assaults experience retaliation and no action is taken to address the problem. any retaliation is critical to >> good morning. my name is brenda peterson. i'm the policy director. i would like to recognize the incredible work of human rights watch human rights watch and shining the light of this devastated issue. we been honored to work with them on this report. i'd also like to acknowledge survivors spoke here today who contributed to the report for demonstrating so much strength and shared stories of retaliation in reprisal. this report exposes the grave reality for the majority of survivors of sexual assault in the military. retaliation is the norm and is often severe. superiors either looked the other way or are engaged in retaliation as well.

this report affirms what we see daily prayer pro bono network to a servicemembers who face retaliation have nowhere within the system to turn and most likely no one will be held accountable. this leaves with two practical survivors solutions. last year as he heard according to the pentagon, 62% of the dems -- the dems who reported their assault experience retaliation and that number is gone and changed over the past two years. you would think these numbers would be raising alarm. the pentagon seems intent on downplaying the severity of the problem and discredited the victims by labeling reports of . by labeling reports of retaliation as perception or perceived retaliation, and that what is being reported as retaliation is actually exaggerated response to harmless

behavior such as not being invited to parties or been -- being unfriended on facebook. this approach is shameful, offensive and minimizes the extreme harassment and abuse that so many survivors are facing every day. contrary, this is not about her -- hurt feelings. this is about survivors facing relentless harassment in isolation from peers and superiors going unchecked. it is about being assigned menial tasks by supervisors like taking out garbage after you report your assault. like simply receiving a downgrade performance report and ending a promising career. this is when retaliation looks at it is life destroying.

in refusing to acknowledge the true nature and failing to hold bad actors accountable the , pentagon is sanctioning the ongoing harassment and abuse of survivors who have already suffered so much from their assault. survivors frequently tell us while the actual assault was devastating to the trail of a corrupt system in retaliation by coworkers and commanders is even more dramatic. the pentagon opposing reform and dismissing retaliation is taking steps to prevent result in respect survivors of sexual assault. it's time for the military to implement a transparent justice system and hold those to make the environment a hostile place for victims of rape and sexual assault to account and we hope the president will take action to support the survivors. thank you. victoria: good morning.

my name is vicki phipps. i'm a retired army captain. my father was in the army and i also wanted to serve as a leader. i was in rotc at college and i joined full-time in 2004. after four years i was on track to reach the highest level command and i had exceptional reviews. from the moment in rotc when i learned about the responsibilities that a command position requires, earning the position was my goal. in 2008 i took my first command position in oklahoma and later moved the unit to korea. throughout my military career, receiving and inappropriate comments were commonplace and they continued in this position as well. one of my senior ranking officers began brushing against me and touching him inappropriately. i reported this to my commander and he told me i had two choices in the situation. he told me i could remove you for cause and end your career

right now or you can find a way to deal with it. the perpetrator was the officer responsible for the entire battalions training in an issued readiness evaluation. after reporting the situation the officer began to push all of my units scheduled evaluations further and further into the future. for instance, during a field training exercise my units stayed in the field for an extra five days to complete training. this affected me directly by making me miss the training and readiness goals my commander set for me. these metrics are used for a review. i'm not sure if they were intentional but the effect can be much worse than knowing my own evaluation was in jeopardy. the secondary retaliatory effects were because my unit missed these training and

readiness goals, my soldiers missed out of recognition for accomplishments. the lack of visual recognition and recognition of awards certificates of achievement actually equated to my soldiers missing out on promotion point. the retaliation did not just affect me. it affected over 100 other people. their careers and their future earnings. while in the same unit over the course of one year i was assaulted a total of three times and absolutely i do think the climate facilitated these cards. -- these crimes. i chose not to report two of them because i knew if i reported at that point in my career was gone. i had also witnessed what happened to others of that unit who reported sexual assault. i saw several cases handled badly. each victim was blamed. information about cases was not kept confidential and victims were branded as liars. i took a chance and reported one

of the three assaults have happened that year. i thought i would be able to change the attitude toward sexual assault victims by reporting. i thought reporting would stop the perpetrator from continuing to harass me or others. when i reported to my commander, his response was the same as when i reported the senior officer earlier. deal with it and do your job. army criminal investigations division cid eventually substantiated by case on the perpetrator can rest of the con duct. that person was golfing buddies with my commander and he commander and he only received a local letter of reprimand. so when he went to the next duty station, his slate was completely clean, not to mention he didn't even have to register as a sex offender. from that point on my commander made it clear he wanted me out

of his unit. i was leaving two years of my unit. the entire battalions in my battalion commander gave me a date i began to plan the event and send out invitations. a day or two later the brigade -- i asked if i should change the date. my ceremony was bare bones. my own unit attended and a few outside guests. despite my outstanding evaluation reviews, i did not receive an award at all. which sent a negative signal to the promotion board. i knew that was the beginning of the end of my career. during the last command position, which is my last two

years in the army, a whole new set of problems arose. about six months into duty position i was assaulted for the fourth time in my career. i reported it to my commander in -- and my commander had been on commissioned officer issue an apology. i was labeled a troublemaker from that day forward. later during this command my first sergeant made an inappropriate remark to me at a training conference. i counseled him and effort into the battalion commander for action. i could not bear the thought of saying something like this to one of my soldiers. both my first sergeant and i were counseled in writing. i was counseled for failure to maintain better control over my first sergeant. my battalion commander broke protocol and asked me to step out of the room so i could issue my first, so you could issue my first sergeant a reprimand. as i stepped out and close the door behind me, i heard a roaring laughter from my battalion commander, command

sergeant major and my first sergeant. immediately complained about the handling of the incident to the inspector general referred me to the military equal opportunity office who then instructed me to address my brigade commander with these issues. i met with my brigade commander and he spent 30 minutes intimidating me, trying to get me to drop it. from this point i felt my entire chain of command was on a mission to undermine my credibility and fire me. i began to receive negative counts and statements for things like not returning a call or e-mail immediately. i was subject to several nonstandard unannounced inspections that none of my peers received and i was given extra paperwork to complete that was not required of any of my peers. i wrote to my senator. my brigade and battalion

commander who were the subject of my complaints led the congressional inquiry. as a result, my chain of command began an investigation that was supposed to be a look into my battalion commander's behavior towards me and the retaliation i was receiving. during the investigation, my deputy brigade commander interrogated me for over two hours, asking me, are there any unusual circumstances about your enlistment? my soldiers and coworkers informed me they were questioned about my mood. my battalion command sergeant major met with my nco's and said tell me everything she does wrong. after the meeting, one of my and nco's told me i don't know what you did, but he's gunning for you. in 2013, my annual military medical exam triggered the initiation of a medical evaluation board and i became eligible for medical retirement.

the retaliation continued. my chain of command threatened to stop the process and look further into my medical records themselves. my commander read through my medical records, including some records about my previous sexual assaults. and in training bb&t reference specific issues in my medical records as examples of what medical issues soldiers could have within the battalion and to ensure that we pay special attention to these soldiers. two months before the end of my m.e.p. process i was told i would be sent to a u.s. army reserve unit as an active-duty soldier. but as i was also able to fight back. however, i was penalized and denied a retirement award. despite how overwhelming these prolonged situations where for me my multiple years as a , commander and survivor provided a knowledgebase for me

to anticipate what was coming as well as navigate the field of question, interrogations and the and a bout of probing questions that i knew i should challenge. i can only imagine how difficult this has to be for the young enlisted personnel who don't know what they don't know. whistleblowing retaliation and reprisal has outlasted my military career and i wonder when i'll get to move on with my life. on a personal side note, while -- of all of the many great leadership lessons that the army has stabbed me, the ability to present and breathe the bottom line up front is helpful to me in offering you my point of view. the bottom line as i have learned it comes more impactful when dollar figures accompanied

the issue at hand. so when i look back in my nine years of service, i consider all the money the army investigated in me as a resource and an asset to the organization. between the multiple clearances at different levels, civilian schooling, undergraduate and graduate, special military training and schooling, rotc and associated training, temporary duty and locations of my salary, the army invested well over $1 million in me. due to the conditions i was subjected to, i was medically retired from the army. i cannot currently place a dollar amount on what the department of the army will spend on paying for my retirement because that is a lifelong payment. the impact of the issue also begs the question how much will the v.a. system has to contribute to improving the quality of life because the

current system and the military cannot appropriately address whistleblower retaliation. this seems to be the very definition of fraud waste and abuse. >> thank you so much. what is striking is service members who face the different devastating retaliation you heard about outlined in the report basically have no recourse. servicemembers unlike civilians can't quite and they can see the -- they cannot sue the military. their exclusive legal protection for retaliation in a professional context of the military whistleblower act. that act as protecting zero survivors who experienced retaliation after reporting assaults. dod surveys indicate 32% of people who reported sexual assault experienced professional retaliation. using the figure

between 2004 and 2013 we expected to see about 5700 people who may have had professional retaliation that could have been the subject of complaints with the inspector general which oversees the whistleblower protection investigation. over that same time period, the department of defense inspector general had a record of 38 complains of which five were investigated and none of which resulted in any relief for the victims who reported the assault. the legal protection as they exist right now are a dead end. servicemembers could also go to the board of directors and seek relief for an injustice for -- to their record directly if they like. the administrative bodies designated in the branches to correct any injustice to

servicemember records. we analyzed 18 years of those records publicly available and we found 51 sexual assault survivors who had even gotten partial relief from the boards of correction. over that same time period, 98 perpetrators had received correction to their military record. we found four times as many perpetrators actually go to the board to have their records corrected. this is the case even though victims are far more likely to experience administrative actions that require corrections then perpetrators are. the other important piece of this is holding the people who retaliate to accounts and despite numerous requests to many sources, we were unable to uncover information with the

people against survivors are held accountable in any way. we found only four instances of any action taken at all to investigations which have been opened in retaliation, neither of which resulted in punishment for the person doing the retaliation. and two cases in which people who harassed and abused the victim were given extra physical training or extra duty and one of those instances was 15 years ago. the military has the tools to discipline people are behaving improperly. and we believe they need to be utilizing them against the people committing retaliation instead of against the victims. the reality is very few people seek justice for these crimes in general but in the military the retaliation is a problem that affects most people who come

forward and without addressing that as megan and others have said. the overarching problem of assaults can't be effectively addressed. at a minimum going forward what we would like to see is the military whistleblower protection act strengthened to be a meaningful legal survivor to at least provide the same level of protection as civilian s get who are designated as whistleblowers and to give his -- give iti some teeth so that the inspector general can recommend disciplinary action in the victims themselves can request disciplinary action as part of their relief and the legal justice at the 2015th is in fact we believe will encompass the suggestions we would like to see going forward to improve the legal protection for victims. we would like to see collateral

charges for minor misconduct that constitute the attention of the military as a result of someone reporting assaults taken off the table as a potential source of punishment. one of the things we found is many people are afraid to report because at the time of the assault they might have been engaging in conduct that is illegal such as underage drinking or fraternization or adultery and that is one of the major barriers for people to come forward. the military says they rarely punish people for those infraction and that is also the custom in the civilian world. they know it is more important to punish people for the more serious offense that section will assault and for other minor infractions that might happen at the same time. but we found people were punished for these collateral misconducts that came to the attention of the military during a report of a sexual assault and

even if punishment is minor and's of being a reprimand or slap on the wrist, that can be devastating to someone's career at a time when it is done -- it can be an excuse not reenlist. that is the other area which would like to see legislative action and otherwise dod has taken important steps in improving how it handles sexual assault cases including creation of special victims council and we would like to expand some of those capacities to include retaliation in addition to the criminal justice system. with that, we are happy to take any questions you might have. and if not, i wanted to say we have a number of survivors here in the room in addition to on the panel, some of whom are active duty and cannot be

identified, but who are willing to share their stories with people. we have others who are also willing to speak even with their identity revealed. we have maria mcfarland in the front row who was available for spanish-speaking questions and interviews and i think, do we have terry? yes. ok. sorry.l terry is here for a different reason. they have put together a petition of over 130,000 signatures with respect to the mjia, and they are happy to speak if anybody has any questions after this. yes. >> i'm with the stars and stripes. do you take a position on the ability of commanders to

overturn verdicts in these case? >> article lx was amended two years ago to make it more difficult for commanders to overturn a verdict. they still have control over the entire prosecutorial process . opposition is as long as commanders have the authority to say which cases will go to trial and which cases will be prosecuted, that contributes and undermines unit cohesion and encourages people to take sides and inject bias into the process wherein said there should be a more objective and impartial system in place. >> steve lucy with military times. there's a lot of what has been

described is stuff that is ingrained in the culture it seems. you spelled out some ideas you all had for how to stop retaliation. but how should the military go about changing the culture there might allow this to happen? >> it is a difficult question and it will take time. but i think the key is for them to demonstrate. some of this is beginning to be done or will be done. the start by trading at the low level of what to expect and how to treat people. i think ultimately, the key will be showing through action and the retaliatory behavior will not be tolerated. so disciplining in any form or reprimanding people who are abusive toward victims will start to create a culture in which it is understood that is

not acceptable. i think that is the key in terms of a first that. >> we also think it is very important that the military about the consequences of trauma and the behaviors they may observe in people who have reported sexual assault. we know often people say they're very much against rape and will stand behind victims all the way, but confronted, biases creep in and people make judgments about behavior of the individual victim involved or question for example why is it , might have continued to work alongside someone that assaulted them to continued to correspond with them or something like that and that can be completely consistent with having been assaulted.

taking on that piece so that people recognize the realities of sexual assault. knowing how is very important. >> hi, amy quinn. i'm a sexual trauma survivor. my question is what are we looking towards having the people that allow these things to go on? when is it going to follow the ir record? how can we start make this followed a career? >> that is a good question. i know why you are asking is one of the things is the legal justice reservist members acts is to be able to hold accountable leaders who knew or should have known and failed to take action. that is one of the expanded definition of prohibited personnel practices in the proposed law that might be

helpful in terms of putting responsibility on commanders to ensure this behavior doesn't happen. if there is disciplinary action, if there is a move towards holding people accountable in -- and it needs to be done in a transparent way so people can see across branches notthat this is being tolerated and that it will have an impact on the record going forward and i will be a very important part of it. >> thank you. whistleblowers have a tough road ahead. is there anything going on -- honorary discharge or like five years from now and hopefully we've made better strides in the area. >> you have given us a good lead-in to our next report.

thank you. we have -- actually, there is the review process. there's a whole problem of people who are wrongfully discharged, particularly in the mental health discharges. other but other kinds of discharges as well related to trauma stemming from sexual assault they -- that resulted in bad discharges they can be stigmatizing and inhibit peoples ability from getting the benefit they need and also certain types of jobs. it is a huge problem for people who have had bad paper discharges and those remedies to go to the correction of military records and as we have found those have not been helpful. the whistleblower is more protective of active service

members who feel they've experienced retaliation after reporting -- the focus of this report, which also relied on active service members and people at the variances from the past few years whereas our next report will look further back at what happened to people who have bad discharges and how difficult it is to remedy that. >> hi, terry young. and i think one of the things we see a lot of is that people do not understand, the military members do not understand that their dede 214 cents. -- sendsays. that is probably an area that needs to be addressed because there's codes on their end unless you know what those are you have no way to do anything about them.

for example, there was an article not very long ago about the secret codes and my husband and i were scrambling to look at what they are. so i think that is something that probably needs to be addressed. >> thank you. that is true. we found that in our research. people didn't understand necessarily what the discharge meant until after the fact it was too late. that can be devastating. one of our recommendations is to have a special victims council during the discharge process so they are ensured their rights .

for people in the midst of a trauma might be so anxious to get out of the service to any discharge. if it means they can get out as an important issue. thank you. we will be available afterwards. [captions copyright national cable satellite corp. 2015] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org] >> coming up, a confirmation hearing for the -- for peter neffenger. you can see his testimony live at 10:00 a.m. on c-span 3. the new congressional directory is a handy guide to the 114th

congress with photos of every senator and house member, plus bio and contact information. also, district maps, a map of capitol hill, and a look at congressional committees, federal agencies and state governors. order your copy today. it is $13.95, plus shipping and handling. >> here are a few book festivals we will be covering. look expo america in new york city. the first week in june, we are live for the printers row lit fest. that is this spring on c-span two. >> james komi says one of the most urgent threats facing the u.s. is isis recruitment via

social media. his reports are part of the -- created is 45 minutes. >> welcome. you are now coming on two years. i wonder if you can talk about the biggest threats facing the fbi today. director comey: i think the biggest threat is the one isil presents, especially coming through social media. ents especially coming through social media. this is actually a place where cyber and counterterrorism merge because they are preaching pushing this poison through twitter and other vehicles,

trying to motivate people, and moving them to encrypted platforms to try to give them instructions. the threat we face has warped. it's a chaotic spiderweb increasingly visible to us because operational communications are happening through an encrypted channel. that consumes most of our days. i don't think it's an impossible task. it's very hard, so we spent time on it. >> the criminals and other actors are threats that face the country. can you talk about it? director comey: i have been mocked by this, but i call it an people layer cake. i am staying with it. at the top layer our nation state actors. the next level down organized

criminal syndicates, the big online marketplaces for criminal cyber tools. the rest is all manner of fraudsters and pedophiles. what the bureau is trying to do is give and how big the cake is to focus our resources, what we think our footprints and ability to make the biggest impact. we are trying to focus our resources on nation state actors the large criminal syndicates and the terrorist use of the internet. we are trying to deploy differently as part of that focus. normally the bureau asks this question. where did it happen? that makes sense when you are talking about a bank robbery or explosion of a bomb.

when you are talking about the manifestation may not be that meaningful. what we are trying to do is instead of assigning the work based on a notion that it happens in ohio or florida to figure out where is the talent in our organization. we have divided up the terrorist threat and the major criminal threat and we are signing it. we are assigning a threat where the talent is. we allowed them to help, and we do air traffic control from headquarters. that is a big change to us.

we stand in the middle of the greatest change in human relations ever. we are trying to understand we may not have it right. the second key part of our strategy is we are to impose costs. criminals and anyone coming through the internet think of it as a freebie. we have to try to impose costs on those at the keyboards. we are working very hard to deploy resources so we can lock people up and send a message. this is not a freebie. where we cannot lock people up we are trying to name and shame. and then do things like impose economic sanctions to make clear to nationstates and criminal actors that there are costs

associated with this behavior. we have got to get better with the private sector. they are crying out for assistance. the idiots would have written that shorty gets this one and joe gets this much. in the detective finds pdas digital literacy is required to do all of the work, and we don't have time to get to a lot of this. we have to get the training they need to be able to respond. all of our lives are now online. all of the threats, whether to our children or money or infrastructure is now online. all of us have to work together

to raise the digital literacy. >> you mentioned the private sector. some of the questions you will here at panels -- harear at panels are concerns, if i report it i am going to lose control. i am going to face regulatory action if i report this to the fbi. i don't know what is going to happen if i report this. will you talk about how the fbi approaches the private sector? director comey: those are good questions. those are questions i ask myself. the answer is you will to a certain extent lose control of the information but we treated as what it is, which is evidence gathered in the investigation.

it is treated in all matter of control. there is no doubt there is an incremental risk with sharing information with the government if you have been a vic them. i happen to think the benefits dramatically -- lena victim. i happen to think the benefits outweigh the risk. i think sony cooperating with us early was in the company's interest and we treat the information carefully. we don't want to create disincentives. if someone invades your home and

harms your children, you are going to call the police. they are going to investigate. there may be situations where they run a meth lab. those are corner cases, but most are not running meth labs in their companies or houses, so it goes very smoothly. the other thing people need to realize is we rarely need content. we almost never need memos with the content of e-mails. we need indicators. we need ones and zeros to show us who was this. how can we contribute it? >> we talk a lot about the private sector. they are concerned with sharing with law enforcement.

somebody doesn't know they had an incident. any thoughts on how the private sector can better prepare us so if the fbi does not on the door they can be prepared to respond? >> we have gotten a lot better. in 2012 when so many financial institutions were getting hit by denial of service attacks. in my view we are not good enough. we have gotten a lot better at pushing out flash reports. there is a great move to knockdown classifications to get

things to a place where we can share it quickly. companies don't need to know sources and methods. it is the flipside of what we were talking about earlier. we are getting much better. we have to find a way. you have got to invest in it. you have to eat quick him or her to buy the right stuff. whether that is software or hardware, you have got to invest in it. you have neglected the basic hygiene of information security.

if someone comes in one corner they can wander through the entire place. the basic hygiene is well-known. it's easy to find people. those people are making tons of donau. once we knock on a door and tell people we have seen this thing, we think there is an intrusion going on i don't have any constructive suggestions for cooperation. the cooperation we get is outstanding because people are grateful and they want to find out what is going on in their enterprise. >> you have a unique perspective. the director of the fbi and the u.s. attorney. you have worked on a lot of new

ones. >> they are mostly obstructionist weenies. it's one of the reasons we as a country have to offer clarity to those. the chief information security officers think about the world the way we do. the general counsel's are likely worrying about it. will this be used against us in

a competition? what happens to that? is there an incentive not to reveal things because my competitors are not revealing them. antitrust question. they are good questions. i think congress has to give comfort to remove those concerns from the information sharing pipeline. i think they are well on their way. that is easier to fix. harder to develop will be machine speed sharing. hardest of all is the cultural impact of the -- impediments. there are a lot of people who don't want to be seen with us. i don't want to be seen as cooperating with the government. it's hard to get that back. it requires time and lots of conversations.

there is a wind still blowing that is a cultural impediment that is part of one of the impediments. >> what is referred to is going dark. we refer to what can be done to address the issue. director comey: the device is encrypted, and therefore unavailable to us, even with a court order. the content of a particular

device or communication stream should be collected pursuant to our statutory authority. increasingly we are finding ourselves unable to read what we find or unable to open a new device. that is serious. i think encryption is a good thing. i think there are tremendous societal impacts to encryption. not only lock your cars, but you should encrypt things that are important to you. we have a collision in this country getting closer and closer to a head on, which is our important interest in privacy and our important interest in public safety. the logic of universal encryption is inexorable, that our authority under the fourth amendment, and amendment i think is critical to liberty and the

right oversights to obtain information is going to become increasingly irrelevant. as all of our lives become digital, the logic of encryption is all of our lives will be covered by encryption. terrorists and spies will be in a place that is utterly unavailable to court-ordered process. that i think should be very concerning. i think we need to have a conversation about it. how do we strike the right balance? public safety matters to everybody. there are tremendous benefits to a society. there are tremendous costs. how do we think about that? some prominent folks wrote a

letter to the president that i found depressing. their letter contains no acknowledgment that there are societal costs to universal encryption. i recognize the challenges. all kinds of challenges, i recognize the benefits of encryption. i think fair-minded people also recognize the costs associated. i think, either these folks don't see what i see come out or they are not fair-minded. i have to continue to have the conversation. i don't think a democracy should drift to a place where suddenly law enforcement people say it is an awesome thing but they cannot access the information. we have to have a conversation long before encryption takes us to that place. technical people will say it is too hard.

my reaction is too hard? too hard for the people we have in this country to figure it out? i am not that pessimistic. i think we ought to have a conversation. >> speaking of having a conversation. section 215 of the patriot expires in about 10 days. there is a legislative process going on right now. we don't know what the impact is going to be. i wonder if you could talk about what the conflict would be if you were to lose section 215 which is often talked about in the context of a metadata program but i understand was used by the fbi in a variety of ways. would there be any impact? >> significant impact in ways we are not talking about much. a lot of it is in the metadata

database. should that be accessed by the nsa? that is a useful tool to the fbi. it's a conversation i care about. there are critical tools that are going to sunset on june 1 that people don't talk about. the first is section 215 is the vehicle through which the nsa database was assembled. we use it in individual cases in important circumstances. fewer than 200 times the year we go to the fisa court and get particular records that are important to a counterterrorism investigation. if we lose that authority, which i don't think is controversial that is a big problem, because we will find circumstances where we can't use a grand jury subpoena or a national security subpoena, unable to obtain information i think everyone

wants to be able to obtain. the second one is a big problem that the roving wiretap is going to expire. we have had criminal cases since the mid-80's where a drug dealer or criminal is dropping phones repeatedly and the judge can give authority to intercept and eventual communications so we don't have to go back and start the process each time they dump a phone. they extended the authority to international terrorism and counterterrorism. that is not a controversial thing. that is going to go away on june 1 unless it is real to rise. there is one other position that matters. it is the lone wolf provision. that is if we can establish probable cause someone in this country is up to terrible no good, they have probable cause

to believe they are an international terrorist of some sort, that we cannot prove what they are hooked up with, this would allow the judge to authorize the interception. it is important. these three are going to go away on june 1. i don't want it to get lost in the conversation about metadata. >> we talked for a minute about the threats facing the country in cyber security. you talked about nationstates. are you concerned about trends in terms of cyber security threats proliferating down to other organizations? we had destructive attacks in saudi arabia. now we had the sony attack.

are you concerned about malware? are you seeing evidence of that? >> i am definitely concerned about it. logic tells me terrorists are going to wake up to and i have seen them wake up to the idea that as hard as we have made it to get into this country physically, so i am concerned. i saw them starting to explore critical infrastructure and things like that. the logic tells me it is coming. >> do you see an interest?

director comey: yes. >> you mentioned the fbi is working to get flash messages out quicker. what should they consider in terms of information sharing that would be useful to them and for the government? >> we have things made up of the security folks of the biggest enterprises. we run that with dhs and something that focuses on cyber threats to large enterprises.

we have fbi agent -- offices in every part of this country. we are every place. i have told all of my field commanders, make sure you know folks. they know their mandate is to get to know you.

they have programs. we had a database of all the malware. our investigators created a case to see if it has been seen someplace else and connect the dots. they will input their own samples and get a result within minutes and let them start to connect the dots.

i hope you will ask about that and see if your enterprise can participate. >> any timeline on rolling that out? >> i forget the number. we have got hundreds of companies participating. it allows the cheap information security officer -- it has to be somebody we know. we give them an online password and they can connect to it and carry the database. my vision is that should continue to grow. we have to make sure we know the people continuing to connect to it.

>> given the fact that our digital lives are central, you have a lot of departments. if the government covers different areas of different missions, we have the department of homeland security, critical infrastructure programs, the national cyber center they run and the secret service responding to payment card data breaches of the department of defense concerned about a variety of other agencies. talk a little about how you and the fbi coordinate and the variety of programs out there. how do you deacons look? director comey: it has been a central feet over the last decades. it has gotten better the coordination. i explained to folks when i left i visualized it as a four-year-old soccer. i have five children, so i watch

a lot of four-year-old soccer. everybody knows the ball is a cool thing, so they follow it in a big club. 10 years ago everybody knew cyber was a cool thing, so they followed it as a clump. we have come to a place where we get the importance of positioning and lanes in passing and defense and offense. it's not good enough because the adversary is playing at world cup speed, but we have gotten a lot better. among the things that have helped us get there is the task force called the national cyber investigative joint force, where 20 agencies sit together and the conflict. talk about major intrusions we are seeing. visualize it together.

and figure out, who should do what about this? here is how i conceive of the responsibilities. here is how i hold it in my head. if i imagine the country is a neighborhood my job is to deal with people breaking into your homes and stealing your stuff and harming your families. i patrol the neighborhood, respond to 911 calls to try to catch the bad guys, to try and make the neighborhood safer. dhs is responsibility -- dhs's responsibility is to think about how to we make a safer neighborhood. how do we make the entire neighborhood a safer place? is it better lighting? better signage? better parks and patrolling? when the same places patrolling.

the dhs has a focus similar to mine. their focus is on banks and financial institutions. they are responding to burglaries and worried about scoping out banks. we have gotten better at talking to each other and understanding we are both in the neighborhood with important things to do. we have made great progress in working together over the last few years. there is so much work to be done it makes sense to work together. dhs and fbi i think we understand better our roles. we are patrolling the neighborhood and relating what we see in a much bigger way. nsa has a responsibility for the neighborhood. nsa's responsibility is to try to figure out who is going to come on and off the island to

commit the burglaries. we need their visibility. a critical part for me is wanting to know who is going to land on the island. that is the three players who touched the neighborhood. one of the ways we accomplished more effective patrolling is sitting together. all of you who worked in the government know that it is hard to hate up close. you can think the fbi, what a bunch of jerks they are except for the guy and gal in the cubicle next to you. it is the rest of them that are a bunch of jerks but if you get enough of that, you start to blend people together. we have spent a decade blending in that way.

we still have got a ways to go. it is the exception were 10 years ago it was the four-year-old in soccer. >> that covers the domestic side. many are coming from the international perspective and require cooperation. the fbi would be able to either apprehend criminals or take other actions. >> extraordinarily good. other nations understand the cyber threat blows away conceptions of border and that all of us are next her neighbors on the internet. what i find when i travel, i

have had many visitors. all of those conversations are people saying, we have got to figure this out. it's not good for any of us. what they are hungry for is training equipment and information. what we are trying to do is the ploy more analysts and more cyber special agents. -- deploy more analysts and more cyber special agents. one of the things invested in was technical education. you had a lot of unemployment. people easily susceptible to criminal groups. the romanians are hungry to stamp that out. they don't want romania to be known as a source of critical --

criminal activity, so we are trying to give them training so they can respond to that. there are nations around the world who are not so enthusiastic about working with us to try and stop cyber criminals and the use within their borders, but they are the exception. -- and thieves within their borders, but they are the exception. this is a feature of every conversation i have with every foreign counterpart. >> is there international cooperation, or has it continued unabated? director comey: it has continued. i wear a sign that says, not the nsa. they see it as criminal activity. it is stealing innovation,

identity money, threats to children. all of our children play online. it's about pedophiles and fraudsters and the use and stalkers and money launderers all in that space, so there is common cause. whatever friction, there is common cause. we even have productive conversations with the chinese about criminals trying to stop criminals using the connections between our countries. everybody sees it as we can agree nobody wants children harmed. >> while we are talking about misperceptions, what you hear from the private sector that frustrate you are that you would want to correct -- or that you would want to correct? what are the big understandings

you hear from time to time? >> i don't hear a lot of misunderstandings with respect to the bureau. i often hear frustration our country is not doing enough to stop nationstate theft of international property. i hear that frustration a lot. i know it is something, that our government is focused and concerned about it and trying to move us towards a place where the norms of behavior would not encompass that sort of thing. some of the costs of shaming criminal charges as part of the effort. there is a frustration. >> the administration has taken some steps?

are there additional actions we can take? director comey: there is an argument folks often raise. a lot of people are asking, why don't we do more offense of lee -- offensively? often i have private companies say, maybe we should go back to fight. that would actually be a crime. don't do that. there is frustration that is palpable. there isn't an easy answer to that. >> you're talking about the private sector taking action against people seeking to steal their data. that is not something you are going to recommend? quest for a variety of reasons. -- >> for a variety of reasons.

it would potentially have all kinds of unforeseen consequences that it's hard enough for government actors to act in cyberspace in a way where you can predict knock on effects. if we had cell phones all over the place, that would be a disaster. >> let's talk about legislation. we talked about the patriot act. one thing that hasn't gotten a lot of attention is there is information sharing legislation passed by the house of representatives. it's passed by the senate intelligence committee and seems to have strong support in favor of congress coming together and sharing legislation to encourage sharing of information. any thoughts on whether we are going to see a bill? >> i don't know what the prospects are for legislation. it makes good sense to me.

the offer is that level of comfort. i see events running over the general counsel anyway in the sense people understand the imperative for sharing information. it is less necessary than it was two years ago because people get it now. anyone who didn't get it thinks, whatever the concerns might be about how the government is going to use this, given that i will be sharing it with the fbi during a criminal investigation and given what is ahead for me to get the help the fbi offers the concerns are noted, but that being said, the legislation gives a belt to the suspenders. >> it has more of a cultural

impact. addressing things is a valid concern you have seen? director comey: i don't want to belittle it. general counsel has legitimate questions about what is our exposure. i am just saying people's sense of the threat has changed so much in the last two years that those concerns don't dominate in the way they might have to years ago. that is what i mean by legislation is going to fix the problem. no people say i get it. this could blow up our entire company. we are going to share it with the government and get the help we need. >> there is a demand for qualified cyber professionals. you are competing with the private sector and can offer things the fbi can't in terms of salary and other things.

how is the fbi doing in terms of resources? quest we are doing ok. it is a continual challenge. the advantage i have is the value proposition is so different. they're almost isn't really a competition. if people are interested in money, i can't help you at all. if you're interested in a life of meaning, i can help you with that. the people we are attracting are people who don't really care about the dough. in a real sense, my competitors are less people throwing buckets of dough and more the rest of the government. i don't want to talk about how i am approaching you so they don't find out. >> it is a competition. director comey: i'm not telling you, but the good news is so far

one of my worries is how am i going to do but tension wise. -- retention wise. so far extraordinarily well. we had low turnover to begin within the fbi. for cyber talent, it is running lower than normal turnover. i think people get into the mission and say look at what is going on. look at what i can do. i am 27 years old. look at what i can do. i think that is an advantage we have. i often wonder whether we will need to revisit the way the bureau thinks about it. our normal proposition is, come work with us. you will never leave. like a roach motel. come work with us. you will get addicted to this. i wonder if at some point we don't want to get to a place

where people come for us in five years and then go do something else but learn things and then come back to us, whether we will get better with that kind of turnover, but it's still early. the answer is, we are competing mostly with the rest of the government. so far we are doing ok. >> i have a question submitted from the audience concerning snowden, and the question is whether or not the fbi is still pursuing mr. snowden, given the possible changes by the administration. director comey: yes. it's not much of a pursuit. we know where he is i do think he should have the opportunity.

i think he should have that opportunity. which will result in staying the way it was of the data being held by the companies which will make us more effective. my view of it is, you have to see the entire corpus of his work, before you start rendering judgment about what you think of the person. i think it is a serious criminal charges have been brought. >> finally, at these conferences talking about the cyber threats and proliferation of them. the many different actors out there. how difficult a problem it is. sometimes it can seem hopeless

in terms of fighting back. are there good news and progress that we are making? in the daily drumbeat of revelations? stolen intellectual properties. you feel like we are making progress in a way that we're going to be able to beat back the threat? >> i think there is good news. i would not say it overwhelms the bad. i think the private enterprise is getting its act together in ways that are going to make it harder for them to have their doors kicked in and everything stolen. we are getting more effective when we as a community of nations are getting much better at taking down this serious criminal actors and sending a

message that this is not a freebie. there is a long parade of cases. i do not think the criminal actors no longer see this as easy. i think that is a piece of good news. it is still early days. the private sector is investing in it. we are getting better at talking to each other. the other side of the oceans. i see early day of change behavior. >> d.c. improvement in cyber deterrence? -- do you see improvement in cyber deterrence? quick oh -- >> honeymoons or vacations around the world. that sends a chill through the criminal world. because they shock the world but we are shrinking it back.

we are human, but holy cow are we dogged. it is never going to go away. we will find you eventually. you will travel someplace. people say you indicted these five actors, but they are in china. sure. it is a small world. everybody wants to go visit their children or see disney world, or get a foreign education. as the world gets smaller, opportunities to -- increase. >> with that, i think we can bring it to a close. [applause]

more from the georgetown university laws that are very. with leslie although. her remarks on preventing cyber attacks. this is 35 minutes. next the georgetown server security lawyers sued is honored to have with us in leading force in the prosecution of cybercrime. assistant attorney general leslie caldwell, who serves as the head of the united states permanent justices criminal division. she oversees 600 attorneys to prosecute federal criminal cases across the country and help develop law and criminal enforcement policy. in addition, aeg caldwell works with the attorneys offices in

the investigation and prosecution of criminal matters in their districts. the majority of her storied 30 or career has been handling federal criminal cases both as a prosecutor and is a defense counsel. she spent the first 11 years of the u.s. attorneys office of the eastern district of new york, after a move to the west coast she served as the chief of the criminal division and chief of the securities fraud section at the u.s. attorneys office for the northern district of california. from 2002 to 2004, she served as director of the doj's enron task force, during which time her work was highly recognized, and on several occasions, one awards, including the prestigious attorney general's award for exceptional service. she next bent nearly a decade in private practice at the law firm of morgan lewis and baucas where she was cochair of corporate investigations and white-collar group.

in 2014, she was confirmed as the assistant attorney general. during her first year as head of the criminal division, she has made prosecuting cybercrime a top priority. she has innovated new initiatives that not only seek to investigate and to put cyber criminals behind bars, but also proactive strategies that aim to collaborate with the private sector and law enforcement around the world. one of the highlights of her first year was the creation of the cyber security union within the divisions computer crimes intellectual property section. please kindly join me in a warm welcome to assistant attorney general leslie caldwell. [applause] ms. caldwell: thank you, and thank you for not saying i am really old.

10 years and 30 years, i was certain to think, really? good afternoon, thank you for inviting me to speak here today. as all of you know, cybercrime and cyber security are very complicated and challenging issues. they raise concerns that really defy simple solutions. they often defined our traditional criminal investigative tools. it no single technology or law or policy or practice that will magically guarantee the security of our data, the security of our information systems. the victories in this area of prosecuting cybercrime in investigating cybercrime and setting up cyber security are very hard-fought and not easily one. the same is true of our prosecutions of cybercrime. we have been in the business of fighting cybercrime for more than 20 years. the criminal division set up the computer crime and intellectual property section, which, as you know, the department of justice and all of us in washington are

fond of acronyms. i will call it ccips. they investigate and prosecute economic espionage, along with the national security division. they work with 200 70 computer prosecutors across the country and work hand-in-hand. ccips has been involved in one capacity or another in pretty much every cybercrime case you have heard of since the 1990's. over the years, we have developed different strategies to combat cybercrime. we have tried to evolve the strategies as the threat itself has evolved. one of the things we have done and that i want to talk about today is, we really collaborate a lot with the private sector. as well as with our international law enforcement

partners all over the world, as all of you know. cybercrime is probably the most international of criminal activities. we had to develop relationships and we have great relationships with law enforcement all over the world. we also have great relationships with the private sector, who helps us in many of our sophisticated cases. frankly, we couldn't do it without the private sector and law enforcement. because of our collaboration, we are able to identify one of the biggest threats out there. people say isn't it kind of like playing whack a mole? we are focused on the guy in his basement in his pajamas and area. would probably still are focusing on some of those people, but if we are, it's because they are part of a bigger network, part of a bigger organization. that's what we are focusing on. we are able to identify what threat should get priorities, we are really only able to do that because of our collaboration

with law enforcement agencies all over the world. we are also able to dismantle infrastructures that cyber criminals use to victimize people all over the world. the collaboration between the private sector, government, and governments around the world is really critical to our success in this area, more than any other area of criminal prosecution. i really want us to not only continue that collaboration, but expand on it and enhance it as we go forward. today, i want to impress on everyone in the room -- we need to have a real sense of urgency when we talk about cybercrime. this is a huge problem that is getting bigger every day. cyber security weaknesses make all of our companies and many individuals vulnerable. every day, cyber criminals are getting more sophisticated. they are getting more organized. we see networks with overlapping personnel committing data breach after data breach. it is a significant problem, as you all know.

it's really robbing people of the sense of personal security stealing their data. stealing identities. stealing our international -- intellectual property, enriching themselves at the expense of people around the world. and at the expense of our companies in the u.s. i'm asking you to continue to work closely with us because we are actually better positioned than we have ever been before to help fight in this problem. we can really bring the intruders on your networks to justice. we can help you better defend your networks. i'm going to talk about the cyber security division we have created to help do just that. we are in a place right now where we can't tell you where the next data breaches going to be. we can't tell you who is going to be the next major cybercrime attacks. we can't stop it. one of the things we're trying to emphasize more and more is we need to prevent it. the department of justice, in creating it cyber security unit is trying to be a strong voice in just.

stepping back a minute, everyone in this room knows that cybercrime is a huge threat, as i just said. i know the director was just here saying it. a couple years ago, trade publications were calling 2013 the year of the breach, because there were so many data breaches. more recently, publications and others have called 2014 the year of the mega breach. [laughter] ms. caldwell: i can't wait to see what they call two dozen 16, but i can't imagine it's the years of the breach will be stopped. we have seen a series of invasive and damaging data breaches that have targeted some of our largest businesses across the spectrum. they are focused on banks, they are focused on all sorts of companies. the victims have ranged from really any company that has personal identifying information that can be monetized and sold -- they are at risk.

that could be a mom-and-pop tax prepare a business, the committee huge bank, it could be a health care data. these breaches or really anyone who has this kind of data. is the data that hackers are seeking so they can sell it on dark markets. one study last summer estimated the annual loss now to the global economy from cybercrime is about $400 billion. last week there was a study that said by 2019, the number will grow to $2 trillion. think about that. this is all money is flowing out of our system, intellectual property that's being stolen these numbers are huge and daunting. it doesn't even count the damage that happens to individuals when their data gets stolen. i know i got my letter from anthem blue cross saying that we are really sorry, we're worried

that perhaps your data has been stolen and we have been buying insurance for you for a couple of years. in many feel that much better. -- it didn't make me feel that much better. we have had victories, that service reminder that although it is complicated and on a grand scale, cybercrime is not unsolvable. it's not unsolvable type of crime. we shouldn't just put our heads down and not try to prosecute it. in fact, cyber criminals have become more sophisticated around the world, so have we, so have our investigative agencies. so have investigative agencies around the world. we are using old-fashioned types of investigative work with cutting-edge technical expertise, and again in collaboration with the private sector in almost all of our cases. we are really doing things that folks said couldn't be done. one thing i've heard is quite you bother to indict these people who are in vietnam were russia -- countries where we can get the people?

-- we can't get the people. we bother because we do get the people. a few weeks ago, we unsealed the indictment of the many who were responsible for the theft of over one billion personal records over three-year span. last year, foreign partners arrested a notorious russian hacker. one day, he was vacationing in the maldives, the next day, he was in jail in seattle weight -- awaiting trial. we successfully expedited another hacker who traveled to the netherlands and was arrested by our partners in the netherlands. he was part of a group that was responsible for data breaches a retail stores. where more than 160 million credit cards identifying information was stolen. in just the last year, we extradited about a dozen very high levels i will criminals

from all over the world. including people like the ones or just mentioned, who were from countries that we had no reason to expect we would ever get them unless they traveled. these people do travel, they are making a lot of money selling these things on the internet. it's a long winter in russia, i don't mean to single out russia. [laughter] ms. caldwell: there are a lot of countries that we do have extradition treaties with and that we collaborate with. that's going to grow, because we are not the only victims of cybercrime. all the countries are victims of cybercrime. i think the international cooperation is just going to grow. it's really in everyone's interest, and something that affects everyone. we also are doing other things to try to disrupt the tools the criminals use to carry out their crimes. for example, last summer -- u.s. law enforcement working with

partners in more than 10 countries, and with numerous private sector partners, we were able to disrupt a sophisticated type of malware that was designed to steal banking and other credentials from the computers it infected. unknown to the rightful owners of the computers, the infected computers became part of a global network or botnet. made of compromised computers. it was used by the cyber criminals for various purposes but in this instance mainly stealing confidential information in gaining access to financials such as bank accounts. it was a networked summer between 500000 and one million computers worldwide. many of those, most of those were in the united states. the network was used to steal hundreds of millions of dollars from relatively small businesses and individuals. a lot of those small businesses were -- had their entire bank

accounts wiped out. because they were business accounts, they weren't insured, so that's all their money. it's really serious. the game over zeus botnet was a crypto logger for rent somewhere, which is a form of software that would encrypt files on victims computers until they pay the ransom. it infested more than 200,000 in futures in a very short time. half of which were in the united states. in that same time, victims paid more than $27 million to get their computer files unencrypted. that's a lot of money but it's a particularly staggering amount of money when you know that each individual victim was only paying around $750. adding up to $27 million in a short time just shows how serious that was. those of the people who paid the ransom. so that operation was a success. it was court supervised, as are all of our operations.

we couldn't have done it without the law enforcement partners overseas, and we certainly couldn't have done it without some technical assistance from some companies -- and will mention them all, but some were crowd strike until secure works, and microsoft and shadow server. as an aside, we didn't stop the day we announce the takedown of the shutdown of game over zeus botnet. we continue to pursue the people responsible. we have warrants for people's arrest. the state department recently announced the $3 million reward for information leading to the arrest of the russian national who is the mastermind of the botnet. it's a long winter in russia, there are people in russia might want that $3 million. we are hoping the reward will help us get him. again, they're not hundreds of thousands of people out there who are engaged in this kind of activity. they are relatively small number. a lot of them are known to the

fbi. we're really focused on getting the big people. because as we have seen, and i don't know if the director said this in his remarks -- we see overlapping cast of characters in a lot of the different data breaches and other problems online. so the collaboration we really achieved in game over zeus with the private sector and with law enforcement in many other countries was not an aberration. that is going to be -- that is the new normal in our investigations. just a few weeks ago, we dismantled another botnet -- i don't know who comes up with their names. it's not us. i know the fbi comes up with crazy operational names, but these are all on the hackers. that particular botnet installed fraudulent antivirus software and ransom ware, it also stole bank login and password information. once again, the private sector's assistance was critical to dismantling this.

i think i've made it clear that we really appreciate your help we want your help. but we also want to help you. as you mentioned last december -- the georgetown law school campus where i announce the criminal division's plan to act more closely with the private sector and to work more closely with other government officials in the private sector, on the issue of cyber security. we recognize that prevention is really important because as we said earlier, we can't for see when these things are going to happen. right now, we can't stop them in advance. we have to really help people prevent these breaches from happening. we created a new section called the cyber security unit, which is part of ccips. cybercrime and cyber security are inextricably linked to each other. vulnerabilities and hardware and software, inadequate implementation of security protocols, that's all what

facilitates and enables cybercrime. in creating the unit, we hope to use the lessons we have learned and skills that ccips has developed over the years from investigating in developing cyber crime to create useful guidance to support public and private sector secure -- cyber security efforts. by creating that unit within ccips, we were already focus on cyber security, but this is a dedicated unit to make sure that cyber security gets the constant regular security it deserves and warrants. ccips has extensive security experience, that will concentrate that in a relatively small group of people. what the cyber security unit will do -- we are already doing it. it's been in effect now for almost six months. they have been analyzing and providing legal guidance on cyber security issues.

to the extent they appliquéd fettle -- they implicate federal laws. they're working with congress on cyber security related legislation priorities. i have been working with the national security council and others in the executive branch on various cyber security initiatives. most important for this audience, they are actively engaged with the private sector and the public at large to address the kind of legal challenges related to cyber security. i'm happy to announce that even though it's only been in existence for a few months, the cyber security unit has really broken a lot of ground. it has been a big hit. there is a big hunger for it. we have been conducting outreach with the stakeholders of the private bar, meeting with security researchers and industry groups, in-house counsel, trade association, financial institutions, others in the private sector. i will give you a couple of examples. we recently had a discussion with the center for strategic

and international studies, with some leading security experts to talk about the subject of active defense. what can companies do when they are hacked? we have on the cyber security units website a summary of the discussion if anyone is nerdy enough to go look at it. i did. that just says that i am nerdy. we also learned a lot more as a result of that session about in-house counsel's challenges when they are faced with very unfamiliar area, a cyber security breach or what to do to prevent a cyber security breach. as a results of that session, we arranged to make a presentation to a group of in-house counsel from a particular sector of the economy. we also learned from that session which defensive measures cyber security experts actually are most effective and actually

work. and we are assessing whether we can have a role in assisting companies in the implementation of some of those measures. we also recently held a roundtable with leading private sector data breach response experts, many of whom were outside counsel representing various companies. it was mobbed. we actually had to turn people away because there is such a hunger for this issue, such a hunger to understand. in the case of data breaches, we see a lot of in-house counsel who were bewildered and don't know what to do. there's a real demand for that. we had a very robust discussion that roundtable about various issues including the benefits of prompt reporting of data breaches. and the new attorney general loretta lynch, gave opening remarks at the conference, but also has made clear the water for top priorities as attorney general is to address the problem of cybercrime. the cyber security unit has also began collaborating with other agencies, non-doj agencies under

israeli tory issues. one agency we have been collaborating with is the ftc and the ftc actually today issued a statement on its website saying that it was -- i will read from the statement. a company that has reported a breach this is on the ftc's website, a copy the reported a breach of the appropriate law enforcement and cooperated with them has taken an important step to reduce the harm from the breach. therefore, in the course of conducting an investigation, it's likely we do that company more favorably than a company that hasn't cooperated. that's the ftc's statement after consulting with an coordinate with doj and the cyber security unit. i won't speak for the ftc, but from our perspective we view victims of data breaches as victims. i think this statement will help show that other enforcement agencies are also willing to view data breach victims as victims.

a public example of our work so far in cyber security is also on our website, which is a document for best practices for reporting of cyber incidents. this is our first written contribution to the cyber security discourse, and it's been very well received. we got a lot of inquiries about it. that died is consistent with our mission overall, and draws on our experience that cyber crime prosecutors have in investigating, and prosecuting cybercrime. it also draws on input from the private sector and organizations that have handled cyber intrusions and hacking. it also captures some pretty common sense obvious things that are prudent measures that an organization should voluntarily undertake to both prevent and react appropriately to cyber security attacks. it provides step-by-step advice on what a company should do or organization should do before during, and after a cyber attack.

some of the things might seem obvious, and will seem obvious to everyone in this room. but what might not be so obvious is that many companies, including some very large companies, didn't have these things. they didn't have a plan. they didn't know what to do, they were thinking -- w sony is an example. i'm not involved in the sony case myself. i don't think sony really thought they would be vulnerable to the kind of attack that was made on them. a lot of companies -- this has been a wake-up call. they think we are defense contractors, we don't have to worry. we are not financial institutions, we don't have to worry. every company has to worry. i think that's really been something that has been surprising but helpful. the plan says what you should do before a cyber attack occurs. it makes what probably seems like an obvious recommendation -- you should have a plan. you should have a plan about what you're going to do to prevent this.

and what you are going to do if it happens. your response plan should identify what are our most important cyber assets. adopt risk management practices within the company. to protect those assets. and make sure you have the right people with access to those assets and you have people who are identified in advance of a breach who are going to be the responders to that breach. you should also develop relationships with -- before a cyber attack, and a lot of companies are scrambling to do this, you should develop a relationship with law enforcement. you should probably have an outside counsel in mind, we will call, an expert with the next season cyber, we will call if something happens, so you'll be ready. the guidance, and are not going to go into a lot of detail, but the guidance goes into some detail about what do you do if you are attacked and after the attack? the most and port in thing from our perspective is that you notify -- hopefully you already

know that law enforcement person -- that you notify the person. i know the director spoke of that too. it's really important because we have tools that cyber security vendors don't have. we have information they don't have. we have the ability to do certain things they can do. we can tell, if we look at data breach a combat retailer, it's the same people that did retailer bay, which the cyber security companies might have more trouble doing because they don't have all the information we have. these recommendations in this guidance are carefully thought out and really the product of long experience, as well as input from others who have similar experience. we really hope we see the end of the day where we are called in and called into a situation where we are meeting with a totally bewildered company bewildered in-house counsel, who didn't have adequate authority to monitor their networks, help identify intruders, didn't know

what to do to preserve their data after there was a breach. but has taken measures on their own, which i will talk about in the second, in response to a breach that swore our ability to investigate effectively. we drafted the guide, it applies to any organization, but it's really aimed at smaller organizations that are probably less likely to have current cyber security relationships. i think they are probably the most likely to benefit. i really think it can benefit everyone. we understand that in cyber security, justice and in compliance generally, there is no one-size-fits-all type of plan that you can impose. cap tailor everything to your company and your risk. but he think it's a good starting point. it's also the kind of document that is a living document. we're going to be updating it as circumstances change and as we get additional input from others in the field. this is just the first document we are putting out. we will be putting out additional guidance as we go forward.

in addition to what i just described in the guidance, the guidance also says what organizations should not do. consistent with the goals of the cyber security unit, we are hoping that the guidance will help steer companies away from what might be their first instinct, which is to engage in defensive measures, including a hack back. i know the director talked about that. it's basically when you hack into summary system, hack back into you think attack to tithe either harm them or retrieve your stolen data. based on our decades of experience, we think that hacking back can carry serious legal consequences, and also raises significant policy risks. and frankly probably won't get you anything more than just the satisfaction of thinking that you damage someone the -- somebody who damage you.

let's talk about our legal position on hacking back. they're commentators that say hack back is lawful, that is not our view. our view is that it is not lawful. even if it were lawful, we would recommend against it because it creates a lot of risks. i think that sound policy considerations also militate against hack back. it poses significant risks to innocent third parties. in many of our investigations, we've seen sophisticated cyber criminals who hijacked the infrastructure of innocent third parties and use that in the structure to commit their crimes while masking their identities. you might be hacking into some unsuspecting innocent third party. cyber criminals frugally use multiple third parties somewhere they might keep their stolen data for later retrieval. so when you hack back, you don't really know who you are hacking into.

also, as i said earlier, hacking back can interfere with our investigations. you can interfere with our ability to gather data that's important investigations. that's not a theoretical concern, that has happened several times where company has taken its own actions and we have been unable to piece together the digital trail and we have been very hampered in our ability to do that. there's also a very significant risk of dramatic escalation if you hack back. you don't know who these people are. it could be a sophisticated cyber criminal, it could be a foreign intelligence service that will have much more powerful, much more destructive technical capabilities that anything you have when you attempt to hack back. another issue is that hacking back, first of all, our view is it's not legal here, but it's also not legal in some other countries around the world. you might be hacking back into some person or entity who

resides in a country so that you are violating the law of another country. there is also the possibility that whoever you hack back into could mistake your action as an action of the united states government, which would create also to of other problems from a foreign policy perspective. we also think, significantly, another reason why it's not worth it is because it doesn't usually work. it doesn't usually attain the desired results. that's not just us talking there are a lot of commentators out there -- there was recently a christian science monitor article where they pulled a group of excellent across government and private sector in private advocacy groups, the privacy community on whether companies should be allowed to hack back. 82% of those said no. we've also gotten similar feedback from cyber security experts at the csi s meeting with the cyber security unit there were a lot of cyber

security experts. their view was that hacking back is a bad idea. i am encouraged by the innovative cyber security proposals that we have seen and that are out there. i think they're going along way they are increasing security through alternatives to passwords, improving private sector capability to immediately devalue stolen data so that it is not that bad, because the there is nothing they can do with it. anything that can defend a network, is not necessarily a good idea just because hacking back is something that we feel very strongly doesn't really work and is a bad idea and might expose you to legal risk. both here and overseas. we are considering now the cyber security unit is considering whether to offer guidance on defensive countermeasures, not hacking back but other defensive

countermeasures that we have been told by several security experts are beneficial. and we are also increasing our efforts to make sure that we can act come along with our law enforcement partners, in a more timely fashion, when there is a data breach, we can respond more quickly. we can respond in real time. we have international partners, we have a 24/7 network around the world and we really want to help stop these data breaches and react inappropriately when they happen. we are working to make ourselves as fast and nimble and 20 47 as possible. i want to reiterate what i said earlier. everyone in the department of justice who works in cyber security feels the threat. we feel liberating down our next. we feel the sense of urgency. we want all of you have that same sense of urgency. the status quo is not good enough.

we have got to keep up with these people and try to get ahead of them. cyber criminals are doing more and more every day to invade our lives and homes and to steal our money. and harm our businesses. really have to find ways to prevent that. reacting to it is great, prosecuting is great, we are going to continue to do that and continue to put notices out all over the world in case someone travels from russia to the maldives on vacation. but that's not going to solve the problem. the problem can only really be solved by prevention and by education of companies so that they know what to do and how to prevent an attack, and what to do when an attack happens. we have to find new ways other than hacking back to alter the state of cyber security in this country. i think we can do that, but it's a big job, and it's going to require all of us. it's going to require the private sector, the public-sector, excerpts --

experts from academia. it's going to require everyone to fight cybercrime and improve cyber security. i think we can and will, and i look forward to working with all of you to do it. thank you for having me. [applause] [captions copyright national cable satellite corp. 2015] [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org] >> coming up, vice admiral peter nothings or has been nominated to lead the transportation safety evisceration. you can see a sesame live at 10:00 a.m. -- safety administration. you can see his testimony live at 10:00 a.m. on c-span3. >> for he today that sheds his blood with me shall be my brother, beating their servile, this day shall gentle his condition. and gentlemen in england now a bed shall think themselves accursed that they were not

here. >> one drop of blood, drawn from the country's bosom, should review more -- grieve thee more than streams of foreign door. >> michael whitmore talks about shakespeare and how politicians use quotes from the famous playwright in their speeches. >> sometimes you have to go with the music of the words, the poetic images, the sound, the rhymes, and also the way in which you are able to pause and linger over a long phrase and then stop and keep going. i think he is really using the rhythms of the language, which is something that shaker did so brilliantly. so that he can take english and put it into high gear at one moment and then slow down. that is something that shakespeare lets you do if you are a politician. >> sunday night at 8:00 eastern

and pacific on c-span's "q&a." >> good night, good night, parting is such sweet sorrow. it really is. >> this sunday night at 8:00 eastern on first ladies, influence and image, we look into the personal lives of three first ladies. andy harris and never set foot in the white house because her husband, william henry harrison died after a month in office. the teacher tyler becomes first lady when her husband, vice president john tyler, assumes the presidency. she passes away a year and a half later. the president remarries julia tyler, which is the first photographed first lady. in the sunday night at 8:00 p.m. eastern on c-span's original series "first ladies, influence and image. examining the public and private lives of the women who filled the position of first lady lady and their influence on the presidency."

from arthur washington to michelle obama. sunday today to collect p.m. eastern on c-span three. and as a compliment, c-span's new book. it is available as a hardcover or as an e-book through your favorite bookstore or online bookseller. >> like today on c-span "washington journal," is next. the house returns at 10:00 a.m. to take up a bill on commercial space travel. also expected, debate on funding for the national science foundation and other federal science research agencies. coming up and 45 minutes commerce and adam smith, democrat of washington state, and ranking member of the armed services committee. he will discuss the fight against isis and the select committee investigating the benghazi attack.

at 8:20 a.m., more about the fight on isis with public and center mike brown's of south dakota. he was not but his legislative agenda as a freshman senator. -- he will talk about his legitimate of agenda. >> good morning everyone. may 21st. phreut tow reports show whether his speech has any effect on the aspiring legislation. find out watch c-span two to watch the floor. he said the climate cha