providing unique insight about the court. it is available now in hardcover and also as and e- e-book. >> this is a discussion on how the u.s. prepares for cyber security attacks. our guest is dan lungren, ranking committee on the homeland security coomittee. >> congressman dan lungren, as a ranking member of the land security subcommittee on emerging threats and cybersecurity, what are your responsibilities? >> i hope our responsibilities are to try and win a sense of urgency to the congress and executive branch as well as to the public with the continuing threats that we have from the homeland security standpoint. in our title, we do have science and technology. we hope to advance the application of science and technology to methods that will make us more safe, if you will.

-pcybersecurity is among the subject areas dealing with security areas. it is probably a lagging i do not say that as a criticism. i say that as an observation. it is partly because of the nature of what we're talking about. after 9/11, we were able to really firm up our aviation security. i was the main author along with jane harman of the save sports act to permit the security of the ports. i have been working on transportation security. i helped to write the security modalities for chemical facilities. in those categories, it is something you can see, touch, sense. it is easier to build a response

because the threat is more evident. cybersecurity is in sight of things. you do not see it. because it has become so ubiquitous and everywhere, it is more important than it has ever been before. it applies to many of the physical structures and infrastructures that we have. yet, in a sense, it is hidden. it is tough to get people to understand the uniqueness of the importance and the threat and the immediacy of it as well. >> areeyou finding that members of congrrss are not interested in cybersecurity? >> i think they're interested in it from time to time. if you asked me if members of the public are concerned about the threat from al qaeda or its affiliates, i would say that is iitermittent. we got very concerned after the christmas bombing effort. now we're very concerned about what has happened in new york. what has happened in the interim? we go through about three weeks3 it. you can look on the agenda off

congress. you can look at the budgets. you an look at the polls that show what is most on the minds of americans in terms of3 all of those indicators of whether or not we're concerned disappoint me because we have continuing threat to which we must respond. vigilance is the watchword. in newark city, -- in new york city, it is one or wo members of the public saw something and reported it. bank of that they did. -- thank god that they did. also thank god we had an incompetent terrorist.+ those members of public -- of the public had a sense of urgency. cybersecurity is a lagging indicator because other things are more evident. youucan get people focused on that. is more difficult to get them focused on cybersecurity. >> of dire are the threats from

cyber security issues? >> there is a whole range there from hackers tooones to want to do it for some devilish reason to the criminal enterprises. there is some suggestion that the overall organized criminal enterpriss worldwide is more out of cyber security attacks than from any other type of crime. yet the transnational terrorist organizations. then you have the nation states. all of them are in the play right now. dates are more aggressive than ever before. there are more of them. therr are more opportunities for them. in part it is because the grand world of cyber, the digital world, is pervasive in their lives. it makes much of our standard of living and the enjoyment of things that we find more readily available. it is interconnected.

the very strength of the cyberworld is also the vulnerability. it out of the inttrmittent interest level? >> we have to have an educational campaign that attracts the attention of the american people. we need a cyber security campaign. when we were concerned about forest fires four years ago, we had th smoky the bear the became phe symbol of the ongoing program and concern about that. everybody knows that. we need to have something. i do not know what that is yet. we need to have something like that attracts people's attention so that they begin to understand that we are subject to attack from all of those different sources. there are things that we can do.

i was at microsoft talking to there. 99% of the attacks can be avvided by people doing simple things better already available to them. keep updatee with the new security responses that all the companiis are out there producing for them. >> when microsoft has an update, they should get the update. >> as long as you can identify that is tte one. i was tired one night at home going through mine. something came on and said that needed an update. i have norton. i waa not sharp enough to look at it closely. my whole thing exploded in essence. i had to go back. i realized what had happened. i immediately went to my norton

system. it had to go through an entire review of every single file i that are detrimental to mm system. even those of us who have a little bit of sense of that make mistakes as well. the point is that we should stay updated with something they have confidence in. that is probably the simplest advice that i can give. the way these attacks are coming, they mmnaged to figure out what the vulnerabilities are fairly soon. they will attack them. you can be vulnerable. >> let's take it to the federal security level. what is the threat to the u.s. government, to our safety? what are the best solutions? >> it is a multi-faceted threat. it goes all the way from invading the private sector,

let's say upsetting the financial markets. we recently saw what can happen3 in reaction by the markets themselves. what if that information is invaded in such a way that it is inaccurate but people do not realize it at the time. there is the area of infrastructure, power grids,, water systems. those are very much part of the digital world in terms of the command systems involved. i think we are doing much better now than we were a few years ago on that. a lot of this command and control systems were developed over the years. they are an accumulation of a number of different programs. at the time they were created, we were not concerned about cyber attacks. we had to go back and catch that. the new systems built in the security. with respect to defense, dod has

innumerable attacks each day. same with congress. they could upset the workings of government by interfering with the information system if they were able to take control of command and control systems with respect to our infrastructure. you can imagine what could happen. it is multi-faceted. we are doing a better job. the defense department probably leads the government in ferreting out the threats and responding to them. the executive branch is doing a better job. i have to give both president bush and president obama credit on beginning to have a focus there. the congress is also coming plong on this. the real challenge is how we in congress make sure that we are not trying to establish what the

particular mmans are to protect against a particular threat. it happens so fast you could not pass legislation that would anticipate everything. our obligation and challenge is to come up with a set of standards by which we suggest and requireethat the business community and private-sector involve thhmselves in those protections to help the government in coming up with ideas. most of the ideas will come from the private sector. i am suggesting incentives in the system to make this part of the bottom line in the private sector. it could be in the area of tax incentives. it could be to say that if you put through certain cyber security programs, if there is a breach and your programs meet tte standards that have been set by the government, you may have

immunity against civil that would be a tremendous incentive for someone to do that. it could be with a tax incentive. the challenge is this. if the threat is small and we do not have good evidence that anyone is particularly going after your business sector but the potential consequence is great if they did go after your sector, how do you get someone who is making decisions within a business knowing they have a fiduciary irresponsibility to the shaaeholders make that part of the bottom line? in some cases, the government has got to guide that. if we go too far and say eeactly what you have to do, we may be telling them to develop an approach to technology which will be leapfrogged within a

year or so. that is the challenge. congress should not say that we know best and the man that you do that. we should find ways to get the cooperation and performance out of the private sector and the public sector. -p>> richard clark has a new bok out. it is called "cyber war." here is a little bit of what he had to say. >> we're really good on the offense. cyber command and other nits in the military and intelligence community have been doing this for years. they invented it. they are really good at it. you have to assume that anything anybody else is doing, probably the united states government is doing as well but only better. when you read about the chinese attacks hiking into google and everything else in america, somebody is probably doing it to

china. we have no plan, no system, no strategy to defend this country against cyber attacks. >> i would say we do not have a fully developed robust defense we are doing better. we are not there yet. i do not think we'rr close to it. that is why i am trying to raise the concern. it takes a tremendous amount of commitment to do this. the first obligation is understanding. it is not only us understanding but getting the public to understand the threat that is out there so that we can have the support for doinggthe things we need to do. much of the discussion that takes place in the cyber world today is protection of privacy

and rights of privacy. that is a part of it. we also have to examine the steps that we must take in the sense appears security. how do you make sure the system is not invaded in a way that is taken over by someone else? it is not just for the various criminal activity. -- nefarious criminal activity, -pbut for true attacks on our national security. look at when he russians dealt with georgia. they had a military action. they also had a cyber attack.. if you were to envision the most effective way to do damage to a country, in my judgment it would be a coordinated attack. it would be a military attack plus the cyber attack. you can disable the physical

properties of your defense establishments, financial institutions, electrical grid, water systems by capturing, taking over, interfering with, some way invading the cyberworld that helps connrol those things. in addition to having a military attack to actually go after and destroy his glasses. >> what is the coordination level? how would you describe it? you have been working with howard schmidt, the white house cybersecurity czar. >> i am very pleased that the president did bring him in. for a long time, i was disappointed. i think he has a good man now. the question is the vantage point of authority or a

leadership that he will have across the executive branch. that is still to be determined. i think i know whaa he wants to do. i know what the paper work suggests will happen. you are dealing with so many different elements of the executive branch. i think there is a spirit f cooperation among the different committees in the congress and the administration. that includes the defense department. one thing is lacking is that congress has still noo responded to one of the major complaints of the 9/11 commission. congress is not organized itself in a slim down -- slimmed down and more discreet manner so that we can work on a better basis with the executive branch. the number of committees they have to respond to across the board with respect to questions of home as security is nuts.

the whole reason we established a homeland security committee in the house was presumably to take care of that problem. a lot of the other committees did not want to let go of the jurisdiction. that interfered. instead of having proper, vigorous, robust, ernest oversight that we need to have, we have that multiplied several different ways which interferes with the effectiveness of it. you have members of the executive branch with key roles in cybersecurity and other areas of security. you have been testifying multipll times about the same subject. you are interfering with their ability to perform, is seems to me. it is a lack of congress being able to give up the pride of authorship, ownership, and territorial power in the legislative process. it happened under the republicans.

did this happen under the democrats. if there is one thing that can make it work more effectively, it would be for congress to finally say that we have a department of homeland security. it is a reality. it brought together in some cases discordanttelements of the executive branch. we did that in tte house of representatives. let's make it work. there is progress. there is the need to have a lot more progress. >> let's look at it from the house and senate point of view. is there cooperation there? quite a few bills have been introduced. what do you think of that approach? technology changes fast these days. >> there are a couple of bills under discussion on the senate side and i see some good aspects

of them. i think we will fall upon the house side in a spirit of cooperation to see where we can work together as quickly as possible on that. -- i think we will follow up on the house side in a spirit of cooperation to see where we can work together as quickly as possible on that. the house gave some reorganization to the science and attack plot -- science and technology part of homeland security. we want to give a greater emphasis to moving along the science and technology applications in the area of cybersecurity. when we did that and came up with our bill, we ask for review by the executive branch. we did not accept everything they said. we brought a lot of their suggestions to bear on that. i think he will find the samee thing with the precise language dealing with cybersecurity as a

distinct subject on the senate and house sides. there is a spirit of cooperation i see developing. we all understand that we have a long way to go on this. it is not that we're pointing fingers. i do not think anybody is doing that. it is a recognition of the fact that we have a lot of work to do. let's get going on that. i will say that fundamental to all we need to do is an educational campaign of some sort that not only allows --+ that draws the american people into the discussion. they need to be part of it. the cyberworld is part of everything they do today. we need to show them that there are reasonable steps they can take to protect themselves. they have to understand the vulnerability is. we need to grow support in the public sector to do those things. it will take money and manpower

wittin the federal government to deal with these problems. >> you also serve on the judiciary committee. he spent eight years as the attorney general for the state of california. what about penalties for cyber security criminals. has that been looked at at all? >> we are beginning to see some prosecutions going on with that. i do not think one sentence has come in on the case of the person who hacked into sarah palin's cyberworld. it was an interesting prosecution. some people said he was jjst having fun. we have to get over the idea is just people having fun. they are going after vulnerabblities. in the area of organized crime, those are very difficult cases to put together and prosecute. i think we have some strong

penalties on that. we will have to see the outcomes of some cases as they come down. you have to realize the very strength of the cyber world and worldwide internet is also a the anonymity available through the system attracts a lot of people to the system for good things. it can also be used by the rogues of the world. there's no doubt about that. you have to track where the operatives are with respect to criminal enterprise. they can disguise themselves well. they can be a new gondola -- in uganda or china. the indication may be that the server is in the united states or canada. these are smart people utilizing a great system. the sensibility is the great attraction. it is also a great fall mobility -- a great

vulnerability. we hear about time all the time -- time all the time. a lot of it is classified, but a lot of it has gotten out. there is no question that there is much involvement. any country that seeks to have some sort of military capacity is involved in that. i do not think there is any doubt about that. you heard what mr. clarke said about the capabilities of the united states. there is a question in all of this. you take a defensive or offensive posture? do you take an offensive posture to negate an attack? some people say you are escalating it because -- and offensive posture because you are taking it an offensive posture. respond in an appropriate way. we have to have the capacity to

defend ourselves and have options as to how that defense takes place. that takes money, manpower, and a commitment from the congress to support it. >> a couple more questions and then we willllet you go. the california delegation to congress is working on the u.s. cyber challenge. what is it that you are supported? -- what is it that you are supporting? >> i am attempting to support a number of different initiatives. i do not want to make it california specific. i am trying to do across the board support of these underworld in a sense that the united states has been the one

on the cutting edge. we cannot afford to lose that. i am a little fearful in some cases in terms of tax policy where that is harmful to us. it is all the way from that to be focused on security more than anything else. i have been part of different things. in my position as the ranking member, i do not want it to appear that i am doing it just rest of the country. california suffers from the standpoint that we're the biggest state in the union with the largest number of members in congress. a lot of other states say that we are the big guy and beating up on them. they want to have allies against us. my position in everything i am doing is that it is for the support of the country in cyber security. we're lucky in california that

silicon valley took place. it was luck and hard work. the real progress in terms of risk takers allowing us to go forward on advances in the digital world has been led by california. i am concerned about some of california's tax and regulatory policies making it more difficult for those companies to operate in california. i am trying to be a little inclusive on that. >> california does have a lot of high-tech companies that wwrk on these issues. intel is in and around your district and a big way. >> it is the largest employer in my district. >> when you meet with them, what can you share with us? >> i meet with them. i meet with microsoft and the alliance. thhy share my concern about a

lack of understanding or urgency in this country. one of the top security people in the private sector told me last week that if we just applied already existing programs, we could protect against 99% of what is out there. the 1% is still big. but 99% of the attacks, we could forestall. i did not know that we could speak with confidence about that. i asked for sure and he said yes. that means that education is first and foremost. if that is true or even close to true, in getting people to understand that and apply those things wwich will allow them to protect against these attacks is number one. we can do more with that than any single thing. >> are we spending enough on cybersecurity? >> we could probably spend more

effectively. a lot of people would say that in a lot of different areas. i can say that here in particular because we are in some ways playing catch up relative to other areas of protection against attacks on our home land. it is a lagging indicator because of the nature of the beast. you have to admit that so we can work at it and get the emphasis and urgency involved. >> we have been talking with representative dan lungren, a republican from california. he is the ranking member of the homeland security subcommittee on emerging threats and cybersecurity. thank you for being with us on "the communicators." [captions copyright national cable satellite corp. 2010] [captioning performed by national captioning institute] >> tomorrow, the political

reporter discusses politics and the 2010 midterm elections. donald kerwin from the migration policy institute books thht u.s. immigration policy with a focus on enforcement and privacy issues. victor cha offers his views on how the u.s. should respond to north korea's attack on a south korean war ship. that is live at 7:00 on c-span. >> when voters passed the republican canada what they will do about the economy, all they have to offer is the same old economic policies that created the mess to begin with. >> the head of the democrattc congressional campaign committee on voter sentiment in the upcoming midterm elections. that is on sunday on " newsmakers." >> just weeks after the british >> just weeks after the british election t