yesterday down in the little town where you've seen the pictures on television, the house that was floating on fire. i was there right where it happened. before i got to that house, i'm walking down and there was a lady standing there. and there is foundations after few homes but no sign of a home anywhere. and there was -- she had flowers in a cross, and that's where her husband who is the grandfather and her, but her husband, her daughter, and two grandchildren were in the house. they got clear to the attic and the house left. one of the kids was saved but one of the kids was saved but one of the kids was saved that one little child the daughter, the mother and grandfather were lost in the flood and she is standing there looking at it, what do you say?se there are no words to replace

that say you see these types ofb tragedies and then i walkedis across the bridge and this gentleman came and got me and said come on joe i want you to come over and see that i walked across the bridge for another nidal large stream comes out of the mountains but it become a raging river and they basically joined.d, sometimes the hydrology will back up and create the dam or the water creates the dam itseld i walk in there and it looked like a bomb had gone off and there were three or four homes completely burning and it exploded.nd he had been one of them and he said when this all hit and the water he ran as quick as he could with his wife and they headed up to the hillside that they thought everybody had gotten out at a lady to get out and she came back into the home. when the house shifted it broke the gas line in the gas line is broken and it filled up the homes with natural gas that when the house is shifted the power lines broke loose and the sparks

and the powerline hit the gas and blew up the homes like explosions going off. the woman was in the house. she got caught and she couldn't get back out and she went in to get something. g she went into the attic and she got burned over 70% of her body and then shoot jumped into a tree and hung in a tree for three or four hours until they rescued her. i understand she passed away yesterday. we have lost 23 confirmed dead. we thought there were 25 because two people got swept away and they were reported missing. they found them alive so we are 23 but we have five, six or seven unaccounted for it. the tragedy continues and people are out pouring their love and i want to thank first of all fema. fema is on the job doing unbelievable. the national guard that theng corps of engineers. it's going to take everything we have to put our state back together. people have infrastructure and maybe we can change some streams to the point to where they will move differently and water will

flow differently hopefully but this is where you need your federal government and state. your beautiful state couldn't do it right it felt than we could do buyers open i want if thanks the my first responders. we have red cross and we have everybody in. people want to know how they cae help. people say i don't have any money but i want to come to your state. we need volunteers to want to work that we need people who have resources to want to help with their times their money and donations. if they want to send goods we need that. we need everything. people have lost everything. to give an example jim just as the owner of the greenbrier resort, the greenbrier is closed tournament was planned at it's been canceled and the golf course is rented a certain extent but they will come back. jim basically has opened up the greenbrier to anybody that's homeless right now or lost their home. soon we will get a place to stay

free. come to the greenbrier. leon have hot water but we have water so that is what he is doing and it's been so gracious to do that. i would tell people that they can get on my web site manchin senate.gov at the front of our web site you will be able to see anything you want to do and itt will take you right to a site that you can get in contact with the people to help our state.n h again, i know the love and times and compassion the times that people have and i've watchede people come together. it our little state always took care of itself and when you ask people if you have a place to stay they will say i'm staying with my neighbor. the outpouring of love and compassion around the country is just unbelievable. we have a lot of things west virginia's brad paisley called and he wants to do a benefit fod the state and that's going to ba

tremendous and so many people. so many people have stepped up to the plate. from the bottom of my heart or want are want to say thank you to everybody for reaching out. i just called home and it's raining again and now we havee flash flood warnings after the same areas again that i talk to the weather channel. we are not supposed to get anywhere near it so we will be able to handle this we hope is that it recently starts -- stops the cleanup and the devastating to see what's happening. so i say thank you to all of my colleagues, everyone who has sent their sincere and heartfelt sincere condolences for our state, the people who lost their lives that's the first and foremost. we can replace everything else but we can't replace those dear little kids and their parents and grandparents and we have just unbelievable so with that adam president i say thank you from the great state of west behalf colleague senator capito and i thank you very much.

we both been on the trail working together to try to get the relief that we can and just keep us in your prayers.

>> host: congressman's will hurd a republican from texas is the chairman of the subcommittee on information technology. he's our guest this week on "the communicators." congressman hurd before you came a member of congress what were you doing it? >> guest: when i graduated from texas a&m university with a degree in computer science i went straight into the cia. i was an operations officer so i was the dude in the back alleys of 4:00 in the morning collecting intelligence on threats to our homeland. i spent two years in washington d.c. training and india in two years in pakistan, two years in new york city in the year and a half in afghanistan where he managed all the undercover operations. when i left the cia i became a partner and a firm that helped start the cybersecurity company doing -- helping businesses and

manufacturers defend their researcher from attackers. >> host: how is that benefited are affected your work in congress? >> guest: it's been really important. one of the values that bring is a unique background and experience on issues of national security or cyber security and having spent a good deal of my adult life chasing terrorists, dealing with al qaeda, looking at iranian nuclear row with raters this has helped. i have direct experience in some of the most pressing national security efforts today and having been in the private sector and seeing what the private sector is doing in order to defend their digital infrastructure, some of our banks, their abilities to protect themselves from millions of attacks is important. so being able to see that and bring that experience as the chairman of the subcommittee has

been a valuable. i understand what it takes to defend the digital network, the difficulty of it but also the basic as practices of good digital hygiene are so being able to recognize the current state that many of our agencies are in and what the future states should he and having an idea of how to compare a think is very important. it's especially important the oversight role that congress place. >> host: the u.s. government is spending approximately $80 billion here in tech knowledge he had cybersecurity. are we getting our money's worth in your view? >> guest: no because 80% of that is on stuff at your viewers would seem are old and outdated. to me that's absolutely outrageous and part of that, you know this is an issue that's no longer time-honored. i teach procurement is not a

topic but the reality is the way we can reduce the size in the scope of the federal government is how we purchase goods and services but the way we make our government more efficient is to utilize the latest technology. we have to make sure that the folks defending our networks are using the latest techniques and the latest tools. i'd use the social security administration is a perfect example. this is an agency that has information on every single american and they have a lot of information on our seniors and we need to make sure that information is being protected. the department of education is another example. it has so much information on their students all across the country and that information can be used in order to create fraud and long-term problems for our kids. >> host: joining our conversation today congressman hurd is tim starks to cover cybersecurity for "politico."

>> guest: hello congressman. >> guest: good afternoon. >> guest: there is a law which you are familiar with that is intended to improve some of the problems you are talking about. can you explain the importance of that law and in particular how would apply to security and how do you think agencies are implementing it so far? >> guest: this law was passed a number of years ago and it was ultimately designed to empower the chief information officer within these various agencies. the reality was that you know theoretically the cio was the post to be the one with the responsibility to implement i.t. projects, direct and spend but that wasn't happening. it was designed to strengthen the cia -- the cio's role and also to make sure they are doing things like agile development that when you have these big expensive projects that you are

realizing victories in wins and deliverables over a six month period rather than spending half a trillion dollars over four years introducing nothing what actually happened when dod and the va tried to improve interoperability within their electronic health records so fitara, the scores are based on information that the agencies are providing to us so this is their own information. they know exactly how the score is arranged and the reality is we only have one out of 24 agencies, we have one agency get a b in one agency got an f and everybody else was in between. what has been good is that this has focus the conversation on things like data consolidation. the federal government has almost 11,000 data systems. facebook, one that the biggest companies in the world has for.

there is no reason that the federal government should have 11,000 and you can rely savings. through this fitara scorecard we have realized that four agencies have consumed $4 billion of data by moving into the clouds so with the scores were trying to shine a light on some of the key elements that we can improve the efficiencies and the security of the federal government infrastructure. >> host: before you go any further fitara is an acronym for federal information technology acquisition reform act and cio is an acronym for chief information officer. tim starks. >> guest: the scores you talk about if i recall correctly the last scorecard shows a number of agencies moving up that you think they are moving up fast enough and showing the progress you would like to see? i believe six agencies are the ones that moved up and that's a good trend. the reality is the environment

in which these chief information officer cios are operating are pretty large. i don't think we can get to improve security fast enough. there is no silver bullet when it comes to protecting digital infrastructure. the reality is you have to begin with the presumption of reach. you give an attacker enough time they are going to get in and the question is can you detect them can you quarantine them and can you kick them out of the network and how fast can you do each one of those steps clicked the problem has been years of mismanagement, not investing in current technologies and this is an important reason that we have this fitara scores to continue to shine a light on this, continue to treasure on these agencies to make sure they do the right things to protect their digital infrastructure so we don't have something like the opm hacks were 23 million records of folks have gone

through a security background was breached. so this is important and we are not living fast enough that we also need to make sure these agencies have the flexibility and they realize the savings that they are able to use that savings on other issues throughout the networks. >> guest: speaking of the president has his own proposal to address some of these issues. the i.t. modernization which is $3 million in seed money investing in improving -- that eventually will bring williams of dollars in savings. the proposal does not seem to have any money and the spending bills that are moving right now, i'm wondering if you think that is a good idea and in particular if so do you think of something that might be happening before the president leaves office? >> guest: the concept is a valuable concept. we need to make sure that our agencies are modernized but here's the reality. you don't just modernize and

201630 have to constantly stay up-to-date on the latest trend at the latest hacking techniques and procedures and developing networks. i think the reality is it's hard when your art is spending $80 billion a year on your i.t. business services and when 80% of that is -- it's hard to justify another $3 billion. why not use that 80 billion were successfully and again i think this is where when you do certain things to rely savings and i talked earlier about how just four agencies moving into the cloud is that $2 billion, that savings is realized over the next four years at about $8 billion. imagine if the agencies had access to those funds how much they can do for modernization within their network. we have to make this into their operations. the cios when they're planning their budgets they have to be thinking about long-term and how can they move age systems into the future? how can they get rid of old

systems? we had a bipartisan bicameral letter that asked for hardware and software that was no longer supported by vendors. the information that we got back , there are programs providing support back in 1993 and four folks within the government that means they can continue to patch the software and understandable abilities. it's unrealistic so moving forward on modernization is absolutely important that this is something that should be a day-to-day thing for our cios ncis so chief security information officers. >> guest: the yacht white house would tell you that is just not money they are proposing for this fund. they are oversight mechanisms along with what you are talking about. do you think those could help? >> guest: if you get the cio the flexibility that they

realize the savings that they are able to use that over multiple calendar years i think that's a good tool for them to have access to because the reality is when you talk about some of these big projects within the federal government the problem the federal government has his many of these projects you are talking about are huge and that takes a different mindset, different tactic and to try to rely savings in one calendar year and to use that in that same calendar year is really hard to do. so making sure that the cios across the agency have that capability and freedom of flexibility is important. i think part of the plan is to have a csi l. for the federal government. i think that's a positive step. the current cio tony scott, think he has a great background and great experience in the private sector and knows what it's like to defend networks from bad guys and he's been able

to leverage a lot of that experience into the federal government great having someone that to focus specifically on security is a good idea. >> host: congressman hurd csio stands for? >> guest: the chief security information officer. >> host: you also mentioned the chief information officer for the u.s.. he has said the current situation with government cybersecurity is a bigger problem than y2k. do you agree? >> guest: absolutely this and here's the reality, the number of attackers coming after us are only increasing and the level of sophistication is increasing. as we move to a more digital environment and an interconnect world that increases the area of attack and the folks that have the capabilities to get into our system is large. so this is a difficult job and the reality is we can also be learning from our private sector

colleagues and information sharing. congress passed the cybersecurity act of 2015. it was a very important piece of legislation that is going to make sure we have the tools and the h.s. in order to improve information sharing between the federal government and the private sector. you have information sharing organizations that usually are within a particular industry like the financial services industry that share permission amongst themselves that if we improve the kind of court nation from the private sector and the federal government, it's great. we know right now that there are some russian hackers in moscow that are coding the net level of malware benefiting and using it to penetrate our digital and the structure and our banks here. our financial services industry know where those attacks may come from. if we were able to use national intelligence resources to try to better understand that and get that information to the private

sector in order to help them defend one leg up on the attackers this is one way that they can take our defensive game to the next level. >> guest: congressman another one of things they want to do to respond to the threats you are talking about is a change to what has become known as rule 41 which changes how the government would get warrants to go after .net or those types of threats. i'm wondering what you think of those field tests recently that congress has until december 1 to block it if it so chooses. where do you fall on that being a threat to privacy versus unnecessary threats? >> guest: here's the reality. we can protect their digital infrastructure and our civil liberties at the same time. our civil liberties are not urgent. they are the things that make our country great and we should go to every single length we can to protect them. we can make sure we are still taking the fight to those that

are trying to attack us. the devil his eyes and the details on how you do this. a lot of these attacks are coming from offshore in countries that don't have rules against this kind of behavior. the hackers know that and the countries know that so they're all kinds of tools we can use with these countries to pass cybersecurity legislation to make this kind of behavior illegal. that's another way that we can press on this but again the devil is in the details and we have to make sure we are protecting our civil liberties while doing everything we can to protect --. >> host: congressman hurd when it comes to degrees of security as the nsa and the commerce department for example, do they need the same levels of security and should they be in the same system? >> guest: that's a very good question and the concept is called defense in depth. being able to protect everything with the same level of security

is really hard to do so when you design your network and you design the data is flowing across your network you have to ask what are the most important things that need to be protected and let me make sure to sign my system to protect data and have the tools to protect that. so the question is right, nsa has certain things and need need to be protected at a certain level and congress may have to too but we can't think of a one-size-fits-all solution when it comes to cybersecurity. this is why we have to make sure our cios are involved in the planning and what is the most important thing to protect and how can you protect data and continue to allow the movement of information for people to do their job to provide services to the american people. this is something witty to we need to make sure the folks that are involved in art digital infrastructure understand and this is a philosophy that has been around for some time. we need to do more that an of

that in federal government. >> host: you finding the agencies eager or reluctant to upgrade and update their technologies and cybersecurity? >> guest: i think one of the friction cc is many of the cios across the various agencies understand what they need to do. they are getting pushback and friction from some of the cfos because the cfos feel like they are losing some of their authority and power. that's not what it's about. about me. about mick ensure technical experts involved in defending those networks and so that is one aspect to this problem. i think the cios, it's been good to see how these agencies have been reaching out to dhs, the department of homeland security and involved in helping to defend and test some of the networks within the federal government. that partnership is new, it's growing and it's working.

so i have been happy to see that those kinds of relationships are happening but the reality is the cio thinks they can do this all by themselves and have all the tools and don't need help from anyone else, they are wrong. mick ensure they are asking for help when they can. >> guest: congressman i wanted to return to two things do things he said just to understand where you are. you are studying it? is that what i heard from you? >> guest: this is a complicated issue and something we need to spend more time studying. >> guest: understood. you also mention russia. obvious that they been in the news lately with that hack of the dnc. congress and the administrations have either talks are issued sanctions or threatened sanctions against north korea, iran, china but has the administrations and/or congress had had a targeted agenda with

cracking down on cyber hacking? >> guest: i think they have administrations has taken their eye off of rush on many fronts and that's a problem. note we should be surprised that the russians were involved in hacking american systems in order to try to get a leg up on potential future negotiations. the reality is what is a digital act of war and what is the pro-poor response? there is not a whole of government answer or response to that. different parts of the government have an idea what that means but the reality is that if north korea launches a missile into san francisco we know how the u.s. will respond in the north koreans know how we would respond. but what does that digital attack and what is the appropriate countermeasure? maybe it's a digital reaction. maybe it's a physical reaction. maybe it's sanctions but there is not a clear understanding and agreement on what is an act of

war and what is an appropriate response. until we have those conversations and red lines is hard to have a conversation about any individual either because we have an agreed-upon what are the red lines. >> guest: china, there was a recent report by the company fire i company fire i know the company has confirmed saying cyber hacking has dropped often attributed to a number of things is that what you're understanding is as far as what's happening in it and if so what he think it's happening? >> guest: that's my understanding of that report. the question is that is a perspective of one entity on their networks and they are a very well respected organization. i believe what they are saying, what the question is, have you seen the same level or potential drop-off of attacks on federal infrastructure, on military infrastructure and national security infrastructure?

that's a question i do not know but the reality is when you do attribution, when you say hey we got hacks by these folks that's a method of deterrence as well too and i think escalating some of these attacks and talking about how the chinese were involved, think that is a deterrent and decreasing what they think they can get away from, get away with comics to use made. this is an ongoing conversation and again we can't be walled just because we have data over a handful of information that the attacks have gone down. the reality is we shouldn't take any long-term assessments on that information until we have a years worth of that data. >> host: congressman hurd you mentioned the office of personnel management was hacked. what are some of the ramifications if we have seen now that it's been several months since i happen?

>> guest: the ramifications are that there are still folks that may or may not know that their information was stolen. it's hard to pinpoint whether some individual that has experienced fraud, if that was because their information was stolen in that opm hack. it's been a year since that hack and the american people have become aware that hack and there is still a lot more information that we need to understand in order to have a longer-term address of 23 million records. some of that information you don't have to take advantage it right away. stuff that can be used three or four years from now and so my fear is that a couple of years from now we stop talking about opm hack, the opm hack is a distant memory and that's when the bad guys took the information started using that fraud and things of that nature.

>> host: congressman you use this term or this idea that this is not a very issue. how do you get the attention of appropriators and leadership etc.? >> guest: people recognize it as an important issue. i represent 29 counties in texas urban areas and her areas in the last 17 months i have done over three and an 20 meet and greets and there are two questions i've gotten asked by each one of those big question on national security isis or iran related and the other one is security. the question is different every time. people are nervous that they keep reading about these high-profile attacks that have happened almost every week. how many people have had to get a new credit card because their information was stolen lexus is something that impacts everyone and i think some folks are afraid of the