies on key cyber issues such as deterrence and translate this guidance into capabilities, forces and operations that will maintain our superiority in this domain. The department is also working to ensure that several Strategic Initiatives it is undertaking come to fruition, including te elevation of u. S. Cyber command, the limitation of the cyber executive order, initiating the Cyber Excepted Service program, and rationalizing the departments cyber budget and investment. Our relationship with congress is critical to everything we are doing to defend the nation from high consequence Cyber Attacks. I am grateful for caucuses strong support and particularly the subcommittees interest in these issues and i look forward to your questions and working with you and your staffs going forward. Thank you. Thank you, mr. Chairman, thanks, committee, for offer me an opportunity to provide remarks on the Cyber Capabilities. As the committee is aware the frequency and sophistication of Cyber Attacks on our nation of increased dramatically in the past decade and only look to be growing. There are significant challenge challenges. The cyber domain to me is uniqe constantly shifting, changing and evolving. But progress has been made in improving structures and collaboration in innovation. But more can be done. Staying ahead of todays threats requires a different mindset than in the past. The scale, scope and complexity of todays threats in the Digital Domain is like anything humanity of our nation has ever experienced. Traditional approaches and mindsets are no longer suited to coping with the speed and complexity of the Digital Domain. We have to include the Digital Domain as part of the threat ecosystem instead of separating it as a mechanical machine this new era often called before the Industrial Revolution requires the fbi to rapidly assign, align and engage, and powered Network Teams who are purpose driven and have fears and unrelenting resolve to win. What does this all mean . What are we doing to meet and stay ahead of the new Digital Domain . Predict, impose consequences, thats what the fbi Cyber Mission is going. The Fbi Cyber Division and program is structured to address a lot of these unique set of challenges. In the field the fbi is made up of 56 different field offices spent all 50 states and u. S. Territories, each with the cyber squad, and each developing multi agency cyber task forces which brings technically, proficient investigators, and a list, sign ellis, from state and local. In addition to those field resources, Cyber Division offers Program Management and coordination and more technically advanced responders in our cyber action teams. The cat teams are in the cyber Rapid Response force that is on call and prepared to deploy globally in response to significant Cyber Incidents. Additionally at fbi headquarters we manage site watch, 24 hour watch center which provides continuous connectivity to interAgency Partners in an effort to facilitate information sharing and realtime incident management and tracking insuring all agencies are coordinating. In addition to the cyber specific resources come the fbi has other technical assets that can be utilized in the event of Cyber Incidents. These include our Operational Technology division, the Regional Computer Forensic Laboratory programs, and a Critical IncidentResponse Group providing additional expertise and capabilities and resources that the fbi can leverage at a cyber incident. Partnerships as absolute key focus area from the fbi. We rely on a Robust International presence to supplement our domestic footprint. Through cyber assistant legal attaches, the fbi and bedside agents with her inner counterparts with 18 to locations across the globe. The fbi also relies on private sector partnerships leveraging the National Cyber forensic allies, domestic Security Alliance to name a few. Billy deposit home through training, investigation and joint operations is where we are applying our efforts. Incident response, if you has the capability to quickly respond to Cyber Incidents across the country and skip its response to specific incident utilizing all its resources on the field, headquarters and abroad. We have the ability to galvanize and direct all available cyber resources instantaneously here utilizing dual authorities as domestic Law Enforcement organization and a member of u. S. Intelligence community, the fbi works closely with interAgency Partners within a whole of government effort to countering Cyber Threats. The fbi conducts Cyber Missions with the goal of imposing costs and consequences on the adversary and the we would like to arrest every cyber criminal we recognize indictments are just one tool in the suite of options that are available to Us Government when deciding how best to approach this complex cyber threat. The fbi understands the importance of incoherently joined with and will continue to find ways to work with an Agency Partners in responding to Cyber Incidents. We look forward to expanding our partnerships with Cyber Command given their new and unique capabilities and with the National Guards new Cyber Program in complement our field offices and cyber taskforces. All within the confines of current laws authorities and expectations of the American People. We at the fbi appreciate this committees efforts in making cyber threat a focus and committed to improving how we can Work Together to better defend our nation. We also look forward to discussing these issues in greater detail and answering any questions that you may have. Thank you, mr. Chairman. Thank you. Mr. Krebs. Chairman mccain, Ranking Member reed, members of the committee, thanks for the opportunity to appear before you today. In my current role performs the duties of their dissector for the National Protection and programs directorate i lead the department of homeland seekers efforts to secure and defend our federal networks and facilities, and the Systemic Risk to critical for such an approved cyber and physical security practices across our nation. This is a time hearing as during december, october we recognize National Cybersecurity awareness month, find a focus on how cybersecurity is a shared responsibility and ethics of the business, organization in america and is one of the most significant and strategic risks to the United States. To address this week as and if we Work Together to develop a much needed policies authorities and capabilities across the interagency with state International Partners in coordination with the private sector. Department of defense is eligible receiver exercise in 1997 laid bare our nation cybersecurity vulnerability and consequences initiating across government journey to respond to the growing cyber threat. Over the ensuing 20 years through a series of, orders and other documents omitted most recently with executive order 13800 we established an increasingly defined policy foundation for the Cyber Mission space. Roles and responsibility seven further bolstered by a partisan legislation providing executive branch and in particular dhs muchneeded others to protect federal and Critical Infrastructure networks. We can solidify the role by giving my organization and index reflects our Operational Mission and i look forward to working with you in that effort. Building of those policies and authorities the department continues to develop the operational capabilities to protect our networks. A National Cybersecurity and Communications Integration center or nccic is a center of gravity for dhs and cyber skewed operations. We monitor federal civilian enterprisewide risk picture that allows us to manage risk across the dot gov. It brings together partisanship of classified and unclassified threat information. Partners include representatives from Critical Infrastructure committee, state, local, and tribal governments, such as pacific liaisons from the department of energy, health and human services, treasury and defense, intelligence committee, Law Enforcement, fbi and liaisons of each of the cyber cities including u. S. Cyber command. They all sit with one another at nccic. We know we cant stop your in need of efforts to develop Scalable Solutions to manage systemic cybersecurity risks across the infrastructure. Last years president ial policy director directive further clarified rules and separates principles for the federal governments response to Cyber Incidents including formalizing the Cyber Response group and cyber unified coordination group. It required the department to update the National CyberResponse Plan or insert irp which was completed last january. Updating the ncr at pete and marshall insisted a local partners was a critical step in submitting our shared responsibility and accomplish three main goals. First it defines the role and responsibility of all stakeholders, second and identifies the capabilities required to respond to a significant cyber incident and third it describes with our federal government will coordinate its activities with those affected by a cyber incident. However focus with forward is to build on the with multistakeholder multistakeholder operational plans and Incident Response playbooks and that we must train an exercise to the consumer to identify and address the gaps that makes us. We are building on our Cyber Mission workforce within the framework of the ncirp with her hand and Incident ResponseTeam Exercise the tennis of the ncirp each day. We work across the stakeholders within the nccic to conflict this mission. Dhs teams are augmented with fbi and dod personnel to fight a more robust and corrugated response. This model of collaboration across Agency Cooperation will continue taking advantage of the strengths of each agency. To ensure were focus on the mission that you congress have passed as with we are prioritized so that all open cyber positions at dhs, crosstraining our workforce on Incident Response and create a cyber Incident ResponseSearch Capacity force modeled after fema for natural disasters that can rise to meet any demand. Before i close out like to add one last article olympic the Cyber Defense mission is much broader than just response. It encompasses preparedness and resilience and we must continually assess and improve our cybersecurity posture against the latest threats. Deny our adversaries opportunities to wreak havoc. Finally i like to reinforce one more time, weve made significant progress yet theres a a question with more to do. We must do it with a never before seen since of urgency. By bringing together all stakeholders we are taking action to manage a cybersecurity risk and improve our whole of government Incident Response even bows and become more resilient. I thank you for the opportunity to test for adult afforded to any questions you may have. Thank you, mr. Krebs, and thanked the witnesses. Im sure you can see that chart over there. Charts are always interesting, but this one, were going to need someone to translate for us because its an example, and i think an one, of the difference, the differences and authorities and responsibilities, none of which seem to have an overall coordinating office or individual. Of course, mr. Joyce absence here, whose job it is to do all this is an example, frankly, of the disarray in which this whole issue rests. And mr. Rapuano, to start with, you said that is not department of defense responsibility. Suppose at the russians had been able to affect the outcome of the last election. Wouldnt that fall under their responsibility and authority to some degree of the department of defense if theyre able to destroy the fundamental of democracy which would be to change the outcome of an election . Mr. Chairman, specifically, the issues associated with protecting elections from cyber incursion so youre saying cyber incursion is not something that requires the department of defense to be engaged in, is that correct. Was no. Im simply saying based on the state authorities and the state control of the election process in each state, there are issues associated with federal authority to engage so those issues could be corrected by legislation. They are not engraved in tablets, okay . So for you to sit there and say well but its not department of defense responsibility. It is. To defend the nation, the very fundamental, the reason why were here is because of free and Fair Elections. If you can change the outcome of an election, that has consequences far more serious than a physical attack. So i admin fundamental disagreement with you about requirements of the department of defense to defend the fundamental of this nation which is a free and Fair Election which we all know the russians try to affect the outcome. Whether they did or not is a matter of opinion. I dont think so, but for you to shuffle off this well, its not an attack, it is an attack of enormous proportions. It you can change the outcome of an election, then whats the constitution and our way of life all about . I think senator rounds will be much more articulate on the issue. So one, i disagree with your assessment, and one of the reasons why we have felt frustrated is exactly what you just said. Its exactly what you just said, well, its not the department of defense is job. Its the department of defense is jump to defend this nation thats why its called the department of defense. Mr. Krebs, numerous expert over the past few years have highlighted the need for dramatic change. According to the president ial commission on enhancing National Cybersecurity, and i quote, the current leadership and organizational construct for cybersecurity within the federal government is not commensurate with the challenges of securing the Digital Economy and supporting the national and economic study of the United States. General Keith Alexander, one of the most respected men in the world, said before this full committee in march quote, when we talked to the different agencies they dont understand the roles and responsibilities. When you ask each of them who is defending what, you get a different answer. Admiral jim cerritos, quote, the need to be a voice in the captain that focuses on cyber. Obviously there supposedly one there but he is not appearing before this committee, and that diminishes our ability to carry out our responsibilities. The list goes on and on. January 2017 center for strategic and institutional studies task force simply concluded quote we must consider how to organize the United States to defend cyberspace. And that it dhs is unable to step up its game, we should consider the creation of a new cybersecurity agency. The list goes on and on. I like to have your responses to these assessments ranging from a president ial commission to general Keith Alexander to the Atlantic Council to the center for strategic and International Studies task force. All of them are saying the same thing, gentlemen. All of them are saying exactly the same thing. I look forward to getting a translator who can show us what this chart means. Ill be glad to hear your responses. Mr. Rapuano. Mr. Chairman, i would say just on the issue of the election process the department is clearly there to support the response or the mitigation of potential threats to electoral process but it is something that when you look at the separation of authority between state and local governments, the lead for the coordination and support in our Current System is dhs here can we provide defense of authorities as requested support those needs and requirements. That obviously assumes that the department of Homeland Security has the capabilities and the authority in order to carry out that requirement. Whereas this cyber is warfare. Cyber is warfare. Cyber is an attempt to destroy a democracy. Thats what mr. Putin is all about. So to somehow shuffled off on to the department of Homeland Security of course this goes back to this problem with this organizational chart. So i steadfastly reject your shuffling off the responsibilities of cyber over to the department of Homeland Security, and we have included in the ndaa a requirement for you to do so. Mr. Smith, you want to respond, or mr. Krebs . Im happy to. Fundamentally, its a complex and challenging operational environment. Everyone of the agencies represented at the table today as you see in the bubble chart as its called has a unique contribution across the ecosystem. Without coordination . I would suggest that we are getting there, we are on the coordination. Ppd 41, the Cyber Response group and the cyber unified Cognition Group provide a foundation under which we can coordinate. We do work closely with mr. Joyce and National City council. However, from an operational perspective i think the department of Homeland Security and imi will as undersecretary have the direction and authorities i need to move out. The question is whether i have are winning or losing . This is a battle theres going to be going on for many years. We are still cant get our arms around it. This is not speak repeat my question. I would winning or losing . Its hard to assess whether we are winning or losing i was a were fighting this battle every day, working with the private sector. It is a complex apartment and i look for to working with congress speedy to you know for eight years with and trying to get a policy, for eight years weve been trying to get a strategy, for eight years weve been trying to get something besides this convoluted chart . Did you know that . Yes, sir. Ive been in my role for eight weeks. I understand your frustration. I share your frustration. I think we have a lot of work to do, and i think this is going to require both the executive branch and the Congress Working together to continue understanding exactly how we need to address the threat. When the coordinator doesnt show up for hearing, thats not an encouraging sign. Senator reed. I wish you would consider a subpoena to get the main witness. I think that has to be discussed in the committee. Well, thank you mr. Chairman, thank you, gentlemen, for your testimony. The chairman have raised the issue, russian involvement in the last election but our Intelligence Community essentially assured us that theyre going to come back and with more brio, whatever the right term is. Have you been told to prepare for that, mr. Rapuano . Has the Defense Department given direction to according to take all steps to advise the administration on what you can do to prevent, preempt tort respond to russian intrusions in 2018 . Senator cochran not aware of a specific direction in terms of a specific task associated with the election process. We are engaging on a routine basis with dhs and the rest of the Interagency Community to develop priorities and consider responses as well as mitigation measures. As i tried to note earlier, the competing authorities associate with electoral process really do call for a thoughtful orchestration of how we would direct and cast and engage with the state and local authorities. It really does need to be coordinated because each agency bring something different. Theres a private sector component, because most states get very significant support in terms of their Electoral Systems from five entities. We are certainly engaged in the process and were certainly available to support, but but you have been directed to start actively planning and coordinating with respect to the election specific . Not to my knowledge. Mr. Smith, have you been and your agency the fbi been told of the actively coordinating with respect to the 2018 election in terms of interrupting, preempting, responding to russian intrusions which begin the Intelligence Community practically assures us will happen . Yes. You have been . Yes. Would you describe what you been doing in the general terms . In general terms. We have not stopped since the last election, coordinating and keeping together an election fusion cell which is jointly located at hoover building and working with our interAgency Partners, not only on what had transpired and getting deeper on that but also working forward as to what may, towards us in the upcoming midterms and 2018 election cycles. So we are actively engaged both with outreach in the communities and the dhs and the Election Task force, along with every field office has a designated election crimes coordinator who is on the ground out there in the event of information coming towards us or any evidence that we would need to be aware of and react to. Mr. Krebs, same question. Absolutely. But ill tell you this, i did need anybody to tell me to stand up a task force or anything like that. The first thing i did when i came in eight weeks ago was assess the state of the election infrastructure activities and establish an election saturday task force which brings together all the components underneath within nppd but also works closely with intelligence and analysis component with dhs as those fda fbi and other partners. I think theres a lot more to do as director smith mentioned it were not just thinking about 18. 18. We think that the Gubernatorial Election coming up in a matter of weeks. Last week we work with 27 states, the Election Assistance Commission and establish a government coordinate in council, the body under which all the state Election Officials can come together, and provide a foundation to which coordinate security practices, share information. We are issuing security clearances to a number of Election Officials and in a matter of weeks will establish a sector chordate accounts which will bring the private sector elements to provide systems and technologies and support. Theres still a lot to be done. We certainly have worked ahead of us in the question they will come back and we will be fighting them everyday. You mention and several times you need to engage the private sector, and thats a challenge. In fact, it might be more important in this context that in any other since they lead, whereas in other areas like missiles, bombers and vehicles, its the government more than the private sector. But just quickly, some of the things we have to consider are sort of not responsible of this committee but legislation senator mccain and i are sponsoring so they would have to designate if they havent experts have said expert on the board or why not is a way which disclosed to shareholders but also to provide an incentive for them to be more keyed into cyber. Theres been some discussions cost talking to mr. Rapuano about using that terrorism reinsurance as way to incentivize. Without that i dont think well get the kind of buying. My time is about to expire but where are we in terms of private engagement . The threshold or some engagement or it still i actually came out of the private sector, spent the last several years and a Major Technology come to i managed in them of the cybersecurity policy issues. Either unique understanding of what it takes on the private sector side as well incumbent. We do have a number of private sector representatives within nccic and with the unique statutory authorities for coordinating with the infrastructure committee. We need to better refine our Value Proposition to get more companies to come in and share information with us but we do have the unique Liability Protection capability. One thing i think will enable our advancement is i mentioned, i need a name change. I need to be able to tell my stakeholders, my customers wanted to depict the National Protection and Protector Program director doesnt do anything. I knew something i do subsidy so i can go out and clearly communicate what it is on a daily basis that a depict i think thats a big step forward. You tell us the title you want decides president. [laughing] we will get you a tshirt, too. [laughing] thank you, mr. Chairman. The three of you can relax, because what im going to address is to the empty chair. And i know that this message will get through. There has to do with section 881 and 886, there is some provisions in the the senate vn of the ndaa specifically those sections that have raised concerns among the Software Developers critical to our National Defense. The purpose of these provisions are to make available to the public the source code and proprietary data that is used by the department of defense. Id like to submit with the record numerous letters which i will do in a moment, and documents from industry stakeholders that share my concerns with this language. While he understand the goals and intentions of the legislation, a great unintended consequences and impacts such as limit the software choices available to dod to serve the war fighter, increase costs to the department of defense by compromising proprietary nature of software or in limiting contractor options, and potentially aid u. S. Adversaries and threaten dod cybersecurity by sharing dod source code by placing it in a public repository. It also reduces competitiveness of American SoftwareTechnology Companies by opening the Software Contractors intellectual property and code to the public repository. And as we progressed into the conference report, i look forward to working with the Senate Armed Services committee on the way forward on this topic and recommend that we studied this issue prior to instituting new legislation. This is a provision that is in the senate provision senate bill, not in the house bill. And i would ask unanimous consent to include in the record at this point mr. Chairman these documents from stakeholders. Without objection. Thank you. Well, i wouldnt exactly say that the three of you should relax, but i will address more directly not only to the empty chair, but the general mcmasters, to general kelly, to the Vice President into the president. Did you realize that you handed out a chart that is five years old . The date on this chart is january of 2013. I mean, why in the world . That by the way, senator rounds is saying, acknowledging this, and want to say what a pleasure it has been to deal with senator rounds as the two leaders of the cyber subcommittee. And i can tell you we are alarmed. You heard the alarm in the voice of the chairman. Can we stipulate here that state election apparatuses, state election databases, can we stipulate that that is Critical Infrastructure . We have made that, the department of Homeland Security has made that determination and i have a subsection. Good. Therefore, a tampering or a changing or interfering with state election databases being Critical Infrastructure would in fact, be an attack upon our country. Can we stipulate that that would be the case . Why is their silence . Let the record show there was silence. [laughing] wow. So do you realize that you can change speedy could i just please. Cut i end deferent the witnesses . That the one to i, and thats why im referring my comments that only to the empty chair, but to the people behind that into chair, which is the National Security council advisor, general mcmasters, the fellow who runs the white house staff, general kelly, both the phone i have the highest respect and esteem for, and ultimately the Vice President and the president. I would go back and listen. I would defer to the intensity of the chairman to remarks, both in his opening remarks and his questions. You mess around with our election apparatus, and it is an attack on our country. So let me give you an example. It doesnt even have to be that the russians, man or the chine or some third party. Thats not a nationstate. We already know that they are in 20 of our states. We know that from the reports that a a been in the newspaper from the Intelligence Community. All you have to do is go into certain precincts, you dont enough to change the outcome of the actual vote count. You could just eliminate every tenth registrant, every tenth registered voter. So when mr. Jones shows up on election day to vote, im sorry, mr. Jones, you are not a registered voter. You multiply that every tenth th voter, youve got absolute chaos in the election. And on top of it, you have the long lines that result, and as result of that people are discouraged from voting because they cant wait in the long line and so forth and so on. This is the ultimate threat. I said so many times in this committee, Vladimir Putin cant beat us on the land, in the era, on the sea, under the sea or in space, but he can beat us in cyber. And to hand out a five year old data chart as to how were going to fix the situation just is totally, totally insufficient. I rest my case, mr. Chairman, and i wish you would consider a subpoena. And with the witnesses desire to respond to the diatribe . That eloquent that eloquent diatribe. One of the most historic statements in the history of this committee. [laughing] go ahead, please. Mr. Chairman, i would say just in terms of the department of defense his role, it is important to note that the National Guard in a number of states on the authority of the governors train cyber capable forces are assisting those states and their addressing come identifying vulnerabilities and mitigating those vulnerabilitie vulnerabilities. Part of them are part of the Cyber Mission force, and we certainly view quite appropriate the counter tasking and under state authority versus the department of defense attempting to insert itself into a process without directly being requested. Could i just say, sir, i can we are appreciative of what the guard is doing. We are appreciative of what local authorities are doing. We are appreciative of what all these different agencies are doing, but we see no coordination and no policy and a strategy. When youre ready to give that to us, we would be eager to hear about it. Senator fischer. Thank you, mr. Chairman. Those are hard acts to follow, your diatribes. But i would like to focus on Something Else now with regards to response. Gentlemen, one of the things that admiral rodgers has emphasized is the need to move liquor across the board and after threat detection, faster decisionmaking and faster responses. So mr. Krebs, can you walk us through the process by which an organization, and operator of a piece of Critical Infrastructure, for example, would reach out to you for help . I know the first tab to detect the threat, and i can take some time, but what does the process look like once they contact you . How long does it take to begin working with them, and are there legal agreements that must be in place before a Response Team could operate under network . Thank you for the question. There are of course a number of ways a victim can discover they have been breached. They had some sort of intrusion, working with the Intelligence Community or the fbi to notify them or the department of Homeland Security to an for them or of course one of the private sector vendors could discover an actor on their networks. How to reach out, there are a number of ways as well they can reach it. They can email, call the spirit we have local official cybersecurity advisors throughout the region, we have protected security advisers. They can also contact the fbi. Once we are aware of an incident, we will then do with intake process. Every incident is going to be different. Thats kind of a truism. Every incident can be different. In terms of time it all those depend on what the situation is, what kind of information they want to provide. We have to work to a legal agreement just to get on their networks and assault government equipment and take a look. That can take time. It can depend on the legal backandforth, hours or even days. But i would view this as kind of an elastic spectrum. It could take, talking hours, a couple days to a week. It all depends on the nature of the breach. If you determine that dod has to be as involved in the response as part of that team, i assume is going to take more time then . And does that decision currently rests with the president , is that correct . We do a fair amount of ordination with the department of defense. In fact, we do a crosstraining with an Incident Response matter. We do have blended teams that go up to the field for investigations that could be fbi or dod assets. In terms of the decisionmaking process we do have agreements in place to live in understanding and place that we dont necessary have to go to the president. We dont have to go to the secretary level. There are sub level understandings that we are able to use, use each others resources. Those agreements would also cover what types of military systems that will be needed . Its a support function, but we are typically talking personnel. Mr. Rapuano, did i say your name really misted up, didnt i . Rapuano. Other concept of operations that define the specific requirements that dod forces to be asked to fulfill and prioritize ssn or sectors that should be defended from cyber attack if were going to have a high and conflict . The focus of the domestic response capabilities, the civil authorities when it comes to cyber are those defense and those protection teams out of the Cyber Mission force. Those are skilled practitioners who understand the forensic issue, the identification of the challenges of types of malware and different approaches removing the malware from the systems. As mr. Krebs noted, the defense support authority. Request for assistance from dhs to the department. We have authorities all the way down to commanders, specifically Cyber Command. Admiral rogers has the authority and a number of very to direct attach those assets. Then comes up to me and for certain areas the secretary requires his approval. But most of these things can be done at lower levels and we have provided that assistance previously to dhs. Do you have the policy guidance in place if there is a high end conflict, is it a a firstcome firstserved . Do have a way that you can prioritize how youre going to respond . Absolutely. A high end conflict for which we are receiving Cyber Attacks and threats in terms of against our capabilities to project power, for example, would be the utmost party for the department as well as attacks against dod Information System if we cant communicate internally he cant defend the nation. Those are the equivalent of hard brain lung functions, equities and capabilities we prioritize. We have resources that are available and less tapped by those uppermost priorities and then becomes hard decision times and. Translator reply assets for domestic and Critical Infrastructure protection for example, or to protection of other dod capabilities. Thank you. On behalf of chairman mccain let me recognize senator shaheen. Thank you, senator reed. Thank you to all of her witnesses for being here this morning. I share the frustration you hearing from everyone on this committee about decisions that have not been made actually with respect to Cyber Threats affecting our nation. One example is the use of casper ski labs Antivirus Software on u. S. Government systems, casper ski labs as reported links to russian intelligence and it is based in moscow, subjects quite get the crimmins intrusive surveillance and interception laws. We just had a recent report of casper ski his role in a successful russian Cyber Operation to steal classified information from it nsa employees home computer. And yet they remained on the list of approved software for way too long now. This committee put an amendment in the ndaa that would have prohibited the use of that software by the department of defense, and im pleased that find weve seen the Administration Act on that. But i think it really raises the question of how we got to this point. So what standards were used in approving Kaspersky Labs as an appropriate choice to fill the escarpments Antivirus Protection needs . Does the government that the origins and foreign business dealings of cybersecurity firms and Software Companies before these products are used in our systems . And her Companies Looking to contract with the Us Government required to disclose all there for subcontractors as well as their works and you do with Foreign Governments and maybe a threat to the United States . So i will throw those questions out to whether would like to answer them. Thank you for the question. As you know the directive we issued several weeks ago just over a month now, 30 some odd days ago, required federal civilian agencies identify casper c products if they have them and it led played governmt and over 90 days. What that tells me is we saw a lot of work to do in terms of the processes that are in place, to assess Technology Products that on this of a speedy i create thats what im asking those questions. I dont mean to enter up but ive limited time and what it would like to know is what you can tell me about what standards we use, how do we vet this kind of products and how do we ensure that we dont have another case of kaspersky being used in our sensitive Government Systems . If i may suggest id like to come back with the General Services administration to take a look at that which you and give a more detailed briefing on how we do that. Thank you. I would appreciate that. Also, mr. Rapuano, i appreciate your taking some time this morning to spend a few minutes with me to talk about the hewlettpackard enterprise, which allowed the Russian Defense agency to view the source code of software used to guard the pentagons class of Information Exchange network. Can you tell me how is the disclosure of our source codes to other entities a usual way of doing business . How did that happen . Senator, the details on that as i shared with you this morning, were working that. Our cios beating that effort. I can get you Additional Details with regard to our procedure to regulate approach but we can follow up with those details for your. Thank you. Appreciate that. That was a rhetorical question to raise the point again that i have serious concerns about the attention where paying to these kinds of issues. In april dod Logistic Agency said, quote, hp software and hardware are so embedded that it could not consider other competitors quote absence and overall of the current i. T. Infrastructure. Do you believe thats what is required and how he were goino address any of these problems if we say we cant take action because it would create a problem in responding throughout other areas where we do business . Again, i appreciate that youre going to respond to the concerns that i laid out, including that one at a later time. Im almost out of time but i just had one question for you, mr. Krebs, and that is on this notice of this hearing, you were listed as performing the duties of the under secretary for the National Protection and programs directorate that you said you been on the job for eight weeks. What does that mean . Yes, maam. Thank you for the question i have accident with lifted parva since march 2017 was a counselor to general kelly. He moved to the white house of scores and soon after that i was appointed by the president to be the assistant secretary for infrastructure protection. In the meantime we have an open vacancy at the undersecretary position so as the senior official within the National Protection and programs directorate i am the senior official performing the duties of the undersecretary. My appreciation for you and the Ranking Member for elevating this particular discussion to the full committee status. Senator nelson has been great to work with and i appreciate the bipartisan way he has approached the issue. Wish we had the same type of cooperation this morning with mr. Joyce coming to visit with us. I personally did not see this as an adversarial discussion today. I saw this as one in which we could guinn a cooperative effort to discussion how to take care of the seams that actually we believe exist between the different agencies responsible for the protection of the Cyber Systems in our country. This particular chart, i believe senator alexander indicated over general alexander indicated there were over 75 different revisions to this particular chart when it was created. Let me just to clear the record, do any of you have a more updated chart than the one provided today . No . No. Okay. For the record that was done in 2013. Yet at the same time i just for mr. Krebs, let me just ask, as i understand it, dhs is responsible for the protection of some but not all of the crediting infrastructure in the United States. When it come thursday Energy Detector the department of energy is the lead agency. Is that correct . , that is correct. Where does it fit in the chart other. Is an updated piece of policy surrounding this if mentioned thats progressive policy arc. The unmuscle moments hold and have been reflected in president ial policy directive 41. We have an updated chart someplace . I may have Something Better than a chart. I have a plan and a policy around it. Ppd41 which lay out the responsibilities of respective organizations. All of you are working on the same level as mr. Krebs has shrined here with the information he has . I yes or no would be appropriate. Yes. Yes, senator. Thank you. Then i appreciate that because what really bothered me if this was not update or had been working on anything since 2013 hen the change owes cured. Let me ask you quickly, just curious, it would seem to me theres no doubt there are three types of barriers we need overcome in order to strengthen the collective Cyber Defense over the organization, Legal Organization and cultural. Have any of you identified legislative hurdles that restrict or inhibit enter eight gap offered seams for the collective Cyber Defense . Mr. Rapuano . I would just note, when you look at the National Response framework that we use for noncyber but kinetic in state actor or national events, you have seen since katrina is a maturation of a similar process. Many disparate roles and responsibilities and authorities and many different target stakeholders who may require assistance, from local, state, all the way up. And this system, in the National Cyber response framework is based closely on the National Response framework. Were obviously in a more nascent stage when it comes to cyber all the aspected but i would just say, if you look at the last several months in terms of very significant multiple hurricanes and what i think overall, in light of the consequences, with a very effective federal response, has been a dramatic evolution in our ability to work as a whole of Government Team when it comes to complex problems with colliding authorities. I have one more questions. Get yours gist. We can either have defense here within our country or we can have defense which is to try to stop something in terms of a cyber attack before it actually gets here. That involves not only a cyber system which is universal, involves talking about systems that are sometimes in our allys country, sometimes countries not necessarily our friend but in areas where theyre actually the bad guys located who are creating the attacks themselves. What are your views on the sovereignty relating to Cyber Security . Let me just before you answer this, in afghanistan, regardless of what you think about the strategy, the longstanding undertone that justifies why were still there is fighting the enemy abroad prevents another major attack at home. In this context its a defensive strategy played out via offensive maneuvering. As we evolve cyber the Cyber Intelligence field its inevitable well start to think of Cyber Defense in this offensively minded way. Id like to hear you thoughts on the sovereignty and where we ought to be fighting the battle to stop the attacks before they get here. Senator, thats a very important question. As i think youre aware, the concept of sovereignty are still molding to some anything the sense there are differing views with regard to what constitutes sovereignty and what type of scenario it is mr. Chairman dish heres the key part of this. These facts are going on now these attacks going on now, talon 1. 0 and 2. 0 are discussions what our allies are working at in terms of sovereignty issues. In the meantime we have a gap in time period and have to decide where the actually defend our country against the possibility of existing attacks today, tomorrow, and next week. Unless we have a current strategy with regard to how we regard sovereignty and where we will actually go to defend our Critical Infrastructure. Could be we have that o. The book today and are you prepared to say where we know we would defend get the attackers and we prepared to take them beyond our border. Senator, yes, we can do, and the detailses of our current posture i think would need to be deferred to a closed hearing. Very good. In smith, mr. Krebs . Its a home and away game. We have to get them over there, at the same time we need to be protecting our infrastructure here. I work very closely, for instance, with the Electricity Sector, and the Electricity Sector coordinating council. Im on the during the hurricanes i was on the phone with the major cos of major utilities daily. Every 5 00 p. M. With secretary perry we talk about the status of the Electricity Sector. We have to start here, network progression, close out to the gaps, mitigate consequences, at the same time we have to take down the threat actor. Its a whole of government best athlete approach. Thank you. Thank you, mr. Chairman. Apologize for going over but its a critical issue we have to address. Thank you. Thank you, mr. Chairman and thank you for holding this critically important hearing and to the excellent witnesses before us today. This week the New York Times published an article and im going to submit it for the record assuming theres no objection children do details north koreas Cyber Attacks estimated to provide the north korean government with as much as 1 billion a year. That figure is staggering. Its equivalent to a third of that countrys total exports. North koreas ransom ware attacks and Cyber Attacks on banks around the world are producing a funding stream for that country which, in turn, fuels the Nuclear Program and a funked source that must be stopped at a time when the United States is leading efforts to sanction exports of coal, labor, textiles and other products in order to hinder north Koreas Nuclear ambitions. We also have to focus on additional Funding Sources and this cash flow ought to be priority number one. Tough rhetoric must be supported by tonight action, and practical measures that make clear to north korea that this kind of conduct will be answered. So, the question is, what actions are being taken to combat their offensive Cyber Operations and address this cyberve cyber revenue, and i know you may not be fully at liberty to discuss the steps in this forum but id like you to do so to the extent you can because north korea node what it is dumb. Youre not going reveal anything to north korea. The American People deserve to know what north korea is doing. And they dont. So, this is a topic that i think ought to be front and center for the administration and for the congress and for the American People, and i look forward to your responses. I would simply say, yes, senator, we do have plans and capabilities that are focused and directed on the north korean threat in general, and on the specific activities. That you have noted. Think it would be most appropriate to go into details in closed session. Senator, i would just say that we continue to work with our foreign partners in informationsharing wherever possible, whenever were able to assist them in identifying these type of criminal activities and provide them also Technical Assistance whenever asked or engaging with them in joint operations, and whenever possible we are always looking to link it back or coordinate some indictment or investigative some joint operations that would bring to light the people or the nation states that are conducting those activities. Ill pile on here. Im actually providing a little detail on a particular unclassified activity. Working very closely with the fbi, we designated one effort called hidden cobra, and we have a hidden cobra page that speaks to a bot net infrastructure, command and control infrastructure, that has certain indicators that, look at this, track this down, wife, federal partners where the command and control infrastructure may be in another country and we share that information and are looking to take action against it. Not just a whole of government approach. This is an International Problem and with International Work and we have been partnering with unlikely partner. I agree with an International Problem with International Solutions but we provide the main solution and we are in effect victims, substantially if not primarily, of the problem, and i understand, mr. Rapuano, we have plains plans and capabi. Im not fully satisfied with the idea that those forward oriented measures of action are sufficient. I think we need action here and now. The lazareth group, north korean linked cyber crime ring stole 81 million from the Bangladesh Central Bank account at the new york federal reserve, which would have been one billion dollars but for a spelling error, fairly rudimentary spelling error on the part of the north koreans. Theyve also been tied to the wanna cry attack this year and the sony attack in 2014. This week they are being linked to a 60 million theft from the taiwanese bank. Measured in millions, given the way we measure amounts of money in this billion, which in this week with our budget is in the billions and trillions, may seem small but it is substantial given the north korean economy and its side. So, im hoping that in another setting we can be more fully briefed on what is being done now to stem and stop this threat and i appreciate your good work in this area. Thank you. Thank you, mr. Chairman. Thank you, gentlemen, for your willingness to tackle these issues, and i think it goes without saying that your level of success in these areas will really influence american democracy for many, many years, as well as decades to come. So the conversation today so far has been focused very much on Cyber Defense coordination, which is we would all say is very important. However, coordination doesnt do any good without the proper understanding of our capabilities across the government. That is why i worked with senators coon, fisher and gillibrand and you have a shoutout to Program Within in the National Guard. So, for each of you, how do you assess the capabilities of the individuals and the organizations under your charge . Because we see this lovely chart, which very old, but you do have a number of organizations that youre responsible for. How do you go in and assess what that organization can actually do . Is it effective . So, its great to say, hey, we have a cyber team in doj or whatever but how do you know theyre effective . Can you explain how you assess that . Well start with now, mr. Secretary. Thank you, senator. That is an excellent question and does represent a significant challenge. We have a lot of disparate organizations that have cyber equities andunder developing Cyber Capabilities and within the department of defense we have really committed in ernest to start to better understand the crosscut in terms of services, commands, the full range, including thank you National Guard. What are their capabilities, what specific skills are theyre develop, what professional Development Program could be have to recruit, train and develop very attractive career paths for the best and the brightest. So we have a number of initiatives, starting with the Budget Initiative so when you start the cr budget formulation, apples to apples, ininstead of what it has been historically, which each service or organizations conception of what constitutes training or different elements of their budget, and we did a first run this year that was off the budget cycle just to get us in the road to progress, so to speak, and we found we really have got to ensure theres competent definitional issues so were defining things the same way. The other area in terms of National Guard, we track National Guard cyber capability development, training, how they fit into the Cyber Mission force. One area we have a challenge with is under state status, we dont have that same system of consistent definitions. Thats something that were working at, but we definitely recognize the critical importance of having that common ability across multiple front i appreciate that and thats good to understand that now and get the worked out, those details, and discrepancies work out. Mr. Smith, how about you . On hour our technical side were on the job with that routinely. Theyre currently actively engaged in incidents, incident and following up on the threats and investigations. We have spent a significant amount of effort in enhancing those, particularly at a much higher level on the Cyber Technical side, but in addition to that we have taken steps to significantly elevate the entire work force in the Digital Domain. We have created on the job training which allows noncyber personnel to be taken offline from investigating other matters to enhance the cyber capability so when they go become after a couple of months, theyre capable of bringing both the normal traditional investigative methods along with the current modern digital investigative requirements. Longing looker term, though, when we are talking about the work force of the future we have been collaborating on a much more local level with stem high schools programs in developing and building a future work force as opposed to trying to compete with everybody here and with the private industry, which can offer things and more benefits at times than were capable of, but by building in, in an fbi cyber stem programs, bringing local University Courses to High School Students at an earlier age and supplementing that with some Leadership Development in those high school ranks; looking longterm, building a work force that will augustment and maintain the necessity we all require and were talking about near this digital arena, working with the noncyber elements, intern cyber people are at a very high level. Im running out of time. Mr. Krebs, if you could submit that to us for the record i would be appreciative. One thing, as we look across the board, is really assessing the organizations that fall under your purview, make sugar were not duplicating services amongst our agencies as well, and operating as efficiently as possible. So thank you very much. Thank you, mr. Chairman. Thank you, mr. Chairman. Im glad that were having a discussion about the integrity of our elections and as being fundamental to our democracy. Mr. Krebs, is a look at this chart, even if its dated, your responsibility at dhs is to protect Critical Infrastructure and you did say you have you have an Election Security text force. Do you consider dhs to be the lead agency on make sure our election systems are not hacked . Maam, we do have unique statutory authorities to coordinate protection activities across the Critical Infrastructure, and as a digs nateed critical structure, subcertificate yes. Do not physically protect those networks. I enable state and locals and private sector to have better practices. But you would be the lead federal agency that would have the responsibility to work with the state and local entities to protect our election systems . From a Critical Infrastructure protection perspective, yes, maam, alongside the fbi and Intelligence Community. Were just looking for wrestling with the idea of who is responsible for what. Id like to get down with regard to the election system wed should look to dhs. Thats all i want to know. Guest i hope your task force is adjust thing purchases of political ads by foreign countries. Hope thats one of the things that your task force will address and whether theres ad in for legislation to prevent that kind of those kind of purchases. I want to get to a question, too, mr. Rapuano, Data Protection is obviously an important issue wherever i industrial espionage being carried out and the dod requires contractors to provide Adequate Security for cover defense information that is processed, stored or transmitted on the contractors internal information it . Or network, by december 31, 2017, contractors must at a minimum implement security requirements to meet National Institute of standards and technology standards, nist. So, my question, mr. Rapuano, can you talk about the importance of having industry comply with this requirement and how to you are working with industry to get the word out so that everyone is aware. I would say Small Businesses that yall work with. Theyd knee to node theyre supposed to be doing this. Yes, senator. The primary focus is the Defense Industrial space where we have the highest frequent and most significant dod programs prograd engaged with this private sector elements that work with the department of defense. I work that closely with the chief Information Officer for the department. I can get you Additional Details on the processes for doing that and id like to make sure that, is a mentioned, particularly Small Businesses, who may not be aware of this requirement, that they are very aware and that they can have enough time to comply because december 2017 is right around the corner. Whatever you have, fliers, whatever you use to get the word out. For mr. Krebs, you mentioned in your testimony how cyber actors have strategically targeted Critical Infrastructure, specifically you identified two mallware attacks called black energy and hafax targeted Industrial Control Systems and doesnt take a wild imagination to think of how a sophisticated power attack to power Plant Control Systems could cause a massive disruption with grave consequences. What is being done by dhs to encourage the private sector to harden their defense of Industrial Control Systems . Host yes, maam. Thank you for your question and i share your concern, particularly with respect to those two tool kits. I think i would id answer the question two ways. One in end point protection. We work closely with the Electricity Sector, with the sect sector coordinating council, and that particular again, from a grid perspective. Then through our Industrial Control Systems, the ics, we look at more capable solution is mexed in my opening staple. Not the whackamole approach at the individual facilities but trying to understand what the actual individual control systems are, who mars them. It does tend to be a smaller set of Companies Rather than 100 or 100 end pointed. We good to the root of the problem, the system nick problem, address that at the manufacturer or coder level, and then from there kind of break out and hit those end points. We look at the end point and also work at the root problem. You perform outreach activities through ics to make sure that, for example, the Utilities Sector is adequately among other mechanisms, yes, maam. Thank you, mr. Chairman. Thank you, mr. Chairman. Thank you for being here. One quick question from the perspective of my privilege as the personnel subcommittee chair. What trendses, either positive or negative, are we seeing it . Is rapuano . Is that correct pronouncation . Yes. You mentioned i think earlier when i was here about the National Guard playing some role at the state level. Can you give any idea of a positive or concerning trends about the resource were getting into the various agencies to really flesh out our expertise to attract and retain them and to grow them . I would simply say i think its been a common experience for my colleagues at the table here is getting the best talent is a significant challenge in the cyber realm for obvious reasons. Theres a variety of reasons but what would you list as the top two or three . A very high demand signal throughout the entire economy. The compensation that individuals can get on the outside of government is significantly greater. We are trying to address that in terms of our Work Force Management process, and we have some additional authorities that were applying to that is a believe other agencies have as well. But again, its a demand versus supply question. We have had this discussion before and actually senator round and i talked about it, be very interested in feedback you can give us on things we should look at, as possible subject matter for hearings for retention. I worked in the private sector and had a cyber subpractice, ethical hack testing practice in the private sector, and what youre up against is not only a higher baseline for salaries but also up against what the industry would call hot skills. These are very, very important skills, and so just when you think you have caught up or got within the range on the baseline comp, firms like the firm i worked with, both Price Waterhouse and ibm says we have to have a signing bow newspapers and retention measures that make it impossible for a Governmental Institution to stay up with it. Ill be brief because we have votes and i want to stick to the time. Want to associate myself with comments and questions made by senator enhoff and senator should high. ll go back to the record to see how you responded itch want to get more of an idea of the scope and scale of nonclassified software the depth uses, as a percentage of the entire portfolio, what are we looking at, at nonconfident nonclassified software as the percentage of the base, is it suv to same its in the thousands, in terms terms of soe platforms, tools, the whole portfolio. Thats a question have into our system and the cio office, and i can get that information back to you as soon as i get it. I would have to get back with you with more specifics. I think it would be helpful. Im sure we have application portfolios dish hope, i should say were following best practices and somebody out there in the ops world knows what our portfolio and is howl they fit into the classified and nonclassified realm. That would be helpful. ll yesterday back the rest of my time so other members can get their questions in before the vote. Thank you, mr. Chair. Mr. Krebs, just want to make you feel better about your title. Enjoyed that interplay with senator shaheen. 40 years ago i worked here as a staff member and was seeking a witness from office of management and budget from the administration. They hes a deputy secretary under such and such. I said i dont note what they title minneapolis. The response was and you can take this home with you tv dehighest level where they still know anything and i realize eyeful above that level. But i appreciate having you here. I think you fellas understated one important point and i dont understand why the representative from the white house isnt here because i think he has a reasonable story to tell. On may 11th, the president issued a pretty comprehensive executive order on this subject that is not the be all and end all on the subject but is an important beginning in terms of heres my question. In that executive order there were a number of reportback requirements that triggered mostly in august. My question is, have those reportbacks been done . Mr. Rapuano . Senator, theyre starting to come in and as you note there are a number that are still due out. Just interest m were 180 days and in 90 days. I wonder irthe ones from august have come back. I dont have the full tracker with me here. I again get back. I would appreciate that. Some have been submitted with the original timeline and others extended but absolutely those are the essential elements of information necessary to fully develop and update the strategy to the evolving threats and build that doctrine and requirement and plan. You use the key word of doctrine. I want to talk about that. By the same token, this committee passed the Congress Passed as part of the National Defense authorization act last december, a Provision Requiring report from the secretary of defense to the president within 180 days, and from the president to the congress within 180 days. That report would have been due in june from the secretary of defense involving what are the military and nonmilitary options available for deterring and responding to imminent threats in cyberspace. Do you know if that report has been completed. Yes, senator. It was our original intent and desire to couple the two with the input in the president s eo and the input back to the senate. Based on the delay of the president s e of we decoupled that because we recognize your impatience so well be submitting it to you shortly. Shortly doesnt make any feel much better. Is that geologic time or calendar time. Please let us know. You mentioned the word doctrine, and i think thats one of the key issues here. If all we do is try to patch networks and defend ourselves, well ultimately lose there has to be and mr. Smith, you used the term impose consequences. Right now, were not imposing much in the way of consequences. For the election hacking, one of the most egregious attacks on the United States in recent years there were sanctions passed by the congress but it was six or eight months later and unclear how severe they we need a dock trip doctrine where our adversaries know if they do x, y will happen to them . Just being on defers si wont work. Youre in the boxing match and can bob and weave, if youre not allowed to ever punch youll lose the boxing match. Yes, senator. Its certainly agree that both the demonstrated will and ability to respond to provocation in general and cyber specific, is critical to effective deterrence. I think the challenge we have that is somewhat unique in cyber is defining a threshold that then does not invite at very seas to inch up close but adversaries to inch up close but not on to it. Its important omake thyme hi lie specific slurs generally and the downside of the general its too ambiguous to be meaningful. Part of the problem is we want to keep secret what we can do when in reality a secret deterrent is not a deterrent. This other side has to know what is liable to happen to them, and i hope youll bear that in mind. Think this is a critically a important area because we have to have a deterrent capability. Otherwise, we know this is coming. So far there havent been much in the way of price paid, whether it was sony, or Anthem Blue Cross or the government Personnel Office or our elections. There have to be consequences. Otherwise, everybody is going to come after us. Not just russia but north korea, iran, terrorist organizations. This is warfare on the cheap and we have to be able to not only defend ourselves but to defend ourselves through a deterrent policy, and i hope in the counsels of the administration that will be an emphasis on your no your response. Yes, i agree, senator. That is the point of the oe in terms of the detention option set to understand them in the wider context of our capabilities, different authorities, and to start being more definitive about the deterrent options options and he them. Thank you, are in chairman. I want to return to that. I keep hearing the words but dont see something specific in place, and we have struggled with this for years on this committee now. Imagine that tomorrow we had a foreign nation state cyber attack on our financial or Banking Sector or next month on our utility or our Transmission Infrastructure or next year on our elections, and i would suggest that any of those would cross the threshold. What is our doctrine for how, when, and with what level of proportionality were going to respond to that kind of a cyber attack . Mr. Rapuano. First id note that obviously our deterrence options are expansive beyond cyber per se. So cyber is one of a large number of tools, including diplomatic, economic trade, military options, kinetic, including, and then cyber. So looking at the broad space i agree wholeheartedly, shouldnt limit yourself to responding in kind with the same level of or with the same toolbox, but do we have a doctrine, because if we dont have a dock doctrine in the cold war we knew what the doctrine for the other side was and they knew what our doctrine was and that kept us from engaging in conflicts that neither side wanted to engage in. Do we have an overall structure for how were going to respond and if we dont, would suggest we have no way to achieve deterrence. We do not have sufficient depth and bread of the doctrine has we have been discussing and thats one of the primary driver offered the executive order. The 13800. To have the essential elements to inform the doctrine. The chairman has been asking for an overall plan for i dont know how long, and i think that is what were all going to be waiting for, and i wish i could ask the same question of mr. Joyce, but maybe in a future hearing. For any of you, spent a good part of yesterday looking at russian created, russian paid for facebook ads, that ran in my state and in places across the country, and were clearly designed to divide this country as well as to have an impact on our elections. What is the administration doing to make sure that in 2018, were not going to see the same thing all over again . Dont all speak at once. Let me start with the election infrastructure subset. From a pure cyber attack perspective were working with state officials to update their defense. With regard to the ad buy, its an emerging issue were assessing and i can defer to the fbi on their efforts. Its not emerging. It emerged. We have been trying to get our hand its around this for close to a year now, and we still dont seem to have a plan, and that worries me enormously. We have special elections in place. We have Gubernatorial Elections in place, and we are continuing to see this kind of activity and we need to get a handle on it. Let me go back to your issue of election infrastructure. As a number of people have mentioned it has been widely reported that there was cyber intrusion into state level voting infrastructure, and it was its my understanding that dhs, before you got there, was aware of the threats well before last years election, but only informed the states in recent months as to the nature of the intrusions in those specific states. Why did it take so long to engage with the subject Matter Experts at the state level and is there a process now in place so that we can get those security clearances that you mentioned in a timely way so that the conversation can head off similar activity next year . Sir, thank you for the question. I understand that over the course of the last year or so, officials in each state that was implicated was notified at some levelful as we continue to study the issue and got a fuller understanding of how each state has perhaps a different arrangement for elects, you in some cases its state, local, chief election official, a cio for the state, cio nor networks, Homeland Security adviser. As we get arms around the problem and the governance stuck tour in 50 states and territoriesing, we have better sense of here their fuller range of notifications we need make. When you think about the notifications of september 22inch that was a trueing up, perhaps, of each state saying, we let these officials now. Wouldnt characterizes a just let them know then. Its we broaden the am aperture and give them context around what may have happened. Im working on legislation and have been working with the people secretary of state from my state and then who is obviously involved in the National Association of secretaries of state. Its not rocket science. It is basically building a spreadsheet of who and at what level and when we see things happen in a given geographic area, pull out the book and figure out who you need to be talking to, and we need to make sure that is in place. Yes, sir, were actively working that right now. Senator mccaskill. Thank you. To reiterate some of the things said previously but in the empty chair is outrageous. We have a Foreign Government go at the heart of our democracy, 0 Foreign Government that wants to break the back of every democracy in the world, and it a very smart senator i heard say in this hearing room, who cares who they were going after this time it will be somebody else next time, and i am disgusted that there is not a representative here that can address this. Also am worried could i ask interrupt, senator, and just say that we need to have a meeting of the committee and decide on this issue. I believe you could interpret this as a misinterpretation of the privileges of the president to have counsel. He is in charge of one of the major challenges, major issues of our time, and now he is not going to be able to show up because he is, quote, 0 counselor to the president. Thats not what our role is. Thats never i think in any other situation, lets take out the president , take out russia this circumstance would not allow to be stand bid the out senate typically. I agree. You would know more about that than i wouldover been here longer. This is something that we need in these times when theres an issue every day that is royleing this country we have tendency to look pasts things that fundamental to the oversight role here in the senate and im glad that the chairman is as engaged at he is on this issue and i look forward to assist. Im this should not count against the senators time but well have a full Committee Constitution on it and i thank the senator. Im worried we have no nominee for your position so if the white house reviews this testimony i hope they will understand that your job is really important. Im not taking sides as to whether or not youre doing a good job or bad job but the point is we dont need the word acting in front of your name for this kind of responsibility in our government. Im unfortunately the chairman of the committee im ranking on, Homeland Security, has chosen not have a hearing, believe it or not, on the election interference so this is my shot and im hoping that the chairman will be a little gentle with me because i havent had a chance to question on some things. Why in the world did it take so long to notify the states where there had been attempt to enter their symptoms, their voter files . I again, maam, is a mentioned earlier, its some point over the course of the least year, not just september 22nd, an appropriate official, whether the owner of a infrastructure, private sector own, or local official, state official, state secretary, spun someone was notified. Shouldnt all of the secretaries of state have been notified . Isnt that just like a, duh. I share your corn. Over the course of the last sever months we hat a trueing up and have opened a sort of governance structure per each state. The folked that need to be notified. Whats the explanation for state being told one day it had been and the next day it hadnt been. How did that happen . I understand the confusion that may have surrounded the notification of september 22nd there was additional context that was provided to the individual states so in one case perhaps the election System Network may not have been scened or targets. May have been another state estimate analogize that to the bad guy walking down the street and checking your neighbors do to see if they had a key to get intounder your house. Its not always that theyre knocking on the network. They may be looking for other ways in through other networks doesnt change the fact that the secretaries of state should have been immediately been notified in every state, where there had been knocking on a neighbors door or their own door. The bottom line is we good news is we have a disseparate system in our country so its hard to find one entry point. Bad news if we dont have clear information going to the secretaries of state, then they have no shot of keeping up with the bad guys. Thats right. Going forward we have that plan in place. We have governance structures. We have notifications, as i mentioned earlier. Security clearance processes ongoing for a number of officials and well get them in the information they need when they need and it can act. They dont want to take advantage of your offering, which is terrific youll check their systems no mandate no hook, no expense, i talked to secretary of state of missouri and he was saying, listen, theyre not even talking to us. This was before september but i do think somebody has to take on the responsibility of oneonone communication with 50 people in the country, plus i dont know who does voting in the territories but as to what is happening, what youre doing, what theyre doing, this im not exactly im not really enmammor offed the idea of moving off of this to dod. Hwaot do we to the work fort there bee reluctance to participate fully if it was directed be in dod but the chairman rod point, if you dont begin a more seamless operation with clear lines of accountability and control, we have no shot against this enemy. None. And it worries me that this has been mishandled so much in terms of the communication between the states that are responsible for the validity of our elections. Let me talk about kasperski. How are you going to make sure its out of our systems . A little over a month ago we did issue a binding operation direct disfor federal if theyve got another 90 days to get stuff because youre giving them long time. Yes, that is a 90day process to identify, develop plans to remove. May be budgetary implications and then 30 days to execute. We have seen a number of activities in the intervene ing 30 plus days of people taking it off. Let me just ask you do. You think if this happened in russia, if they found a system of ours that was looking at all of their stuff do you think it would theyd tell their agencies of government you have 90 days to remove it . Mam seriously . I learned not to predict what immean, really. The point im trying to make is, why dont you say you have to do it immediatefully. Maam, there are you cant just rip out a system. There are certain vulnerabilities that can be introduced by just turning a critical antivirus protect off. We need to have a process in place that you can replace with something that is effective. In meantime were able to put capabilities around anything that we do identify to monitor for any sort of traffic. Does the private sector fully aware and are Government Contractors fully aware of the dangers of the kasperski system . We have shared the bioperational directive with our partners, including state and local partners and working with our interAgency Partners as well. Were sharing risk information. Is that a little bit like sharing with the appropriate people at the time but not the sects of state . Needs to be a red siren here. What about the governor contractor inside this bod binding on our Government Contractors. Is its not shouldnt it be publish. Let me follow up on that to get the specifics. Shouldnt it bejing makes sense. Since we have more contractor on the ground in afghanistan than tops, it would be important to get kasperski owl of their system. My authority is only federal civilian agency us. Dod have you told the contractors to get kasperski out. We have instructed the remove of casperski from the dod informations. Ry follow up on contractors. Lied like an answer. Thank you, mr. Chairman, for your indulgence. Thank you, mr. Chairman. Your agency, mr. Krebs, declared that russia linked acteddors hacked 21 states. Why did it take over a year to notifying states that their election systems were targeted. As i have stated, we notified an official within each state that was targeted or scanned. We have offer a series of services and came end, including cyber hygiene scans, to every state in the union and every commonwealth. So not only did we notify the states, granted, there was a broader notification that we have subsequently made, but we did make capabilities available to all 50 states. And are all 50 states using the capabilities you offered. I dont have the specific number offered the states using ours but we have seen a fairly healthy response. I would like a report on whether all states are using the recommended technology that you eaverred to them. I dont think i think we need have that kind of transparent si, given what senator mccain started this hearing with. It is a National Security priority, and if the states are not doing their jobs well, we need to provide the oversight that is necessary to mike sure they do their jobs well. Do you believe that making these election Cyber Security optimal is sufficient . Im sorry, making them 0 are optional. Excuse me. Optional. Fundmentally there are constitutional questions in play. We make sure that every resource we have available and out there that the state and local governments and election systems have the ability to access. I understand that there is a ninemonths wait for a risk and Vulnerability Assessment. Is that accurate . We offer a suite of services from remote scanning capabilities, cyber hygiene scans, up to a fullblown Vulnerability Assessment that can sometimes just to execute that Vulnerability Assessment, because its the breadth and depth of the assessment can take a number of week if not months to conduct at the assessment itself. So i have we are in the process of looking into whether that ninemonth backlog exist and how the insurer we can private every other toll needed out to the state and local officials. Are we ready for the next election and do you believe we are cyber secure for in the next election and. I think theres a lot of work remains to be done. We need to as a country, we need to continue ensuring were doing the basics right, and even at the state and local level, the private sector, still a lot of basic hygiene activities. I would like a full accounting what has been done, what is left to be done and whatunder your recommendations to secure our electoral system bit the next election and like it to addressed to the entire committee. We need to know what is out there, what is left. Senator graham and i have a bill to have a 9 11 Style Commission for do the deep dive you are doing to make recommendations to the congress on the ten thing wed must do before the next election. Then have the authorities come back to us so we can actually implement it. Doing on it an ad hoc basis is not sufficient and im not worried because theres no accountability and because of the constitutional limit takes you mentioned we are not going hold these states conditionable when they have not done the required work. We need to know what have you succeeded in doing, what is still left to be done, the impredments, delays, lack of expertise, lack of personnel or resources in i need to know because i need fix this problem. We are making significant progress. We have a working relationship, strong partnership, with state and local Election Officials, and we are moving forward with the towards the next election. Mr. Rapuano in your confirmation hearing you said the russian irphoenix is a growing threat and russians will continue to enter as long that thivel the consequence their, as is lens than the benefits aday crew, given the likelihood of interference what are the immediate extent you are going to take and the federal government should take to restore the integrity of our elects . I know you answered one therefore early er question wiz the work we are degree with the nam National Guard but i know you are no necessarily doing all the training necessary or spending the resources to do all the National Guard training consistently with other active duty personnel. Senator, we stand at the ready in terms of the process that dhs has put into place to support all the states with regard to the election system vulnerabilities. To date we have not been tasked directly to support that effort but we certainly have capables that we could apply to that. Ick just have your commit independent the next budget youll include the full amount needed for the training of cyber specialists within the National Guard . What i need to do is check on the status of the current furnishing for the effort and i will get back to you and thank you. I want to follow up on the questions about the attacks on or voting steps. We know that 21 states faced attack bid russian ablers during the runin 2016 election. Seem its luke the russians are happy with the efforts and dont see nye reason to believe they wont try again. In fact, mr. Krebs, your predecessor another Homeland Security urged congress to, quote, have a strong sense of urgency about russian tampering in the upcoming elections, and i know that Homeland Security designated our election system as Critical Infrastructure earlier this year. I just like to follow up on the question that senator jill gillibrand was asking and what think i hard you say, are you confident that our nation is prepared to fully prevent another round of cyber intrusions into our election systems in 2018 or 2020, mr. Krebs . So, what i would say is that we have structures in place. This is not an overnight event. Were not going flip a switch were not there now. We are working towards the goal of securing the infrastructure. A simple question. Were not there now. I believe theres two, be done, yes, maam. Host so were not there now. Can i just ask on maybe some of the specifics. Have you done a statebystate threat assessment of the cyber environment leading up to the next election. Are you speaking of specific to the election infrastructure or statewide. Election infrastructure. I would have to check on that. I dont have you dont know whether or not theres been a statebystate we have engaged every single statement wore work my question is more specific. A threat assessment for each state on their election infrastructure . I would have to get back to you on that. Okay. Are there minimum cyber standards in place for election systems . We do work with the National Institute of standards and technology and the Election Commission to look at Security Standards for voting. I understand you work on it. My question is there are minimum cyber there are recommended there are recommended. In place. Are the established best practices . I believe there are best practices. Those are in place. And any plans for substantial support for states to upgrade their Cyber Defenses . If youre talking about investments, i i am. Okay. That is thats a different question i think that we need have a conversation between the executive branch and congress about how was that a no . At this pound i do not personally have the funds to assist thats a. No. That is a resourcing to states that are Grant Programs that we can put in place perhaps to so you not only dont have the money to do it, do you have any plans . Ill ask the question again for substantial support for states to upgrade their Cyber Defenses. We are exploring onces. The answer is no, you do do not have them in place. Were working on plans, yes, maam, assess that they need. Yes, the answer is no . Okay. The state or town in america we would put our full National Power into protecting ourselves in fighting back. The russians have attacked our democracy and i think we need to step up our response and i think we need to do it fast. I would can occur with all of the colleagues up there. That is when we have to be laser focused on. I will concur with the chairman and others that are very frustrated and troubled. A comprehensive way. Integrating the state and local officials with federal officials. As significant as it is. It goes to the core of my democracy. It also goes to the core of our civilization. Weve been hit with an incredible hack on taking the most private information to open up accounts and to take cindys identity and your talking about over a hundred Million People do you think we will be able to determine who is responsible for that hack. Generally, when would we be able to do that. On the far side. Within less than that time. I know thats very difficult. Do we have the tools to punish those individuals. Those are two separate questions. In two separate issues. First on the attribution point to get it to a certain destination is easier than the second question which is imposing significant consequences. If it becomes a nationstate or associate like that you have seen recently though with the yahoo compromise where we have have a blended threat targeting of businesses in our country. That is where i become a little more vague as to my answer on specific would would be able to impose consequences. It is a significant problem that you cant answer. We really dont have a plan that says if you do this these are the consequences for you. They will be significant particularly if there is a state actor associated with it. I know that you mentioned the line we dont actually want to put a line somewhere. Everyone would work up to that line. We with zero lines right now. A state actor was behind a colfax breach. The most personal information. The process we head in place right now in terms of all the reports been submitted looking at how we correct the infrastructure and looking across this suite of issues what are our capabilities and vulnerabilities and implications that are exploiting those vulnerabilities and how to best establish what the threshold is. What is to vague to be useful as well. Having said that i think its a straightforward question. Someone who hacks and instills information from over hundred million americans and something that compromises their potential identity for the rest of their lives i hope that the directive would say its well over any kind of line. It certainly warrants a consequence. There would be more details that we would be looking at. What is the quality in attribution. We answered some questions and taking out the federal government. Because of that risk that is inherent there. When we have millions of americans i have this software that access to their personal information on that computer. Should we alert the public to. They made our Risk Assessment that we were not willing to have these products installed. Its a pretty strong signal. We had shared information across that. Is an indication. The federal government has made the decision that this is an unacceptable risk position and we are instructing agencies to remove it at the present. Just quickly following up on senator peters line. Is Cyber Command prepared to engage. With the critical structure and then United States. What is the trigger. Are they able to do that right now. Against the variety of targets. It is inclusive of her responding to an attack on the u. S. Critical infrastructure. What is one of the triggers and you suggested that the act of war was still on the definitional phase on what would it prompt this. We have the capability but the question is under what circumstance do you use this. Is that fair . Yes it is. I want to thank you for the hard work that you are doing in the candor and helping them understand many of the challenges and must say i appreciate your great work. I can back two years ago. That there be a strategy followed by a policy we have no four months late. We have our responsibilities and we will carry them out. We had authorities that i dont particularly want to use and less we are allowed to carry out our responsibilities to our voters who sent us here then we are can have to demand a better cooperation and teamwork than we are getting now. I appreciate very much the Incredible Service that you three have provided and im certainly not blaming you for not being able to articulate to us a strategy which is not your responsibility. The implementation of actions dictated by the strategy obviously is yours. When you see the person in charge at an empty seat here today than we are can have to react the committee is can have to get together and decide whether we will sit by and watch the person in charge not appear before this committee. That is not constitutional. We are coequal branches of government. I want to make sure that you understand they appreciate the hard dedicated patriotic work. And what you are dealing with and doing the best you can with the hand you are dull. This hearing has been very helpful to us in assembling being informed to one of the major threat to the american security. And i think you for that. I think you for your honest and patriotic work but we are going to get to this because of the risk to and the very fundamental list of the democracy. Is there anything that the senator from maine would like to editorialize. I think prudence dictates. I think the witnesses for your cooperation. This hearing is adjourned. [indiscernible] [indiscernible] [indiscernible] [indiscernible] Congress Returns on monday to take up the house senate resolution. We get an update now on where they are standing now on tax reform and emergency spending. Ferris covers the budget and appropriations for politico. Lawmakers approved the budget plan. Can you give us a quick look of what is in the resolution . Senate took that step towards their tax reform plan inside this very sweeping fiscal blueprint with specific instructions for the tax committees to get to work which the republicans have been saying a very ambitious tax plan. 10 years worth of spending. Even the Budget Committee chairman says of the only thing that10 years worth of matters. How are they moving forward with President Trumps call for tax reform . Dont have very many details about how republicans are looking to do this. There are few details of what the race might look like. Dont have very many details about how republicans are looking to dowe do know thag wave of momentum for senate and House Republican leaders considering the house the Senate Amendment to include some of the house tweaks. The Senate Budget that was passed last night included some negotiations with the house ahead of the Conference Committee. We can actually see some work next week. Your article says republicans are eager to speed up the timeline on tax reform. Why is that and how are they doing it . It has been a tough couple of months. They are looking for some legislative victories. Many are sore about what happened with the Obamacare Repeal. Now they are starting this again, hoping for another shot at reconciliation. Something rare to do twice in one calendar year, but they are hoping this will be the ticket to seizing this tax overhaul of they have been talking up so much about. Does there appear to be any democrat support for tax overhaul . There were some signs last night that democrats could get on board with this. Senator joe manchin of west virginia, heidi heitkamp, both the vulnerable candidates. They did sign on to the thedments, but overall, final budget vote did not include a single democrat. This is not unusual. Those documents are partisan documents. The fact that there were a couple of democrats eating voting for a few of these amendments does open the process. What is the timeframe for getting all of this done . Anxiouslicans are very to get this done as soon as possible. They want to have Something Else to talk about. We are going to start seeing hearings from the house ways and means, Senate Finance committee pretty quickly. Mr. Brady has actually conducted that we can see in this Tax Blueprint, some actual legislation in the next week or so. He said as soon as the house and senate agreed on the joint resolution, we will see some facts. Nexte house is back l week week. What is the status of the bill in the senate . This has been a stickier process of the senate. Senate republicans had initially said they can get a vote on that ma on after the voteora thursday night but the next time they will vote on it will be monday. John trump nominees because they are anxious to see really further home states as part of thisjohn cornyn, as welr bill nelson, who has actually put holds onthey are saying thee package next week but already looking ahead to the package in november which they say includes the specific amount of funding for their home states. Sarah ferris bill. From politico. Thank you for joining us. The house is expected to take budgetSenate Passed resolution this week with a final vote on thursday. If that passes, it allows congress to proceed to tax reform. White house coverage begins monday at 2 p. M. Eastern. They are also back monday for emergency fundamental and fire relief. A residual vote to advance the bill is set for 5 30 p. M. Eastern. You can see that senate live on cspan2 and the house on cspan. Cspans washington journal live every day with the news and policy issues that impact you. Coming up sunday morning, Newt Gingrich will discuss President Trump and his relationship with congress. Georgetown University Associate law professor will join us to explain his path from prison to georgetown law. Texasiversity of professor neil joseph will talk about the real reason nfl players neil during the National Anthem to raise awareness about Police Brutality and racial injustice. To watch washington journal live at 7 00 eastern sunday morning. Join the discussion. This week, the white house did not release a president ial weekly address. The democratic address from richard neal of massachusetts. He talks about tax reform. Im representing massachusetts first congressional district. As the Ranking Member in the house and ways committee. In the coming weeks, the house of representatives will talk about overhauling the tax code. And republicans agree that something must be done to simple five attack system. The current tax code is far too complex which allows him to avoid paying their fair share. And unfair to american businesses trying to compete in an increasingly globalized economy. We have very different views about what our taxes should look like. Two weeks ago, Republican Leaders and President Trump released a framework that they say is the starting work for their proposal. The house is expected to take up the Senate Passed budget resolution this week with a final vote by thursday. If that passes, it allows congress to pursue to tax reform. Live house coverage begins monday at 2 p. M. Eastern. The senate is also back to consider a 36 point 5 billion emergency supplemental for hurricane and fire relief, already approved by the house. A procedural vote to advance the bill is set for 5 30 p. M. Eastern. You can see the senate live on cspan2 and the house on cspan. Closer eyes for a moment. And stretch close your eyes. I see you. Trust me. I want you to stretch your imagination. Open your eyes. Thats how fast it happens. In a blink, no warning. Executivenight, director of paralyzed veterans retired marine Corps Officer talks about his paralysis see from a patients perspective, policy paralysis and his work to help paralyzed vets. I am trying to tell them this perspective, advocateshat i perspective, you have to empathize that is what will make it the ideal provider for veterans who have gone into combat and sacrificed. Sunday night at 8 00 eastern on cspan q a. Communicators, communicators, russias involvement with the election with julia angwin. That facebook has said they learned a number of adds placed during the election were outfits under an anonymous accounts, and they ads. Political divisive not necessarily, it seems like candidate or sowing but just aimed at decisiveness on certain topics. 8 00 eastern monday on cspan 2. Host is our guest this week to talk about facebook, russia. Al ads and ms. Angwin what have we learned in the past couple of months rom the investigation into facebook and the russian ads [captions Copyright National cable satellite corp. 2016] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. Visit ncicap. Org] julia thanks