stop california's prop eight to beckerdown doma, jo tonight on 10:00 eastern and tomorrow at 9:00. is "e, our club selection himit calls you back." on tomorrow plus newsmakers, bernie sanders is our guest. he is the chairman of the veterans affairs committee and talks about allegations of misconduct. he comments on eric shinseki's role and adjusting the matter. the truth is that the v.a. is a huge institution. it does a whole lot of very

important work. in many ways, it seems like he has done a good job. everybody has heard about the claims backlog. is underle don't know bush, do you know how we did claims? we did them by paper. that meant an individual veteran could have files this page. multiply that by hundreds of thousands of veterans. our member talking to shinseki and he said i will convert that from paper to electronic. we will have those claims down accuracy.s with 98% they have cut the backlog in half. they are on the way to fulfilling that goal. one of the national embarrassments is the level, high-level of homelessness among veterans. vietnam vets living on the

streets. since shinseki has been an office, we have reduced that by 24%. also, as a result of the wars in iraq and afghanistan, we have seen an increase of folks coming into the v.a. no one denies there are problems. but if you talk to the average veteran who is in the v.a. we held a hearing last week. the largest veterans organizations in america. the question is when you guys get into the system -- it is good quality health care. is getting ways better. there are problems and i have chris is in motion techie -- and i have criticisms of shinseki. i hope we will be with that. i do not think he should resign. >> you can watch all the interview with vermont senator bernie sanders tomorrow at 10:00

a.m. and again at 6:00 pm eastern. next, officials with the fbi and homeland security department testify about cyber security threats facing the u.s.. this is a joint hearing held by on terrorismmittee and cyber security. this is a little less than one hour. >> good morning. the committee on homeland security subcommittee on counterterrorism and intelligence, and the subcommittee on cyber security infrastructure protection and technologies will come to order. the subcommittees are meeting to examine technology.

hold fortuitous that we this hearing in light of the other day be justice department announced indictments of several chinese army officials for their role in relative cyber security. due to the sensitivity, there will be a closed portion with the witnesses. i ask for unanimous consent that the recess and reconvening in a secure space. not recognize myself for an opening statement. recognize myself for an opening statement. the attack capability and

intensity of cyber around the globe have made cyber warfare mostyber crime one of the significant threats facing the united states. this week, the department of justice unsealed an indictment against five chinese individuals working for the chinese military for hacking into multiple private sector businesses to steal sensitive information. the fbi arrested more than 100 people for using malicious software called black shades which is used to takeover a commuter -- computer without the owner's knowledge. doj encouraged to by the indictment. moree was a signal of aggressive u.s. actions to address the cyber threat. this thread is not going away. cyberattacks have

economic consequences and could outused to carry attacks on the homeland. the attacks have become more diverse as have the tools for conducting attacks and waging war. while the u.s. has made great strides to secure the homeland since 9/11, our enemies have evolved. we must now consider a foreign orersary terrorist network criminal organization will use cyberspace to penetrate our defenses. james clapper featured the cyber threat prominently in his annual threat update to congress this year. along with other u.s. officials, he painted a sobering picture. comprise the most capable actors. countries such as russia, china, and iran have demonstrated a willingness to use cyberspace to

steal secrets, target infrastructure, and even target free press and financial sectors. each has invested in cyber defensive and offense of capabilities -- and offensive capabilities. many have suggested that russia supportcked estonia to the invasion of georgia and annexation of crimea. american cities and companies lose billions from organized cyber crime. traditional criminal networks have wasted no time developing the tradecraft to scam and steal data. the breach at target is an example. department of homeland security plays a major role in helping private companies keep their networks secure. this will only become more

important in years to come. weare accustomed to think -- must now be prepared to defend against groups like al qaeda using increasingly sophisticated cyberattacks and cyber crimes to their invention. groups usen these the internet to commit a cake and spread hate. today, we will hear about these issues from witnesses provided by the fbi and dhs. i am pleased we will begin the hearing and an open session and then move into a closed executive session. i am pleased that the subcommittee is engaged in the hearing. they have led this committee's efforts to enact serious legislation. with the support of the private sector and privacy advocates, their bill was passed unanimously. it is a testament to their hard work and the importance of the issues. i am pleased to have pat fest

today. -- with us today. i recognize the ranking minority member of the subcommittee, the gentleman from new york. >> i would like to thank the chairman for holding this meeting. in deference to the chairman and submit mys, i will opening statement for the record so we can get to it. >> the ranking member yields back. ing member the rank for yielding. and the chairman for sharing the opportunity to collaborate on this very important issue. i want to thank everybody for attending this hearing. this is the latest in a series of hearings the committee has held examining the threat to our computer networks and what the u.s. government is doing to mitigate response to that event. the threat is real and is a real

menace in american security and prosperity. we have seen iranian hackers to disrupt theckers saudi energy company and attempt to take down the american financial sector. we have seen criminals attack some of the icons of our retail sector. revising personal information of er 100 million customers. the department of justice announced indictments against five chinese military operatives. last month, i had the opportunity to travel to china with a number of my colleagues, including house majority reader eric cantor -- house majority leader eric cantor. we met with a number of chinese officials. we raised concerned about state-sponsored espionage and the importance of respecting intellectual property and trade secrets. has ahas -- china

responsibility to adhere to international law. a responsibility it has failed to a knowledge. wheresponse we received we received these concerns was disciplined. the chinese refused to admit they condoned or supported state-sponsored corporate espionage. they refused to concede american businesses were reaching the targeted by chinese hackers. in addition to state sponsored and criminal organizations, ideological actors including terrorist groups use the internet to attack and finance their illicit activities. report -- 2014 report states, threat actors are not just interested in seizing the corporate crown jewels. they're looking for ways to publicize their views. to cause physical destruction and influence global decision-makers.

these attacksnst has a cost. the cost is borne by american private sector companies. they spend hundreds of millions of dollars per year defending networks. at a hearing we held last month, and area community bank testified they had to spend $1 million a year. this is a small community bank. on cyber security efforts. he suggested they could spend much more. caused business disruptions. cost companies we hundred thousand dollars each -- cost companies $300,000 each to mitigate damage and it can be higher. they have lost intellectual property. found themselves at a competitive this vantage -- disadvantage. consumersheft cost and companies $780 million a year.

literally billions of dollars in value associated with stolen intellectual property. the question becomes how do we respond to this. we must ensure our agencies have defined roles. crackdown on the perpetrators of these attacks by arresting hackers and pressuring other countries to do the same to read it is especially true in china and eastern europe where spies andnies' criminals hide. hackers linked to black shades are a good start, but there is more to do. we need to understand who the

adversaries are, what they want, where they live, and what they are capable of doing. each of theank members of the panel today. we look forward to your testimony, boulton here and in the closed hearings to better understand and continue to educate not only our colleagues but the american people on this important and challenging issue. i thank chairman king for the opportunity. >> thank you, chairman. arer committees -- members reminded opening statements can be submitted for the records. i want to introduce the panel. glenn simons is the senior intelligence official. his responsibilities include providing cyber intelligence support for dhs senior operators.

additionally, he manages and leads a diverse workforce. it provides operational intelligence support to our nation's 16 critical infrastructure partners and allstate, local, territorial, tribal, and private sector entities to read -- entities. panelist helps lead high-tech crimes including espionage, computer intrusions, and cyber fraud. mr. demarest has been with the fbi for more than a quarter-century and i have seen him operate first hand when he headed the joint terrorism task force, where he did a outstanding job in coordinated efforts against terrorism. it is great to see you here today. thank you. larry is the director of

national cyber security and to medications at the department of homeland security. it is comprised of several components including u.s. to peter emergency teams. -- computer emergency teams. n/a 24/7 operations center. retired navy captain. i want to thank all of you for appearing. let you know that the written testimony is being submitted for the record. mr. lemonsrecognize for five minutes. >> chairman king, chairman meehan. i am pleased to be here today to discuss the continued threat to the homeland. cyber intrusions in the critical

infrastructure are increasing in sophistication and seriousness. although the persistent cyber threat to the homeland -- the complexity of emerging capabilities and link between physical and cyber domains endeavors the of cyber actors provide challenges. with the private sector owning 85% ofrating over our infrastructure, information sharing becomes important between public and private sector. malicious cyber actors include criminal hackers, asymmetric with unique cyber 's concerns. nationstates aggressively target and gain access to networks to its ploy and steal data. giving the worldview of cyberspace as a domain of

warfare, we cannot discount that beingaries plan by not infrastructure. are are -- cyber criminals motivated by profit. we see sophisticated financial tunnels in many countries throughout the world. criminal hackers are politically motivated or ideologically motivated and target for publicity which can result in high-profile operations, often with limited effectiveness. the middle east and north africa campaign shows the group's desire for media attention despite its lack of capability. asymmetrical actors include test -- terrorists using it for communication and research. we believe we will continue to seek -- they will continue to seek cyber targets of opportunity.

probability,ow such an event may have a high profile impact even if unsuccessful. success may be determined by press coverage. the outlook for these threats is that malicious cyber activity in intentional and unintentional consequences which can threaten security. critical in structure as well as health and welfare. assess -- inble to an effort to cause harm. role they has an important -- ia n and a has an important role. support is multi-dim ensional.

dhs ina has increased outreach by 382% from 2012 to 2013. four 2014, we are in a trajectory to bypass last year's numbers. these are in addition to our , andy, with monthly quarterly engagements. we are partnering with state and local centers. these are just some of our efforts to increase threat andeness, decrease prior -- adjust priorities. thank you for the opportunity to speak with you. i look forward to your questions. >> thank you for your testimony, mr. lemons. now i am pleased to recognize -- >> good morning.

distinct members. i am pleased to appear before you to discuss the cyber threats affecting our nation and how the abroa our partners and protectd are working to the united states. to adversaries continue evolve, and so too must the fbi. we live in a time of state-sponsored terrorism. these diverse threats facing our nation and neighborhoods underscore the complex that he and brett of the fbi's -- the thelexity and breadth of threats. they seek trade -- our trade and state secrets. all of which are incredible value to us here in the u.s..

scope, agencies are making cyber security a top priority. variousrioritizing threats as our priorities. predict and prevent threats rather than just reacting after the fact. analysts and computer scientists andusing capabilities techniques to fight cyber crime. we are working side-by-side with our federal, state, and local partners. through the national cyber investigative joint task force. command center, we command the resources of the fbi, allowing us to provide connectivity to the other cyber centers.

government agencies. fbi field offices. as the committee is aware, the frequency and impact of attacks on our nation's private sector has increased in the past decade. it is expected to grow exponentially. we have had investigative successes against the threat. we will continue to push ourselves to respond more rapidly to prevent attacks before they occur. the western district of pennsylvania unsealed an five membersainst of the people's republic of china. private financial gain, damaging computers through code and commands. economic espionage. theft of state secrets. conspiracy toof a

penetrate the networks of six companies pursuing action against state owned enterprises in china. this is the first time kamal charges have been filed against a known state actors for hacking. this operation involved 18 countries, more than 90 arrests have been made so far. been00 searches have conducted in support of the operation. products were offered through their site. the most popular was a remote access tool. it contained a longer feature that allowed users to record keys. had a form grabber feature which captured logon information.

its userslso provided with complete access to all the files contained on the victims computer. access told use this view or download photographs or other files on the victim's computer. it allowed users to encrypt or ransomles and demand payment. it even came with a prepared script to demand such a ransom. you can imagine, this tool alone possessed a significant threat to victims across the united states and around the world. the successes are just the beginning. the fbi has redoubled its efforts to strengthen our cyber capabilities. the next generation cyber initiative, launched in 2012, included a wide range of developments. cyberocusing on intrusion. hired additional

scientists. and expanded our partnerships to expand collaboration. it serves as a sharing center among 19 agencies. unprecedentedd coordination. this involves senior personnel and key agencies. use --re deputy director directors from the secret service and cyber command. we recognize to effectively combat the cyber threat, we must significantly enhance our cooperation with the private sector which we are doing through the if regard -- info guard program. the private sector is the key ingredient. as part of our enhanced private sector outreach, we have begun to provide industry partners

with classified threat the fees iefings in advance of the tax. we are engaging in an unprecedented level of cooperation with the government, the private center, and our international partners. we look forward to working with you and expanding our partnerships as we determine a successful course forward for the nation. thank you again, sir. demarest.ou, mr. members of thed committee, thank you for the opportunity to appear before you today. the nation's economic vitality depends on a secure environment where decisions can be made. information can occur safely. to meet this objective, the behnical objectives must

shared in a timely actions of cyber defenders can discover and addressable motor abilities -- and address vulnerabilities. our approach enables the rapid sharing of information in a matter that assures the protection of privacy, civil liberties, and rights. as mentioned, the organization of fouram -- comprised branches. from october 1, 2013, 2 may 20, 2014, we have received many reports from partners. a significant increase from the reports we received in 2013. these reports included phishing campaigns.

response to these incidents -- we publish technical and non-technical products, analyzing the characteristics of malicious cyber activity and improving the ability the organizations to reduce risk. when appropriate, all components have on-site into that response ands that can assist owners operators and their facilities in cooperation with the government partners. are withrtnerships more than 200 others worldwide. they are useful as our team works to develop analysis across international borders to develop a comprehensive teacher of cyber activity. data can be shared interest -- in machine-readable formats. it is currently being submitted and utilized. greatest challenge is our systems are not as secure as they could or should be.

there are a number of cases i can use to highlight my statement, but i would like to onk about how we needed -- april 17, 2014, we learned of a vulnerability to a widely used software. an alert and -- on april 10, mitigation guidance was distributed to worldwide partners. the cyber security assessment team collaborated with over 100 agencies receiving their authorization to scan for the will or ability, schedule -- skin for the vulnerability and deliver reports. we have scanned 15.5 million

ip's. reduced liability from 272 less than two women have of the roller boaters were identified in the first six days of scanning. we conducted two webinars with regard to heart bleed. 16 critical infrastructure sectors on april 25. approximately 140 vendors attended the first session. operatorsture owner and representatives attended the second. fortunately, due to the hard work, the impact of the heart lead on the.gov domain has been minimal. i'm proud of how the team responded. it is another example of how we elaborate and serve a large community of stakeholders. we could do better.

to better mitigate threats to .govb and .com domains. i would like to thank the committee for the ability to appear he highlight that we in strive to -- we are ever mindful of the need to spec privacy, civil liberties, and the law. look forward to your questions. >> thank you. fori recognize mr. clark opening remarks. i thank youou -- for holding this hearing. as we have just heard, the system supporting critical infrastructure and federal and corporate information systems are evolving and growing. persistent threats where

significantpossess levels of expertise and increasing threats. presidentelection, obama declared cyber threats to be one of the most serious economic and national security challenges we face as a nation. economicd america's prosperity will depend on cyber security. the director of national intelligence has also warned of the increasing globalization of cyberattacks, including those carried out by foreign militaries or organized international crime. as has been mentioned already, we saw the department of justice indict members of a foreign military involved in economic espionage cyber crime read -- cyber crime. it appears that the doj has been working on this indictment for more than a year. doj'sutors in the

national security division had to show there was strong specific evidence. there had to be countries that were willing to go come -- public against china. the array of threats facing the nation possess threats to national security commerce and individuals. threats include targeted and on targeted attacks. these sources include business competitors, criminal groups, hackers, and foreign nations. sources of cyber security threats make use of various techniques to compromise information be read -- to information.d inh threat sources very terms of the types and capabilities of the actors. threats caning --

range from bot nets to business competitors. addressing international threat involves many government and private entities, including internet security primers, software developers, and computer forensic specialists. implement teamon technology systems to protect against intrusion, spy them -- fraud, and spam. crimebecause cyber law enforcement has to deal with multiple jurisdictions. enforcement's challenge in investigating and prosecuting malicious 21st century cyber criminals is this. modern criminals can readily leverage technology to victimize

targets across borders in the criminals themselves need not cross a single border to do so. test inates a unique identifying and locating the criminals and apprehending and prosecuting them. the u.s. has extradition treaties with some, but not all. even with these agreements implies, the process may be slow. we must continue to search for ways that congress can help enhance your national law enforcement capabilities and get criminals off the streets, or shall we say, out of cyberspace. criticalprotect infrastructure and consumers. i appreciate hearing the informed testimony of our witnesses this morning. know thatsuring to our nation benefits from your diligence, knowledge, and expertise. with that, mr. chairman, i yield back. up to a fewll open

questions. i want to remind members that we will be moving to a closed session where the russians will be better addressed. again, if you can keep it to a few questions, it will be to everyone's benefit because there is much to be learned. i have one question. i would ask it to the panel. our terrorist organizations actively targeting the u.s.? have you seen cases of terrorist groups coordinating with criminal organizations? we are in an open session. >> yes, chairman. for this session, we are seeing that. against websites hosted in the u.s.. they tend to be low level attacks with site defacement and the like. there are three principal groups that have the capabilities or are developing them. to do something more in the physical realm.

your second part of the question about joining with criminal organizations, we have not seen that. we do actively watch for terrorist organizations crossing over to the criminal forms online today to acquire skill or talent or tools to perpetrate some greater crime. >> do you believe we have the do you wepability -- have the defense capability against these types of attacks? >> it is sector by sector, chairman. in the.gov space, we are fairly well prepared. when you get the .mil space, it is varying degrees. we see finance, in particular, doing a stiller job. they have invested heavily.

transportation and some of the others. energy. then as you get down lower on the priority scale, less so. >> any comment? >> i would concur. >> the only thing i would add is, law enforcement intelligence is doing the collection where we get reporting from victims. most of the terrorist groups are going after faith-based groups. it has been mostly trying to influence -- having an impact that those groups. we are working with them. many of them do not have sophisticated cyber defenses. we are working with them to understand what may be targeting them and what companies can assist. we offer assistance as well. i can cover more in a closed session. >> we can maker -- ranking member. capability as though

is a hard thing to monitor. it seems as though the cyber threat is coming from both state and nonstate actors. i would be interested in your assessment as to the terrorist threat from nonstate actors like hezbollah, syria, and i'll bite > -- and al qaeda. areorist's post-9/11 younger, more aggressive, and more technologically savvy. yourinterested in assessment of that relative to capability and desire. to strike u.s. targets. member, i would say that desire is strong. the capability is developing. three groups,mong you mentioned lebanese hezbollah is an organization that is looking to develop significant

capability in this arena. enemies.s on regional not so much against the u.s.. i would concur. sir. also, >> what about the threat posed by state actors like iran or china in russia? is the level activity increasing? what are we doing to combat that question mark >> -- where we doing to question -- to combat that? >> china and iran developing significant capabilities. >> i would concur. withe these nations information needs increasing. some of the needs are developing a cyber program to meet those

needs. we will get in more detail in a closed session. >> i would say in closing, the terrorist mentality is to target high-impact targets. 9/11, in addition to the death and instruction that was exacted on the u.s., there was a symbolic attack. threat seems to confirm. that is to disrupt our way of life. they attacked the twin towers because it was a sign of america's economic superiority. symbol ofon was a america's military superiority. presumably a plane was headed for the white house or capital because of our democratic freedoms. it would seem to me the

potential of cyberattacks in the motivation and desire of those who seek to hurt us is pretty imminent. and pretty significant. >> chairman. >> i think you and i think the panel for your work in this area . we have looked at a variety of issues. a lot of the focus continues to be on the nationstate activity and the sophisticated criminal gangs. them to doal for massive disruption not only to our infrastructure but also theft of intellectual property. the special agent -- you use the term that struck me. you talked about this threat affecting not just our nations but also our neighborhoods. i often think about the average about us,o get discussing these issues, and

believing that somehow it is remote from them. something might happen to some bank of new york, but does not affect me. law-enforcement across the board, including the great work done by the justice department, taking on sophisticated chinese operations that have been sponsored. hacking into our most sophisticated systems. in your testimony, you also talked about this process. black shades. this is a market that exists, out there, in the world. you touched 19 countries with this indictment. it is between five dollars and $40. individuals can go to the black market and purchase mall where alware where they could take

over the home of any american's commuter -- computer. it is not only the ability to over thealware to take operation of a computer, including tracking the keystrokes. but in reading the public , i'm not talking about anything that is not available publicly. not the capacity to manipulate remotely the same kind of control functions at the individual would, including the use of cameras? an individual could be sitting in their own home, their own bedroom, and a remotely controlled access would be able to not only have access to what is and can -- what is contained within their computer but actually in real time the --

be viewing what is going on in the home. we are inviting into our own homes for as little as five dollars some criminal in eastern europe or across the street. they would be able to have that access. enough about this. could you explain to me what is remote access tool? how is it available? prevent itsdoing to use? fox you are right to read -- you are right. you could have an actor viewing you from the computer at home through your camera. the remote access tool provides access to your box or computer. take it over.

they own your pc or laptop or device you are using. theives them access to webcam or camera. they can turn on and off at will. i mentioned to rent somewhere. ware. they cantake photos. they can collect all the information. financial information. passwords. it is completely owned. the information is taken and either used by the actor or sold. in different environments online in criminal form three at a you are being exposed and exploited once. multiply byally other actors who purchased the information online. to add salt to the wound, they chatthe ability to send messages from your context. ehanooks like chairman mea

is sending a message and i respond to that. within that is a link that has the mall where attached. it spreads it to my computer. purex a friend could pick up .hat i think is a message to me i send it back a picture of the to the jersey shore. now they can begin to do the same process. theng over the five -- keystrokes. what would require from me, when you send or the actor sends that to me -- for me to click on a link. >> how do we identify something like that in our system? what are we doing to be able to educate americans to take steps to protect their most intimate and private and secure

information? that with a -- that they do in the comfort of their home? >> throughout the investigation is a significant technical aspect. we are seizing the information, specifically servers, which have the information on it. we will work with the victim, the internet service providers to identify the victims and get information to them. the fact that they have been impacted. tools made available for them to mitigate or alleviate what is on their computer. that is the relationship we have forged. either tools or instructions to actually eliminate given mall alware.- m >> i will look forward to more communication. i thank you for your work.

it is important for the people issues ande these big they don't just affect businesses. this is part of our responsibility is to open up an awareness and appreciation for the scope and nature of the threat. thank you for your testimony. i look forward to hearing more. >> thank you. >> thank you, mr. chairman. fivey's indictment of the chinese military hackers was the sort of legal action taken by as a standard tactic in espionage. it sends a clear signal to the other side their actions have come intolerable. it is just the beginning of a long process. the indictment alleges they

hacked into american computer systems. the department of homeland security's role is led by u.s. mitigation and forensic efforts in court laced in coordination with the fbi and other agencies. would you describe the interagency coordination that is in place for agencies as a collaborative model where dhs's doesvement is stood up -- the role go beyond the jurisdiction? >> ranking member, thank you for that question. let me talk about it in broad terms. when there is an incident now, we have a ranking system. there are certain things that are low threshold and others

that are high threshold. high threshold is when errors somebody in a database system. a disruption or destruction event. those are high scale of events. did not happeney often, but on a given day, we see between 150-200 incidents. at the high level, we will make an outreach directly to the victim. we will notify them of the evident. -- of the event. we will offer assistance to go in and investigate on their servers and other information technology capabilities to determine how deep the compromise is. we will do this in partnership with the fbi. we will do this with our own intelligence community members so they can develop the tactics and procedures.

then we will go across the federal community and create awareness. we are creating signatures into the system to make sure these events cannot be repeated. we are sharing it with the private and international partners to the enhanced security service. it is interagency, private sector, international. on the lower events, we are still doing the notification. i described the higher and. >> madame clark, what is great about today is what dhs learns informs the investigation. what we learned inform the protectors or defenders, dhs. this is a cycle that has developed over the past two years. the challenge of information that better safeguard the country. helps us spearhead and focus

investigations. a robustell, that is and holistic approach. i think that will serve our nation well. my next question is the debate around protecting networks is focused on infrastructure. currently, the department of homeland security lists infrastructure sectors. attacked most was frequently? in which are most at risk? >> the heightened -- it depends on the where oneness. -- on the awareness. communications, transportation, we are seeing a lot of incidences. there are other sectors we are not seeing it, but that may be because they are not being reported. when it comes to the critical

infrastructure, there is no requirement. it is all voluntary. we don't know what we don't know. i worry about what we do not know. i have talked to groups and other sectors. they said, we do not have a cyber security problem. i said, you do, you just don't know about it. i will tell you about my experience. are going after any vulnerability they can find. it doesn't matter what state you are in, city, infrastructure. if there is an opening, there is an adversary that we'll see where they can go and what information they can steal. zelvinuld agree with mr. . about our middle east actor in the recent activity against new york over the past year. again, it depends on them. but larry has mentioned the priority sectors for us today,

finance transportation and energy. we increase our outreach efforts within the private center -- sector. we see an increased willingness for people to come forward and work with us. i believe the number continues to go higher and higher as we work with public and private partners. g> thank you, rankin member. >> thank you, mr. chairman. when the law was passed, several people were concerned about privacy and civil liberties were very fearful of that act because of the potential sharing of personal private information with the federal government. howyou tell us or tell me that kind of information is being protected?

is there any protection on people's privacy or civil liberties? forefrontsman, at the of everything we do is a protection of people's identify all information and civil liberties -- people's's identifiable information and civil liberties. it is a daily focus for us. my folks are trained on a routine basis. we are audited not only internally but also externally as far as our processes and procedures. that as cyberre defenders. that is what we do it, at least we do not kick, require information that is privacy or civil liberties in nature. the defense mechanisms are those ones and zeros from an attacking or malicious software. there have been incidences, although rare, where we will get something from something we thought was completely secure.

wiest. -- we stop everything we do. we go through a process with privacy experts and civil liberty liberates -- experts and the sure we are treating incursion properly. there is the ability to mitigate and make sure this bill does not go beyond what we have already detected. as we said, go through the processes and procedures. but that is a rare occasion. >> there's no guarantee that privacy information is not shared either direction from the company to the federal government or the federal government to other entities. >> despite our best efforts and every process and procedure we have, there will be times where there may be spills. where that goes over. what is important is we have the right processes, procedures, and

oversights to make sure when those occasions occur, we do the right things in accordance with the law and policy directives. >> i will wait until the close session for further questions. . accordance with the unanimous consent, we won our recess and reconvene in 10 minutes for closed session. i would ask the audience that they will wait and let the witnesses leave so they can go to the location. recess. -- >> onon monday monday, president obama will be participating in the wreathlaying ceremony at arlington national c cemetery. george w. bush and joe biden focusing on post-9/11 veterans.

you can watch that monday at noon c-span. some of the 2014 commencements pieces from around the country. we will hear from sheryl sandberg, john thompson and the ceo of general motors. facebook chief operating officer sheryl sandberg updated her best-selling book, adding career advice for recent college graduates. the first edition was inspired by commencement address she gave in 2011. addressed the graduating class at city colleges of chicago. this is 15 minutes.