Well, it didnt affect a National Security entity but it did cause damage to a company. In that case and this is an important illustration of when we could attribute. Very clearly there was agreement across the Intelligence Community to attribute that attack to the north koreans, and we did sanction them. Okay. Thank you. Thank you, mr. Chairman. Thank you, mr. Chair. Gentlemen, thank you for your service and for joining us here today. And director clapper, before i start on ill begin to focus on cyberpolicy, i think were all very concerned about the allegations that leadership at Central Command deliberately distorted the assessments of Intelligence Officers related to the fight against isil. And i understand that theres an ongoing investigation, and im going to wait for the results of that investigation. But i want to say that as a member of both this committee and the intelligence committee, i want to in the strongest terms possible impress upon you the importance for all of us to re
Actually have very, very stringent and effective rules in that regard. For example, under one particular provision of fisa, were not allowed to target either United States persons or persons within the United States. Sometimes it happens that we think somebody is not a u. S. Person and then we discover, oh, my gosh, this person has a green card. We didnt know that before. And the rules are at that point, you have to go and purge the collection you have to report it to the fisa court. You have to purge the collection and you have to purge any downstream reporting that comes from that, as well and all of this is overseen within the government, reported to the court and also reported in summary fashion each year to congress. So it actually it actually is possible to get rules and procedures that do protect against these kind of mistakes. Supply want to thank our panel for sharing their thoughts and wisdom with us this important and thanks to the audience for your participation and i under
And active relationships between our Computer Emergency Readiness Team and certs that are being stood up all around the world by countries. The uk has just stood up a new cert. They had a couple certs before that and stood up a new one to act as a fuller counter part. But there are certs in lots of counties with which they interact on a daily basis. And that is obviously essential. These threats i mean, its most obvious in cyber but it is true across the board, you know, Mother Nature doesnt really know borders and we saw that as we contemplating the potential consequences of the aftereffects of the tsunami in japan. Terrorism clearly is a transnational crime. We have to have that international piece. The tenyear, again, the landscape changes so rapidly that it is an incredibly hard challenge to think about what we might confront. But i will tell you my sort of utopian vision for where i would like to see us heading and where i would like to see us closer to in ten years. You know, aga
Have grown through mergers and acquisitions and that have acquired companies and later find out after they have connected all their networks and systems, that that company that they acquired did not have good cyber hygiene and was riddled with problems that have now infected the entire network. Lawyers need to help with that. Auditors need to help with that. Venture capitalists. Were out talking to venture capitalists to say if youre investing in a company, youre investing in large part in that intellectual property, and if you havent done the Due Diligence to assure yourself that they have good cyber hygiene and have taken appropriate care to protect that information, you are throwing your money down a rat hole because that intellectual property is going out the back door. Attorneys in this room and your colleagues work with these folks on a daily basis. I need your help in spreading the word. The more secure any one of us becomes, the more secure all of us are. This is a this is a jo
The Intelligence Community to try to increase the amount of transparency about what that community does but thats running against the culture of that community and its a challenge because there are legitimate security reasons you dont blab about what you do but i do think that the lessons the last two years are that to the extent to a much greater extent than in the past the Intelligence Community would benefit from Greater Transparency about what its doing and why. Which is easy to say and hard to do. Do any of our panelists have any comments on the usa freedom act pending in congress and the differences between the house and the Senate Version of the bill, one of our questions related to the provision thats not in the house bill but in the senate bill regarding the special advocate for to be present before the fisa court. There was a provision in the house bill thats somewhat different than the senate bill. So i mean the house bill also had its not exactly special advocate. What it i