when do you think we can do to get the word out and involve citizens as well as small businesses.m what's the role for this really public facing side of this effort. >> the full chapter report was the real public out reach campaign. a lot of kids growing up think being a hacker might be cool. it's different from breaking into a garage nextdoor.

that's changing and we have to develop that. they understand by contributing that information, can you only get a sense of that problem and doing something about it. that's the capability we bring for them. i think it is. not just on the law enforcement side we are kind of running out of time. what we have now is a collection of people that did not grow up with i.t. now people grow up and by the time they've taken their driver's test, they've been around cars forever.

there's an entire community educating them about driving when they are very young. that's where the recommendations and so forth people have been doing it for a long time. we do need to step this up to another leaf. underif in fact this is a national homeland security problem, we need to treat it that way. it is not a mystery and what we node to do, we need to execute.

looking at how to make the item more%$y se tick. 15 years later, we have more problems with identity left

tell me why you think we haven't made progress on this fundamental issue in 15 years and what we need to do going forward all of these technologies were developed with the notion that everybody was benign. we have a goal of driving completely out of the networks

we have excited that technology has evolved. social security has become a secret. when i was a kid, we printed them on our checks. i think those kind of technologies are uebick way tuesday. you need to figure out how to establish enough queues so that

they trust wup another. the other structures that need to come about and making a better business. we have worried a lot about privacy as part of doing this. i think the pieces are there. we haven't had the reasons to do it accept in places like d.o.d.

i think it is very important and somewhere you need more auge enter indication. i think that's important too. one of the things that is really unprecedented. there's a lot in this area that can be done to make us more effective.

>> the point is that making progage enteration for places where it is aproment. on the internet, certainly not. and at the same time making it easier. it's not a public good problem, it's a big of a collective action prock. maybe some industry wants to use the authority indication,

they have to move their own. government has not really provided the ways if you don't want to use things like a suser name and pass word, you don't have to use that. if i want to see my savings plan or identification. i can optionally do that.qxt

i think we addressed first part. if truly there is a place where the market doesn't meet the need. perhaps we could find a way to find the resources of the government and reiff am tack tore. >> thank you for your question. >> i am with the terrorism research center. we have received some reports reisn'tly through cyber security experts that china has developed their own seck your operating ace teem.

do you think going forward, we can continue to work with some of these products somewhere like the choip he's have done? >> this is another old goy question. the d.o.d. has made a suggestion that the models were not sufficient but in handling multiple classifications but in general resistance on guidance

attack. we had a really great one. all the great compouter industries in the world create one, except for microsoft. there is more in demanding the infa structure that is more rebust.

we have to be much more serious to use our boying power. the government will have to build itself. >> next question. we have 15 more minutes. i'll try to move through as many questions as we can. if we have extra time, please keep in mind questions you want to revisit. >> brian rowe with public knowledge. it's difficult for me not to associate this with maven dating that precipitaters print out information in the pages that give up individuals information about who printed

that information. >> i'll start by saying, i don't think you should be asked to give uprights. i really mean this we need to find ways to move forward and find security at the same time. the last thing i say, the 60-day review, on the team, in

the wouth, there's going to be a privacy and civil liberties present. we have to insure tutionalize the effort we need. the out reach was extremely brought. that was a very lights on fact for a lot of people in the community. this president really made this a bedrock issue. brian, thanks for your question. >> i'm representing the center

for defensive studies. in a situation where we have safe ill your honor and private networks, not just our own but those> i think it is a great question. right now, we tend to share the vullner ability information we can't find. i can't talk about some of how

these processes were. they aren't public processes. we encourage the fixing of the vullner ability. we have tried to cal catalog and share these things. a lot of this sharing is done.

>> an important aspect on an ongoing basis. at the right time to allow people to defend themselves that doesn't subject the environment. this is a lot of dialogue required about mechanism for that on a consistent basis thrfments going to be times about when there's tension on the disclosure n. the traditional ways of disclosing have been overruled

by the dialogue taking place. >> we'll go to the google moderator now. how will the lack of international law by treaty or president affect u.s. development of u.s. defense capabilities. anyone want to respond to that? we'll hear from someone else. >> i'm not a lawyer either. i would say we don't need to wait for a treaty anyway. one of the things we need to do

is to try to define what some of the normals are in cyber space. one of the other things also clear, this is a fundamental thing we need to do no matter what the factor is. we have threats from criminals mplet we need to have the defensive measures in place. also a problem age old, 350 miles off the some ally coast,

we both have navy connections. i used to be a fraud man. wup of the first things they did is call the anti-pie rassy center in the u.k. what are your thoughts on this one? for now, we have been trying to hook up some of these ad hoc relationships.

we've used those relationships to expand among sharing and in incident response. we've succeeded in siker mrgsis putting together the ad hoc collations together and figure out how to get something done around some of the cyber emergencies.svy we need to figure some of those out. jo this is another area we node to go farther, stronger,

faster. this is an international problem. this is something no one government could solve. acknowledging we have a lot farther to go. both chris and i have share the time working it is a very effective way for law enforcement around the world to solve crime. we need to find a way it build on those experiences.

jo earlier someone mentioned the idea that we need to make -- i'm curious how any of you and what ideas you would have. my experience in the private security is not the response of the workers. do any of you have any insight on how you wro i think it is a

combination of incentives and also the market dullly. they are not two separate camps but they integrated. >> go the the tax incentives. we are looking at all those options. >> if you want to bring the market to bear, you want to make decisions based on data. if you are going to bring that. a quick thought. the government still has a loot of buying fower.

if we ban together, we can make a market for some of this kind of stuff jofment thank you. one quick point ond international front. one thing i might throw out is there is a lot of we have gone out and adopted based on risk those transactions. i encourage you to look at what the financial industry is doing on that front. the question is, i agree with what you have been talking about what about the inter

national implications for when we do here at home? there are different legislative giving some governments who are already starting to go in the direction and starting the requirements on big stopies. they are putting these requirements potential shlly on us that would put our ability to repeat abroad. as you think about this challenge internationally, are you think about how these policies will impact the

competitiveness on the global front. >> i think it's incumbant on us to try. everybody wants to work on the public education, public awareness. that's where it ought to be. you always consider that we are going to result in a situation. we think it is eye competitive

ners issue just as government needs to do better. >> i agree with that point. there's governments a broad that gives them an excuse is that goups pass. what we do here and what is happening on the international communicate and the effect >> that reetly is a corner stone of the policy. bringing industry in to a lot of these discussions with government is to make sure when we have all these forms dealing with issues, we are actually making use of them in a way that helps all of us together in competitive