next week, "washington journal" will look at the job situation. we start on monday with the work force training programs. tuesday, the focus is on technical education. wednesday, a look at private- public partnerships and job creation. thursday, we will have an assessment of federal jobs programs. friday, opportunities for women in the work force. "washington journal" is life every day at 7:00 a.m. eastern on c-span. >> the ayes are 74, the nays 26. the motion to concur with senate bill 365 is -- signed the senate bill everyaw, there's video of session and complete voting records. as they return in september,

followed daily floor action and committee hearings at c- span.org/congress. >> this week, "the communicators" begins a four part series on u.s. cybersecurity. white house cybersecurity coordinator howard schmidt is this week's guest. he is interviewed about the administration's effort to protect the u.s. against cyber attacks. host: this is week one in "the communicators" four week series on cybersecurity and legislative proposals to address those threats. we're pleased to be joined by howard schmidt, assistant to the president and white house cybersecurity coordinator. chivonne, intelligence correspondent for "the wall street journal". is there a working definition cybersecurity definition is

across governments and across the different stakeholders' of what it is and what it will entail? guest: the term we use used to be called computer security, that it was information security and information assurance. we have coalesced around cybersecurity because it encompasses everything from end user devices such as smart phones all the way up until defense systems. internationally, we see other governments that take different terms. they use information security. they look issues around computer security. locally, we have it. international, is not the same. host: is it a global issue? guest: it is. the economics of the world has turned around and the technology backbone we see today. a lot of this hinges on how well

we do security. host: in the last couple of months, the white house has released a series of proposals, some legislative. how would you encapsulates those? guest: they are a continuation of what the president asked us to do in may, 2009, where he released the policy review that said there are specific things we need to look at. one of them is the april release of the national strategy for identity in cyberspace, looking at identity and how we view that and how you trust identities. the second one is about the legislative peace. what are the things congress can do to help that only the u.s. government but u.s. businesses? the third one, which is the cornerstone, is the president's international strategy on cyber space. note i said cyber space and not cybersecurity. the subtitle is the prosperity and the economy and the

technical world we live in today. guest: i am wondering if we could do one more stage-setting question. if you can characterize on a weekly basis new evidence of cyber and frustrations, -- infiltrations, how do you characterize the threat that the united states is facing in cyberspace right now? guest: one you have to bucket in the correct areas. we've seen cyber crime ever since we moved from bulletin boards to the internet to the web and e commerce, there has been efforts by criminals to take advantage of that. that increases the more we become dependent on i.t. systems, the more opportunities for criminals. on the other end of the spectrum, we start looking at the dependency we have as a government, as a civil society. somewhere there is an i.t.

system running the power grid. any threats against the system is having more of a dramatic affect on us. we are identifying what is going on out there and try to isolate the impact that will be. more important, how do we stop that from happening? guest: different corners of the government's intent different views on how severe the threat is. one of yours is to coordinate -- one of their jobs is to coordinate these differing views, but one of the components of the government has been the pentagon, which officials warning of a cyber pearl habor. in your comments, i do not see that approach taken. how publicly are we supposed to simulate different views across the administration? guest: when you look at the different parts of government that have different responsibilities, defence is responsible for looking at the

worst-case scenario and protecting the united states and our interest. in other parts of the government, commerce, department of energy and treasury, all have different responsibilities, and you are correct. when the present treated this office, the idea was to coordinate these and develop good policy on behalf of the u.s. government. guest: what we make of the pentagon's statement about the cyber threat? if you like it to concerned about a cyber pearl harbor. when you talk about the millions of scans done and defense systems every day. guest: it is not necessarily only defense systems that are scant. we have private sector and other parts of the government, including other governments. we have to take that as part as the overall picture will look at. taken into account, figure out what they can do to help, how much is it directly related to defense activities? how much of it goes to the fbi, a department of justice, secret

service, common security? this is part of the overall picture, but not the whole picture. guest: we alluded to the white house's cybersecurity proposal. we are over the debt crisis. in speaking with people on capitol hill i've heard a lot of fears from aids that have been working on this issue that things have stalled. can you give us an update? guest: we believe we are going to start seeing some movement on this when congress comes back. this has been a big issue. we recognize there are a lot of pieces we need to put in place on this. legislation is only one of them. while this has been up there since we submitted a proposal, that does not mean we stopped all work waiting for congress to do something. we continue to make efforts, but we think when congress will come back there will be extra focus on it. and we will see a continued movement forward on a bipartisan basis, recognizing that are

pieces of cybersecurity the legislative body to help us with. host: you talked about pieces of legislation. would you prefer to see a package passed or would you like it in bits and pieces? guest: we submitted a comprehensive package based on request from senator reid. we think that is the important way to look at it. when you look at the process, getting thing to congress, if you have small chunks you are dealing with, it will take a lot longer than any of us want to see happen. looking at it from the perspective, here are the pieces we need to put in place, let's put them into place at one time and continue to evaluate things as we move forward. we need more in the future because technology and the threats change, then we can adjust them in the future. but looking into the comprehensive fashion is the way for now. congress does not look at it that way, which one piece is critical? guest: information sharing with the private sector in

infrastructure. the role of the u.s. government. what is government's role, what is private sector role? the private sector has said that there is a lot of things they can do on their own but the government has a lot of unique information based on intelligence and law enforcement. they need that. those of the two pieces we need to get that lockdowns we can mutually except that shared responsibility in infrastructure. guest: what have you been doing to work with private industry on this? and talking on capitol hill, i heard there has been pushed back from private industry, not just the chamber of commerce, but telecommunications and technology companies are not fans of the system that you are proposing to require certain parts of critical infrastructure to evaluate their systems and report back on that. i am wondering how the white

house is managing industry concerns on this. guest: one, we said when we rolled up the proposed legislation, this is the beginning of the dialogue. this is by no means the end. secondly, we worked with the private sector, not only the white house, but all of the departments that have a sector- specific responsibility, getting feedback from the private sector. what is it we need to do and what did the things they need? i do not want to characterize the private sector response is being tremendous push back. guest: one person characterized it that they came up with guns blazing. some of the folks are getting feedback on capitol hill described it as significant. guest: the vast majority of people i talk to seems to think it is measured. the devil is in the details. we need to define what is critical infrastructure. what is the reporting mechanism. we want to make sure that somebody has a reporting requirement to some government agency, that we are not piling

something else on top of them. those of the concerns of the private sector, which are shared concerns we have. as we get into the details, we need to make sure we continue to continue the economic growth that technology gives us, while still making sure the lights stay on and we have the ability to communicate. guest: would you anticipate any changes to that portion, given that that is the section, the guts of the legislative proposal and the thing that is causing heartburn in some industries? guest: congress, as they get more coalesced on the details and work together, and we anticipate changes. we expect them to come back with the proposed changes so we can provide feedback on how workable we think that is under the current set of situations we are living under . host: on may 27, in "the wall street journal", she quoted an internal chamber of commerce document that said that the new

regulations on critical infrastructure will harm public- private partnership. cost industry substantial sums and not necessarily improve national security." guest: it is interesting because we read that article, and i've had a a number of conversations with the chamber, and bear in mind that there are a number of different companies with different perspectives. so they are trying, and that was the draft, it was not fully vented with other members, so basically that getting out there was not fully representative of the position on the chamber. we continue to be sensitive to their needs. we continue to hope that they work together internally to figure out what are the alternatives. continue the business news we have out there while improving security. host: josh quorman quotes in huffington post on may 13, after the proposals came out "the

attackers are two years ahead of the defenders, who are two years ahead of the market, which is two years ahead of compliance, and legislation is five years behind that." how do you keep up? guest: how do you define being ahead? \ we are better than we were last year. we are better prepared. we apostasies not only in the government but outside the government. the bad actors exploit those same vulnerabilities. the typical thing we see is the anatomy or autopsy of one of these events. you have a fishing e-mail exploiting of vulnerability. we've seen that for 20 years. i do not know that anybody is ahead. we recognize that it is doing basic hygiene. legislation, there are some

things we need to touch upon. penalties for impacting critical infrastructure. the impact of organized crime, which is part of the cyber crime thing we talked about a few months ago. -- minutes ago. i don't know we'd put two year s and two year. span'sthis is c- "the communicators". kicking off today, we are doing in four weeks series on cybersecurity. howard schmidt is our guest. shivonne gorman is our guest reporter. guest: the white house puts a lot of stock in the role of the department of homeland security. many feel that it is only a decade old, and cybersecurity is

a new responsibility. even the national security agency have been doing this for decades. i am wondering why focus so much on the department of homeland security, and how much are you responding to concerns from lawmakers? guest: first, when we look at the role of the different parts of government, you mention the department of defense and national security agency, which has those great technical capabilities. if i need someone to protect the system, they are the folks i go to. if you look at the civilian responsibility across, and security, you look at the things put in place for homeland security and the relationship to the private sector, there is not a place to put it. drawn within the department of defense and energy and department of justice and fbi, is a supportive role, but someone has to lead this. as a consequence, they continue to build their capabilities, as we develop the national cyber response plan, we look at things such as cyber storm, that

gives them a window into some of the things they have to modify and change. i've confidence in the leadership and in the mission, but we continue to build the capabilities with smart people and could laws put in place. guest: can they do it fast enough? as we were discussing, this is something where government's response to thie threat has been slwo. ow. if you add a learning curve, can the government respond quickly enough? guest: i think they can. it is more than their responsibility. private sector is a big part of this. as a consequence, the ability to wrap up the deal with but we are doing today is ongoing work, but more importantly, is building for the future because the idea is part of their role is not only dealing with what we deal with today, but how we wind up with a private sector and a

government that is better organized and we are sending a clear message to those that would disrupt our systems that there are consequences? yes, i would not even say it is a learning curve. it is a building capacity. but they are not the only ones that have to deal with the spiris. host: james lewis, saw a quote asking private enterprise to help protect cybersecurity systems is like asking the airlines to protect the u.s. from air attack. what is your response? guest: i'm not sure that is valid. number one, if you boil it down to business needs, over the past years security is not a luxury, we realize. as part of the business process. it is still having an open system so we can do on-line transactions to be able to coordinate with our business partners. once again, it is a new thing.

this is brand new technology that we have been pushing out the boundaries. asking them to do it, they have an inherent need to do that, to make their business successful. people talk all the time about power stations. they do not make money at the lights are not on. businesses do not make money if the products that cannot be sold sterling. there is an imperative for them to do it as well. there are those that are slow to recognize their role. part of our job is to make sure they have a shared responsibility. guest: at what point does that exceed their responsibility? the pentagon is concerned that they are relying on the same power grid as all of us. the lights go up, it affects us just as much. when does a cyber attack, and act of war, use of force,

something where it starts to go into the military? guest: the dead is one of the things we continue to debate with smart lawyers -- that is one of the things we continue to debate with smart lawyers. hopefully, we will never see that. there has been a lot of discussion about putting labels associated with cyber intrusions, and we continue to look at what is that escalation point. about the dependency of the department of defense and the department of homeland security on those resources, we have a mechanism which is part of the proposal, the legislation, is to say proved as you can do this. prove to us that you are set up to deal with most things. if not, what will you do to fix it? it sounds like a silly discussion, but how do we deal with a major snowstorm at where we are shut down for days and days. we have processes in place to

deal with the unexpected. we have to do that in the critical infrastructure realm as well. guest: even if the lawyers debate what an active war would be, you have studied this problem for decades. what is your sense? guest: if we get to where it is military against military or military against civilian structure, that flips a switch the other way. it is not to say turn the switch back and it becomes military parity of diplomatic and economic, all kinds of pieces to deal with those sorts of things. that is the worst-case scenario. guest: if the u.s. can prove that some other countries military attacked? proving a specific government, much less their military is responsible, is something that is difficult to do. i'm not sure when you'd prove that. guest: one, it is foolhardy of any government to do something like that because they will be

affected by it as well. we talked about that before, because it is in nobody's interest to create a cyber armageddon or digital pearl harbor, but on the same token, that is why we have to be very careful on allies and everything we see take place, every intrusion, every scan you mention, to analyze them that -- are they a threat, and if so, how do we deal with them? a lot of this is basic hygiene and making sure that these things we know are out there cannot affect us. host: howard schmidt is the white house cybersecurity coordinator. he has had one of the most intriguing careers i have ever seen. i would suggest you go to the sitee house wouletb to look at further. he worked as a policeman in chandler, arizona. he worked at the fbi.

he was a special advisor for cybe space security for the white house under george w. bush. he was vice chair of the president's critical infrastructure protection board. he served with microsoft as well. that is just a couple of the things. he got his b.a. and mba from the university of phoenix. one of the proposals the president calls for is that this needs to be coordinated from the white house. do you see this as a cyber security czar position? guest: i would not collett all a czar. the turn coordinator is what this about. we have seen similar states around the world do similar things. recognizing there is the defense side, the commerce side, there needs to be people bringing

these things together and giving advice, in our case the president, and and other countries the prime minister or president. has to be anchored in the white house. host: are there funding numbers in place? in cybersecurity in general? guest: yeah. we have things that go back to the comprehensive cybersecurity initiative. as we evolve, one of the things we look at west cybersecurity co -- was cybersecurity costs, like fire walls. they are part of the infrastructure. when we buy a car, we don't say will i have brakes or not? the security has to be built in. guest: looking at your office, one of the proposals that is circulating on the hill is to sort of create more structure

around your position. now that you have had some time to spend in that position, what is your take in terms of proposals that would give it more control over the purse strings or establish your office more grounded in statue. te. guest: having control of the purse strings does not necessarily make you more secure. we have seen that in some of the changes we have made to make that work. the structure have i think is good. we have the ability to bring all the leadership from all of the agencies into one room and go to these types of issues. who handles what, how it's handled, what are the policies, what of the legislative pieces? we have been able to accomplish so much in a short period of time for cybersecurity lends credence to the fact we are raúl structures. when the present created this position as not only part of the national security council but

will with the national economic council, which is important because our economy deals so much with cybersecurity and technology. guest: what is the hardest issue u.s. had to sort out so far? so far?you had to sort out guest: looking at it from their area and getting people to come together with consensus. what did the things we need to fix right now? moving away from the edges and getting to move to the middle, how can we move this for? host: what are you hearing from congress? guest: the meetings we have had on congress and on the heels of submitting the proposal, we are getting feedback that they welcome the opportunity to debate this more deeply within congress. they look forward to us providing input as were the things we really need. i think the last count there were 50 odd pieces of proposed

legislation across the various committees. all of them exercising jurisdiction, but had not heard from us saying, what do you really need? they are happy to get that. as mentioned earlier, the debate will start when congress comes back. debt in the details of this and how it will best work. host: given the realities of three months or so of the legislative season left this year, do you foresee anything happening? guest: i do. there seems to be a commitment from the leadership up there that says, yes, now that we have this big issue behind us, we can start focusing on this, because they all recognize we need to do things, and those things are part of the proposed legislation we put forward and we need to move them forward. i feel confident we will move this forward as soon as they get back. guest: have you gotten a commitment from republicans to move on this? that is one of the things i have heard that that republicans had other priorities and this would not be on the front burner.

guest: my conversation had not been partisan at all. i met with members of both parties. they committed. they recognize the need to do more. it is a matter of getting educated. guest: nt think they are going to have time to pass legislation -- and you think they will have time to pass legislation in the next few months? guest: i do. they recognize how critical this is to some different pieces across the united states. host: we have not talked about the privacy concerns. the electronic privacy information center, which will be a guest and a couple of weeks, this is a quote buy the y them. "and there should be legal standards, not voluntary guidelines when it comes to controls on private." guest: one of the things we did not only for the legislation, we're deeply engaged with the privacy and civil liberties community.

if you read the present international cyberspace strategy, it has had in many places references to freedom of speech, freedom of expression, privacy, civil liberties, when it comes to cyberspace. that is one of the quartet its behalf. the president has a dedicated privacy officer in my office -- that is one of the tenets on its behalf. when the privacy agencies look at this, we want to make sure they have the confidence that we are focusing on it, that we have controls in place to make sure we are protecting privacy and civil liberties. it is something we are accountable for. something is transparent for every organization. i think we are doing that. we will continue to move forward with legislation to make sure this takes place. the other piece is then data breach notification. one is citizens. we're not sure what our rights

are when it comes to information being compromised and in the hands of a third party. on the same token, businesses that have that information are dealing with 47 pieces of legislation from different states that is encrypted or not encrypt it. once again, i think we need help on the privacy, this proposal with the national data breach of notification. host: how do you make this user-friendly? guest: security has to be transparent to the end user. it's not just any of us sitting in front of a computer. it is the small to medium-size businesses. when you look at the 27 plus million businesses doing things online. we saw during the economic problems we had a couple of years ago, we saw a tremendous increase in the billions of dollars and on-line e-commerce. it has to be user-friendly. the end users shall not be the one saddled with is this good or