figure, frailer, the more disabled individuals as part of the expansion will be in medicaid. the younger, healthier, and better health risks for the pool will end up in the exchange, and quite by contention according to their calculation, their proposal, that in and of itself is going to sustain and save the exchange markets by having that bolus if you of younger, healthier lives in that pool. i think you're going to see a lot of folks in there. >> i guess this is actually a sort of same question and i was going to address to you. i just wanted to know, if you be seeing more states who have opted out of the medicare expansion who will be using that model. i think wisconsin is using that same model. i think i heard that it's going to take off this enrolled people off of medicare and put them on

exchanges and then to make way for new enrollees to i guess i just wanted to your whether or not there are some downside our upside to using that kind of model. and you think other states are going to do the same? >> so, in terms of medicaid, i would say the wisconsin issues different. wisconsin, it's funny, the wisconsin folks say why do we keep getting labeled as a non-expansion state? we expanded a decade ago. they already cover all of these people are and so it's, i think the wisconsin situation is very, very different. but i think it's a very, very silly question to talk about, what does arkansas mean for -- salient question, for the other states that are currently either leaning know or are at no. and i think, i know for sure that the vast majority of states

who are currently in the no category are i would call them in, they are in the know, but looking for a way to get to yes. and what it is they look at the options that they have. in the options they have are expand the program as is or nothing. they keep coming back and saying, there's got to be something more on this. it's got to be another option. arkansas has got one. is there another option for us? and i think would at the end of the day it's all about whether or not those individual states because of you all ask for slightly different things, pennsylvania and michigan and iowa, they are all asking for slightly different things. it's really going to come down to is the administration going to be willing to work with them to come up with a fourth option, if this option, a way to get there? i think the arkansas model, was

the conservative flavor of the private sector approach, and as a way strengthen the exchange market the potential to be a big win-win for everybody if the cards so of on. >> this also raises the question that dan brought up earlier about the states on the exchanges also on the marketplaces who are doing plan management, there are about 14 states that are doing a little bit more than just, than some of the other states. whether we will see a shift in that responsibility, taking on more of, states taking on actually the market place operations. maybe talk about that. >> allowing states to transition from a partnership model or a fully federally-facilitated marketplace over the next two years. states were anticipating filing a blueprint on november 18 that,

the states that were interested in doing that transition and we'll have to see how many states actually filed a transition blueprint. but they have until the end of 2014 to make that decision. so again, we think there's a lot of into this for many if not all the partnership states to transition over the next two years, and some of the ethics in states that will just have to keep an eye on the state and see which ones do. -- ffm states. spent as we going to last 10 minutes or so, i would like to ask you to pull out the blue evaluation forms and fill them out as we get to these last few questions. i would like to ask you to ask your question. >> hi. i've got to question. the first one is just about the enrollment data that's been released in terms of young people, so maybe sara and mila you guys can answer this. is that data on target as far? does it represent a lot of work left to be done, or is a good

sign? and then secondly, how is that data in forming study specifically for reaching out to that group? mila, you were talking about data is simple to adjust outreach strategy. what is the data telling you this far in terms of what's working and what needs to be done? either going to be specific things to sort of try to bring in those procrastinators that it been talked about? >> just in terms of the data that's coming in, i think this week we saw in states that are going to own marketplaces that are reporting it, significant shares of young adults, about 20% of those who enroll were ages, 19-35, in terms of what cbo is projecting, of the seven many people expected to come into the marketplaces next year, about 2.5 million or so are expected to be with, between the

ages of 19-35. so about 30% of that total. in our survey data in october, we did see about 21% of those people who visited the marketplaces and these are people who are uninsured or eligible to come in were 19-29. about 32% were 19-34. we also found a high percentage of young adults, and there was really no difference across the age groups in terms of people who say they're going to come back to the marketplaces or go to the marketplaces like the end of the open enrollment period. and just in terms of the massachusetts experience, young adults have waited somewhat longer but the uninsured rates among young adults is 21% in the year prior to the passage of the law in massachusetts. that rate dropped to 8% in the after. i think it does, the experience, the survey research that we've

done, the experience in massachusetts does suggest young adults will come into the market places, the numbers will help do what we're hoping they would do not only helping them but also stabilizing the market. spent so, we used all sorts of information sources to, on a weekly basis, hit the restart button. i had a meeting with my senior folks every week, looking back at what we know about enrollment, what we know about folks who were on the ground. so if we know that holding an event in the evening results in five people showing up versus launch, you get 50 people to show up, that's where our resources go. so we look at everything that's happened to not only the data we're seeing but also what we're hearing from our sisters. orienteering from brokers in community groups or on the ground. end of the week we slightly shift our strategy.

and i can tell you week one at a lot of events planned, educational events and what i would call show until comic indication people have a fancy term for it. but essential have to use our web portal, the range of prices, products. we found that consumers are coming and ready to enroll. so the following week we make sure we had a assisters and brokers at those events to help people enroll. so we learned a lot about the needs and demands every week, and we we tool to make sure that we are right there and available to help people whatever they are in their decision-making process. >> so are there any specific strategies to reach out to young people? >> it's a big outreach program for things that are yet to be unveiled. so some of our d.c. assist including young invisibles and groups who have worked with university population.

and they're doing very creative things. one of our d.c. alpha link assisters is going to bars to provide information. so they're very creative are and the one thing that we're not doing is kind of door-to-door or going into people's homes. we have essentially said for a number of reasons were not going to allow assisters to do that. but they can be as creative as possible and ask our daily and weekly updates. and we share that among the assisters. what's worked, what hasn't worked as well and how to retool. spent can ask just one last thing? just i think a few minute ago we learned that deadline to sign up for coverage for january 1 is actually been moved back a week to december 23. and i was just wondering if it has an effect on what any of you guys are doing or will have any

kind of ripple effect in general. >> no. we are pushing for december 15 to enroll in fully paid for coverage to be effective january 1. >> we have time for just a couple more questions. and one is directed specifically to you. your mention of the direct enrollment option, that is direct by plans, the questioner wonders whether that raises technology issues firstly? and what potential with this option ever increasing enrollment? >> that's a great question. i don't think hhs ever intended for health care that got to be the single channel for enrollment. and they don't think they ever anticipated they would be the single channel for enrollment in

30 plus states. so there's a provision in the law that allows carriers and web brokers like e-health and get insured and others to direct enroll consumers directly from their platform into the exchange. and when i said to enroll, enroll in a plan that the carrier is offered or a plan that the web broker is offering. there's been a lot of confusion in the media about this since the president sort of announced direct enrollment has been obscure and has been a lot of information about it. so really how it works and hhs is providing the technology to the federally-facilitated marketplace states and these technologies are called apis, and allow the carriers and the web brokers to plug into the ffm and to direct enroll. there's been some confusion and

misrepresentation in the media saying you can't do that because the only way to get a premium subsidy is directly through healthcare.gov. you can get a premium subsidy through direct enrollment if the technologies allow the. somebody would go to a carriers website or web brokers website, they would take a plan and then you would be securely transferred to the federally-facilitated marketplace, or a state-based exchange, to calculate your premium subsidy. you would then be taken back to the carriers website or the web brokers website to complete your enrollment and the plan that you have chosen. as of today, only carriers that are working directly with the federally-facilitated marketplace or healthcare.gov can do direct enrollment. and while those technologies have finally been completed, they were supposed to go online october 1 but there were a lot of issues just like they were

with healthcare.gov on october 1. a lot of the carriers and web brokers are still trying to complete the final integration to make that work. i'm not aware of any state-based exchanges, and mila, correct me if i'm wrong that are facilitated direct enrollment this year but i know that there are some that intend to do that next year. but to answer the question i think it was the intention of hhs to provide multiple channels to consumers to enroll with state-based exchanges, healthcare.gov and through direct enrollment. it's a little plate in the game to speculate on how well directed moment is going to work considering the technology wasn't completed until just a couple days ago. and again, many of the direct in rowley's are still working on integration issues here. >> any final observations by any of our panelists? sara? >> i just wanted to add one more thing for people have been concerned about consumers in this process of direct enrollment.

health plans have to let people know that there are other options available to them on the marketplace sites, and also about the other range of products, other health plans that the insurer might offer. but clearly this is a way that enrollment might increase over the next few weeks to get towards the end, not that december 23 date. >> that's correct. they need to inform the consumers there are other options on the state exchange and they can opt out of direct enrollment anytime they want to go directly to the state exchange, or the federally-facilitated marketplace if they so desire. >> i just would like to make a plug for tomorrow. we have a citywide enrollment event at mlk library. we're going to have zumba and health screenings and bring your whole family and i encourage all of you to come out. >> okay. well, what an appropriate way to come to the conclusion of this

discussion. we may come back to this topic sometime in the near future, in case there might be a few remaining issues we haven't quite tied up in neat bundles yet. but at this point i think we've learned an awful lot, at least i have, and reminding you as we finish up to hand in the blue evaluation forms after you filled them out if you would. i want to thank our colleagues at the commonwealth funds for their help in planning and, obviously, making a big direct contribution to the success of this briefing. thank you for some of the best, hard and microphone questions that we've had in a long time. and ask you to join me in thanking the panel for a really enlightening session. [applause] ..

[inaudible conversations] [inaudible conversations] >> white house national security adviser susan rice is in afghanistan today according to the associated press as part of her first overseas trip as national security adviser. she will meet with president

hamid karzai after he rejected a recommendation by an afghan assembly to sign a security pact with the u.s. choosing to defer a decision until after that country's april elections. the ap also reporting that susan rice will visit with deployed troops while she's in the country. and some live coverage coming up here today on c-span2 starting at 11 a.m. eastern, a discussion on diplomacy and the muslim world. we'll hear from walter douglas, a foreign service officer. it's hosted by the center for strategic and international studies, and again, that'll be live on c-span2 starting at 11 a.m. eastern. on c-span today at noon eastern, the cato institute will host a discussion on america's nuclear weapons policy coming in conjunction with the institute's recently-released paper on why current policy is outdated. again, that's at noon on c-span. also president obama will continue his west coast fundraising trip today with several events including one at

the home of hall of fame basketball player magic johnson. before that, though, the president will deliver remarks on immigration, continuing his call for the house to pass a plan. you can see the president speaking at a chinese recreation center live on c-span, that starts at 2:35 eastern. >> years ago i don't think anybody would have looked into a crystal ball and thought that some, you know, somebody on a college campus would be streaming, you know, netflix onto an iphone to watch a movie. and so i think that, you know, this is what's happening out there that we've got this huge, this huge issue out there that the technology and -- because, again, you know, not wanting to date yourself, but i remember in northwest ohio, you know, depending on the day that if the antenna on top of the house was working right you got two channels, and maybe you got one channel, and some days you didn't get any channels because it would depend on the wind and the light and everything else. but we have -- the industry's changed so rapidly, and that's

what i want to make sure that we have things out there and the regulations and the laws on the books that spur this innovation. because if i'm not mistaken, i think we've created around on that end of the industry alone, just like on the cell phone side about 3.8 million jobs. >> technology issues in front of the current congress, tonight on "the communicators" at 8 p.m. eastern on c-span2. [background sounds] ♪ ♪

[gunfire] >> on november 25, 1963, approximately one million people lined the route of president kennedy's funeral procession from the u.s. capitol to arlington national cemetery. millions more watched the live television coverage. starting tonight at 8:30on c-span2, watch nbc's coverage of kennedy's state funeral. >> during the president's historic trip to china, mrs. nixon accompanied him. it was noticed how mrs. nixon was looking at a package of cigarettes. these cigarettes have pandas on them, and the package, she was admiring that. and be they said, well, i understand you also admired the pandas at the zoo. she says, yes, aren't they darling?

he says, well, we will make sure that you have pandas to go home with. it was important for her to uphold and support her husband. just her being there would bring so much goodwill, and it was always evidenced at the end of the trips where the news reports would come out, you know, they would talk about the president this way, but they would always say what a wonderful job pat nixon did. >> first lady pat nixon tonight live at 9 eastern on c-span and c-span3, also on c-span radio and c-span.org. >> fbi insider threat an kate randall last week said the edward snowden case is just one example of the complicated process that leads government employees to turn on their employer. speaking at a conference hosted by the government i.t. web site nextgov, she described an array of factors that could lead workers to disclose classified information. this is 40 minutes.

[background sounds] >> okay. well, my name is kate randall, i'm a threat analyst at the fbi. in my role i handle insider threats and provide analytical assistance to active fbi insider threat investigations. i also spearhead our indicator development program. within that program we try to grasp the extent of the insider threat problem by breaking down the critical components, conducting research and applying

advance detection techniques against our data sets. i'll have to preface my talk by saying anything i'm about to say is my personal and professional opinion that's based off of my firsthand experience working this issue within the bureau. it doesn't necessarily reflect what the fbi's insider threat program is or isn't doing. it also doesn't reflect any official policy or position of doj, fbi or the u.s. government. so if you disagree with anything that i'm about to say, don't hold that against the fbi. and likewise, if you are angry at the fbi for any number of reasons, please don't hold that against me. [laughter] my objectives with this presentation today are threefold. first is i want to talk about the insider threat issue, what it is and what it means. specifically highlighting how it's not a traditional cybersecurity or hacker problem. as i've interacted with different entities from government and industry, academia and vendors, i've seen that there's just a lot of

inconsistencies and incongruence about how to even define this issue. so my hope for today is to provide a little bit more clarity about how to define this issue from the perspective of my own, someone who actively works these dayses on that day-to-day basis. then i want to introduce a multidimensional approach, the concept of that, what it means and the necessity of incorporating something like that within an insider threat program and then, hopefully, provide a few high-level examples of how one might try to implement some of these concepts within their own organizations. so the insider threat problem. i'm sure everyone here has heard of edward snowden, recent nsa leaker. bradley manning, the dod employee who leaked classified information for the wikileaks web site. and robert hanson, an fbi special agent who spied for the russians for 20 years. not our finest moment. we're not too proud of that. these are certainly the most widely known insider threat

cases, but i think what's important is that the issue itself is far much more expansive and runs far deeper than any one of these single incidents or these isolated case studies. i think if we're ever going to have any real chance of combating the insider threat problem, we can't build our defense mechanisms against single case studies or specific actions. we can't just look at removable media activities because that's what bradley manning used. we can't only look at our system administrators or privileged users because ed yard snowden -- edward snowden had a technical background. we really have to try to attack the issue at the root of the problem and really understand what an insider threat means. so along those lines, the core feature of insider threat is betrayal. these are individuals who betray their positions of trust and use their positions and legitimate access for illegitimate means. along that line, the key factor is that it's purposeful. there's been talk amongst the

community about an accidental insider. there's certainly utility in trying to create defense mechanisms against accidental insiders, what we kind of dub as the knucklehead problem. these are individuals who accidentally mishandle information or unwittingly cause some damage to the organization. that's a fundamentally different problem than someone who is purposefully and with malice enacting some harm against your organization. so for the purpose of this presentation and how i think the insider threat problem should be defined, it's about really looking for that specific intent and malice. though the insider threat issue has garnered a lot more support and a lot more noteworthy news in recent years because of some of the high profile cases, it's one of the least voluminous problems that can have some of the highest impacts. insider threats cannot only compromise sensitive government information that can have

longstanding effects for our government, our economy, our international operations, they can also cause damage to the government and industry in the numbers of billions of dollars which i don't really think anybody has that money to spare. the other key factor of the insider threat problem is that we really can't focus be, again, on specific situations. of it's not about someone who's a spy or someone who prints a lot of data or injects mal code into a system. it has numerous types of manifestations both in terms of the actual malicious behavior, but then in the way that those behaviors are enacted. the insider threat problem, as you can see, it can span from i.t. stab taj to fraud to workplace violence to unauthorized disclosure. and the manifestations of that, hundreds of thousands of different ways that a person can do that. so if we solely focus on how a person is doing it without taking it back to the root of

the problem, we're really not going to get anywhere. that's why i think it's so important to really focus on what the heart of the issue is. and in terms of how it happens, most people don't come into an organization with the intent to become a malicious actor. there are certainly people that can. hopefully, those individuals can be mitigated at the forefront from secure hiring protocols and background investigations. but most malicious insiders start out just like everyone else. they evolve into malicious actors over time as a result of opportunities, triggered risk factors and peak motivations. these red flags are what we call indicators. and all employees in every organization have some of these red flags or indicators. and they exist at varying levels across the continuum. it's about identifying what indicators to what degree might cause someone to get to this point, the tipping point. basically, what makes them go

over to the dark side. and that's what makes it a challenging problem, because these risk factors exist all the time, always for everyone. but be what is it that makes it for one person kind of push them over the edge. the biggest thing that i want to stress today, again, is that this is not a typical cybersecurity problem. insider threat by sheer definition goes against all traditional means of cybersecurity, information assurance and data protection. where we protect our systems, our networks and our information from intruders and unauthorized activity. these are people who are within your organization and have the legitimate access to do the things that they're doing. you're not locking your doors or setting up an alarm system to prevent a burglar from coming into your house. you're opening the door, you're shaking the guy's happened, you're inviting him in for a beer, and then you're giving him the keys to your house while you go on vacation. the fundamental difference between an insider threat and a typical hacker is that we trust

our threat. we trust them with the most sensitive and proprietary information that our organization holds. and we trust that they won't betray that. but as we all know, probably why you all are here, they do. the other key factor is that it's not a sole technical problem. insider threats can range any spectrum of demographics, technical skill and subject matter expertise. so if you solely apply a technical response, you're really not grasping the extent of the issue. certainly, insider threats that do have significant technical backgrounds that use those technical backgrounds to penetrate and infiltrate the systems and enact harm, steal information, but that's only one component. there's a whole other sphere of different ways that these behaviors are manifested. when i first got into this business, the most accurate yet depressing thing that someone had told me about how to describe the insider threat problem is that wre