at gm we have made cybersecurity a top priority.cybersecurity team who many of you know, jeff, and he will participate later today in a roundtable discussion. we've also taken a leadership position within the auto isac with jeff serving as vice chair. we've made a very deliberate decision to embrace the relationship with the white hat research community. earlier this year we launched a coordinated disclosure program that put out a welcome mat to researchers and cybersecurity experts, inviting them to identify vulnerabilities in our systems. this is an approach that silicon valley is practice for years and is very good at, but with a few companies have embraced beyond software industry. our program at gm is new and we are still learning best practices, but we are committed to expanding and evolving it and working with the research community to improve our cybersecurity posture. but while all of these actions are important, the single most significant commitment we have to make to cybersecurity at gm is to commit to collaborate with e

on cybersecurity.n update on the isac and talk about information sharing and how we can improve that, mature as an industry and where we are going next and a update on the best practices and yesterday with the automotive best practices and definitely an exciting time and i think hopefully you gel something out of this to not know what we've done but where we're going as an industry and not just about the isac but you all in the room and how we protect the ecosystem as one team. many of you know who's on the stage here. really, the experts in vehicle cybersecurity across the industry. bently au, the chief information officer for the enterprise program for toyota. le bently is instrument with the isac, real leader in this whole space and it's greet have you. thank you for flying in from california, bently, to be with us. josh corman, the friendly on the panel. the researcher. we could keep all automakers up here. many of you know josh as the founder of i am the cavalry and moved over to the atlanta counc

cybersecurity issues here in congress. mr. speaker, i also need to thank chairman mccaul, ranking member thompson and subcommittee ranking member richmond for their help in getting this legislation across the finish line today. i'd also like to thank chairman royce and the staff of the foreign affairs committee for their assistance in moving the legislation to the floor today. i ask unanimous consent to insert an exchange of letters between the chairman of the committee on foreign affairs and the committee on homeland security. the speaker pro tempore: without objection. mr. ratcliffe: with that i'd like to urge all members to join me in supporting this bill, and i reserve the balance of my time. the speaker pro tempore: the gentleman reserves. for what purpose does the gentleman from rhode island seek recognition? mr. langevin: mr. speaker, i rise in strong support of h.r. 5877, the united states-israel advanced research partnership act of 2016, and yield myself such time as i may consume. the speaker pro tempore: the gen

cybersecurity, the issue of cybersecurity has been raised and discussed at each of these hearings. the government is never going to be big enough to have the manpower and resources to address all of these challenges as they come up, which is why it is so important and i'm grateful we have industry here today to discuss this with us because they must take the lead. recent attacks present a unique opportunity to examine the scope of the threats and the vulnerabilities presented by connective devices and learn how stakeholders are considering these risks throughout the supply chain and how consumers are responding in the market. we've learned about a number of best practices and standard-setting projects that's are ongoing with various groups. it's an exciting time in the growth of interconnected device, the growth of the internet of things. it's really going to be life changing for so many -- in so many industries. but we also need to see meaningful leadership from industry about how to address these real challenges. again, i want to welcome our witnesses, and i'm pleased to yield th

lawmakers on your from private sector, cybersecurity experts. [inaudible conversations] [inaudible conversations] [inaudible conversations] [inaudible conversations] [inaudible conversations] >> i will call to order the subcommittee on communications and technology in our joint committee hearing with the subcommittee on commerce, manufacturing and trade. good morning, everyone. i'll start with opening statements for our side and for our subcommittee and then i think we go back and forth. to work this out. i want to thank the two subcommittees for come together on this important topic that i think we all share a deep concern about. we live in a world that's increasingly connected. our smart phones are not capable of locking and unlocking our front doors at home. turning on lights, checking the camera for packages left on the doorstep. were able to measure steps, check baby mortars, record of favorite programs are where we have connectivity. we will be able to communicate, we can to make it with our offices but commute to her office in driverless

he said about cybersecurity they're so international treaty covering cybersecurity and no treaty equal anarchy. can you talk about that international aspect of? >> i think we have to focus on that issue much more than we have in the past. we know there are international state actors who engage in this type of activity on a regular basis, and so we are constantly trying to defend our systems which we should ever have to be aggressive to do that but you have to stop the folks, these to this could actors engage in activities who are really in my mind often times could be an act of war to break in and steal secrets, private information, activities, the went to say enough is enough and have the world community has to come together and identify. let's be frank, there are only a few, a handful that we know they're engaged in decency there will be significant actions taken against those countries that engage in these types of activities on a systemic way. that would be sanctions or other types of mechanisms. it's got to be two-pronged, enforcement which is what government does come enforcement

cybersecurity, the issue of cybersecurity has been raised and discussed at each of these hearings. the government is never going to be big enough to have the manpower and resources to address all of these challenges as they come up, which is why it is so important and i'm grateful we have industry here today to discuss this with us because they must take the lead. recent attacks present a unique opportunity to examine the scope of the threats and the vulnerabilities presented by connected devices and learn how stakeholders are considering these risks throughout the supply chain as well as how consumers are responding in the market. we have learned about a number of best practices and standard-setting projects that are ongoing with various groups. it's an exciting time in the growth of interconnected device, the growth of the internet of things. it's really going to be life changing for so many -- in so many industries. but we also need to see meaningful leadership from industry about how to address these real challenges. again, i want to welcome our witnesses, and i'm pleased to yi

the cybersecurity must change to ensure they are not vulnerable to a device. and with a number of hearings that issue has been raised and discussed in each of the hearings and to have the manpower in the resources that is why this so important what we add industry here today in by those of bases -- devices with the supply chain as well as of their responding in the market. and with dozer ongoing groups. so will be like changing. but then also to see meaningful leadership from industry how to address the challenges. now welcome to our witnesses i am pleased to yield the balance of my time to the gentleman from ohio. >> also the chairman to both subcommittees for the subcommittee hearing and as we mentioned those that were caused by a devices to the internet the attack cadillac of adequate security measures the basically exploiting with the user names and passwords with those devices with that ability to have the upgrades of securing devices through good cyberhygiene practices but we're all too familiar with this issue then one of the most common things matter w

crash-worthiness and for testing cybersecurity embedded defenses. let me conclude with five recommendations to protect our national infrastructure. number one, incentivize built-in, basic cybersecurity hygiene by establishing meaningful milestones encouraging use of strong cryptography in these products. two, support agencies like the national science institution, the national institute for standard technology to advance our understanding of iot security and to train the hundreds of thousands of students necessary for a robust cybersecurity workforce. three, study the feasibility of standing up an independent, national embedded cybersecurity testing facility modeled after, for instance, post-incident initiatives, such as the national transportation safety board, incident prevent initiatives such as the national highway traffic safety administration, nhtsa, and then, more unusual places like the survivability and destruction testing at the nevada national security site. number four, i recommend leveraging the existing cybersecurity expertise with an

to be the epicenter of cybersecurity. and six years later, looking around the room, i would say we have been successful. wouldn't you agree? [ applause ] but the question that we always ask is, what's next? cyber maryland has become the model for other states, and earlier today, we made an announcement about a program called cyber usa. community of communities and cyber states which will be led by the former undersecretary for commerce, bill bond. and the first dhs secretary, tom ridge, former governor of pennsylvania. rick? >> yeah, thanks. so we wanted to kick off the session today, as everyone knows that cybersecurity is the new space race, right? what happened when the space race was going on? countries were trying to get to the moon. right now, we have a situation where cybersecurity does not have a zip code. it doesn't represent 21212. you know, colorado, california, and so on. so the first move was to now bring all the states together in a collaborative effort with cyber usa. and then what we wanted to do is one of

this so we want to double down in cybersecurity.i will share with you nitsa, they ranked harman as the best cybersecurity solution in the world. we're delighted, and we continue to invest and double down. so adding that and the update and the software we have, i feel very excited about the future not just in automotive but connected car audio systems, individual sound zone. homes are going also connected home with all iot. so this is another synergy, with all the television, the display technology of samsung and our auto technology and our brand. >> let's talk about the professional in terms of the real car aficionado. even since we've seen each other, some of these cars costs of hundreds of thousands and dollars and they're using your systems. >> we've seen an incredible differentiation our companies are using. bmw has used two or three brands for their ultra-high luxury car. same thing we see in audi. they use bang and ol af son. >> that was a brilliant acquisition. >> that led to almost a billion dollar order from ford. that will

what about cybersecurity? >> and then talk about the need to be more aggressive if you look at the platform and i think he does understand to bring out the importance of cybersecurity which is all the daily news. with the importance of cybersecurity. otherwise the candidates remain not pay attention. that is pretty clear against foreign attackers. but to mirror the report calling for them or for word and meaning approach and where appropriate to to retaliate with those consequences of those that are engaged and then to contemplate that notion if we can see the attack coming. but we have not yet experienced a serious genetic cyberattacking in the united states may be adm in new york that was tinkered with the it the potential for serious attack is there if you think would happen on friday last week was enabled and to think about that happening for with that different kind of attack you can see loss of life. so we do have the capacity. we deere very capable to sit on the sidelines before they could engage in any

at one point it was kind of like cybersecurity, that's hot. it became this e-mail and getting into the e-mail. was that just because of the scandals we heard, or is it just -- is it the most crackable? why do we know that the company -- the two companies are involved in just e-mail have had stronger results than all the other companies in the segment? >> because, again, e-mail is a great way to get in. we talk about the aattacker has to get in and then set a footprint. the companies that are trying to we actually work very well with those companies. >> we're always trying to figure out who's doing it. could you just give me a -- we hear russia. we hear china. how often is it state actor versus plain old bad guy? >> a lot of it is plain old bad guy. when it's after monetary reasons, i think the well famous things had to do with nation states. cyberark is not in the business of attributing, but we're seeing customers are worried about all of the above and they brief their boards about all of the above. >> with a new administration in the united

one time or two times or three times, listen to every word she said especially cybersecurity is a matter of public safety. >> thank you our panel for a great session. [applause] >> good morning. thank you very much for the opportunity to be here today to talk about the f dei and what we are doing -- fbi and what where doing in regards to cyber crime. morally obligated to start out by saying i know i'm the last person between you and lunch and i will keep that in mind. i have 15 minutes, give or take for comments and a some time for q and a. i will hold up my side of the bargain and you have to hold of yours. here we go. i will focus on four things. the current overall cyber threat, how see this threat impacting the automotive industry, what the fbi is doing to prevent and respond to cyberattacks and lastly, the importance of public-private sector collaboration and what do you or the industry can expect from the fbi if you suffer a breach or the victim of in a cap. with a little story. everybody local a story about a meeting i went to in march of this year and it was with intel corporatio

it is also critical that security in particular cybersecurity be a consideration in the design stage rather than as an afterthought. it is not just tesla and google pushing the envelope's on autonomous vehicles, i'm sure you have heard about george who is making a self driving car in his garage. what could possibly go wrong with that? supply chain. we are want to talk about it again. another vulnerability clearly. under many possible scenarios that we are thinking about involving malware introduced during gps updates. another access point. .ransportation infrastructure hackers can compromise the gps or navigation and send drivers to the wrong place. or bad actors can use rates and to extort money in exchange for information to get them to the right place. here is what the fbi is doing. director comey has recognized the severity of this particular risk and combating get one of his top priorities. we as an organization are constantly evaluating how we go about dealing with our responsibilities prefer those of you looking got a news this morning, the department of justice, inspector gen

as well as cybersecurity of financial institutions overseas? you currently play a central role, you will continue to. what assurances can you give us, please? >> so let me start by saying that i agree very much with your assessment. this is one of the most significant risks our country faces, and we are cooperating with the regulators as you indicated internationally, working with the g7, cooperating with financial institutions to make sure that we have a system that is prepared to deal with cybersecurity risks. we are very focused on this in our own operations and i can provide you more details if you're interested in the various things that we're doing to make sure that our sewn systems are safe and meet the highest standards. we're also working closely with the financial institutions to make sure the controls they have in place are part of our supervision. we recently put out an advanced notice of proposed rule making that suggests higher standards of cybersecurity protections for institutions that are systematically important. and for those

cybersecurity remains a major concern. experts say fixing an election is nearly impossible but there are concerns about the security of some electronic voting machines. >> the system is rigged, advocates. all rigged. we are in a rigged system. >> the system is totally rig and broken. reporter: cybersecurity experts have warned about how simple it electronic voting boots. >> it -- booths. it could be easy to put a piece of malware on it if they are not encrypted and while terror voting -- while they are voting manipulate the card to code on one of them or multiply the number of votes they are submitting. reporter: there's no evidence any such rigging has ever taken place but four states including illinois have their veteran scanned. >> we are highly confident that nothing was added or deleted or alter the. reporter: but officials are concerned by hackers in russia may have been just a preparation for today. >> there have been a variety of scanning activities which is a preamble. reporter: security experts say the end could

i mean, i'll say, first of all, that i don't with purport to be a cybersecurity expert. so we'll leave a lot of that to jeff. but, you know, i think without question anybody who's going to be in the white house next, obviously, this is going to be very high on the list, certainly watching the attack last week, you know, anybody who's going to be sitting in that chair, you know, this is one of the big problems that needs to be solved. that's not -- the attacks aren't going away. you know, i will also share some, you know, overarching concerns which have to do with spying and surveillance and, you know, who is the nsa spending their time watching. and i think those are, those are really big questions that the next president's going to have to tee up. i think there's a lot of work to do there as we look at, you know, what's worked and really what hasn't in the patriot act with some of those authorizations coming up again. you know, a whole set of things to strike that balance between the protections we absolutely do need on these networks and not just sweeping up, you know,

so, on our list of 15 safety issues, cybersecurity is one of them. and basically, the same concerns that you apply to new would have to be to any kind of retrofit as well. >> okay. now, when it comes to the fully autonomous vehicles, because i think that's the holy grail of what, you know, the industry's looking at and what i think quite a few people on this planet would love to see that happen for a lot of good reasons. but what concerns me is when people try to rush things through and push a department like yours, an organization like yours to just get it done, it's unfortunate, because there's no shortage of people on any given day that would go ahead and jump off of a mountain with a little, tiny parachute and think that's the most awesome thing in the world. however, if that parachute doesn't come out, one person gets hurt, and they're in control of themselves, they have the freedom to do so and they did so. but the issue that we're talking about here today, if somebody actually does something that they find is not risk-taking at all, we're talk

i wanted to ask, there were a lot of concerns around cybersecurity. i know that dhs was in touch with a lot of states and i just want to know what you saw that dave was there any intrusions or any kind of report that you can give us after the concerns leading up to that time? >> was the begin addressing the elephant in the room and being non- responsive to the question at least initially being the transition that we are in. this is my third that i've been through. i've been part of the outgoing team in 2000 and now part of the outgoing team again in 2016 i can say with high confidence that this will be my last transition. i very much believe in the citizen public servant model and i look forward to returning to public life in 67 days and there are two things i would like to point out. one, anytime there's a there isa transition, there's lots of uncertainty and anxiety and questions about the direction the new administration will take the government. will they go to the extreme left or the extreme right and try to steer the middle course, who will lead

can the ballot box and your vote be me is a strategist and cybersecurity expert. thank you for joining us. >> thank you for having me. >> the main question is how vulnerable are electronic voting machines to hackers, and what can be done to protect them? >> the machines have shown to be vulnerable. the benefit, the saving grace is they are usually not connected to the internet and require physical access to the machine to cause problems. >> that's the other thing. it sounds like the internet is a it is any form or just at the voting booth. >> if the machine is not connected to the internet it is difficult for an outside intruder to attack multiple machines at one time. the fact they require physical access to cause harm helps to limit the possibility there is any nefarious activity going on. >> if something were to happen it would have an affect on the outcome in a large way it would have to happen in each location in hundreds of thousands of places. >> 9,00 use different equipment and trying to sway an election would require a compromise of several hundred machin

well as cybersecurity a financial institutions overseas? you will, you are, you currently a super bowl, will continue to play a role. what assurances can you give us? >> so let me start by saying i agree very much with your assessment. this is one of the most significant risks our country faces, and we are cooperating with the regulators as you indicated internationally working with the g7, cooperating with financial institutions to make sure that we have a system that is prepared to deal with cybersecurity risks. we are very focused on this in our own operations, and i can provide you more details if you're interested in the various things that we are doing to make sure that our own systems are safe and the highest standards. we are also working closely with financial institutions to make sure that the controls that they have in place on appropriate. it's a key part of our supervision. we recently put out an advanced notice of proposed rulemaking that suggests higher standards of cybersecurity protections for institutions that are systemic

. >> reporter: the group cybersecurity group decided to see how easy it would be to manipulate the election system. the first step, the team tracked down an official voting machine for sale on-line. >> it took a couple of days and we were able to reverse engineer all of the stuff on that system. what was fascinating is the last election's information was still on the hard drives. >> reporter: that's not all. they were easily able to reprogram the card voters used to cast their ballot. it could be programmed to look and over and without a paper backup, it could damage the results. >> there isn't a recourse. that's why it is such a risk. it can create fear, uncertainty, doubt in the election process. >> reporter: he says another concern is this usb-type card that collects data from the machine. >> all it is something that somebody physically carries from one place to another. that creates a gap in security. this could allow one to stuff the digital ballot in one direction or another. the to all of those different voting machines at the same time and manipulating each of those is very low, but

cybersecurity, the issue of cybersecurity has been raised and discussed at each of these hearings. the government is never going to be big enough to have the manpower and resources to address all of these challenges as they come up, which is why it is so important why i'm grateful that we have industry here today to discuss this with us, because they must take the lead. recent attacks present a unique opportunity to examine the scope of the threats and the vulnerabilities presented by connected devices and to learn how stakeholders are considering these risks throughout the supply chain as well as how consumers are responding in the market. we have learned about a number of best practices and standard-setting projects that are ongoing with various groups. it's an exciting time in the growth of interconnected devices, the growth of the internet of things. it is really going to be life-changing for so many industries. but we also need leadership from industry about how to address these real challenges. again, i want to welcome our witnesses, and then i'm pleased to yield the balance

and i think it will start at the backbone of cybersecurity. think how much data your transit agency has, if you take wmata or new jersey transit or v.r.e., think of all the data they have about you and about your credit card information or the fact that you got easy pass. easy pass if i recall is the third largest holder of financial data in the united states. all right. we talk about banks being secure -- and that's where public-private partnerships really come into advent. we know it's working in other parts of the world such as in europe. what are we learning from that part of the world to help us here? rob: thanks. i want to build off your idea of the speed with which you're seeing maybe other regions, other countries tackle infrastructure spend. what do you think is required of the federal government to sort of have that same type of speed and approach? aubrey, you mentioned it's more than just money. what's the criteria? aubrey: it's political will. i mean, you have to have the political will. we just had a project in the southeast part

third, other agencies must take a look at the risk of the cybersecurity vehicles. they've requested imminent hazard of authority and i will note its part of the safety improvement act and in conclusion the automated is possible like the emergency braking but there are conditions that must be balanced with accountability and a full view of how humans interact in the technology. building trust is critical. vigorous oversight and attention to the total technological change. >> you are recognized for five minutes for an opening statement. >> i serve as the senior vice president for the motor equivalent manufacturing association. we are a leading. more than 800,000 enter and it is 4.2 million we applaud nhtsa for the vehicle policy given the rapidly evolving advances in technologies we believe this policy that clarifies the national framework for the states since pathways for all navigate the complexities of the technologies. we are working with our members to provide a specific comments by the 22nd and we are committed to the continuous dialogue on the policy however w

will cybersecurity be the new top uk of trade agreements? >> it will be a topic of grade agreements? >> yeah. >> i think it should be. it has to be a topic of conversation. you have state actors who engage in cyber activities to steal secrets and use industrial espionage to leapfrog their effort. we would consider those an act of war in the past. we need to consider that as well. i certainly think we have to strengthen that international framework to protect what we worked so hard to create and put in sanctions against those countries. now of course there's issues, we have to be able to identify that and know who's behind it, not easy to do. but if we're able to do that we have to have a tougher approach. >> international governance, it has to be addressed soon ore or late. the recent issue with microsoft and the data storage, this is a virtual industry and if you're connected to the internet, you're connected around the world. and that's probably the next coming conversation, how do you square what we're doing domestically in the united sta

will the auto industry be held liable for cybersecurity failures? >> i believe they will. and and that's why failure's not an option for folks. those are some, you know, these are some of the broad policy issues that i alluded to in my opening comments with this technology's moving. there's liability issues. the insurance industry, how is this going to change insurance? will companies be on the line, privacy issues that are there. there's just these whole host of issues that are out there that have to to be resolved if we ext the technology to be fully utilized going forward. i think there's no question that industry will be hit. if there's a cyber attack and people get injured, there's going to be costs related to that. but i think -- and also what i mentioned in my initial comments is that consumer acceptance won't be there. it'll be dead in its tracks if you have some of these accidents. and i saw a recent report or survey that said 50, i think it's over a majority of people don't want anything to do with autonomous vehicles right now. and an even bigger majority want t

we need to get more cybersecurity professionals all over. we need for the talent group to be more diverse. we find the diverse teams are the best and cybersecurity is one of those places was important to diverse perspectiperspecti ves to tackle the problem and move forward. >> i think cybersecurity is one of those issues where technologists field a bit of tension or distance with the cover. they think the government is on the opposite side of the table when it comes to encryption their president obama was not south by southwest last year and he talked about trying to find a way to make a compromise on encryption, engineer a secure backdoor for encryptions that law enforcement can access. this is an issue we have struggled with. obama's said it was that something had the expertise to design. you have a little bit more engineering expertise. do you believe it's possible to design secure encryption backdoor? >> the first thing i would say, the premise of the question were on opposite sides i think is a little wrong. the government and techies b

i spoke to the head of cybersecurity at usf today. he pointed out that our voting systems in the u.s. are not connected to the internet. they are decentralized on purpose so the chances of a widespread attack are highly unlikely. i will be keeping tabs on election security throughout the evening. >> we will bring you complete coverage of your vote counts 2016 here on news channel 8 as the results come in. >> and we will have election results on the bottom of your screen throughout the night. you can also get results on our website www.wfla.com. it has already started out exciting. >> a historic night either way. >> we've got to talk about amendments coming up at 5:30 pm. the fight has pitted consumers against power companies. what will a yes will voters in florida legalize marijuana? we will tell you how supporters feel about their chances coming okay, you know i was your governor. i played quarterback. my dad was a doctor here for 55 years. i swim every morning. and yes, i'm a fan of fans! and in congress i'll get things done for pin

. >> some concerns about the threat of cyber attacks on election day that cybersecurity experts say the chance of a hack actually altering the outcome of the election is slated to say most of voting machines are not even connected to the internet and they are not even connected to each other. each state runs their own operations with different kinds of voting machines. >> i have a lot of confidence in the integrity of our ballot counting process and confidence in the security and cybersecurity around the process run by state and local election officials. >>> the threat of an election day cyber attack has prompted 48 states to ask the department of homeland security for some help. ktvu will have complete coverage on election day right here and on ktvu plus. the results begin a 4:00 pm we will be live on ktvu, ktvu plus and live streaming on our website ktvu.com if you cannot get to a television and also the latest developments online and on social media. >>> happening today employees at hertz rent a car plan to go on strike. according to the teams local teams that drives the car shuttles

cybersecurity experts will monitor election day from dhs' cybersecurity center and cyber fly teams will be deploy if there are any major attacks. in new york, bryan llenas, fox news. >>> coming up after the break, a wrong way driver leads police on a chase through the valley and it comes to an end right outside of our fox 10 studios. >> gorgeous start to your weekend but changes in the forecast. we will let you know when that mercury will start to rise again. >> yeah, i know. no asu today or arizona cardinals tomorrow. we still have plenty of football to talk about. of a taking on the cougars of washington state. highlights of that game and much as police arrest a wrong way >>> tense homes as police arrest a wrong way driver in front of our fox 10 studios here in downtown phoenix. >> that's some saturday morning. dozens of officers from gilbert, dps and phoenix surrounded the suspect's car as canines were sent in to take him down. gilbert police telling fox 10 that this all started before 3:00 a.m. when several 911 calls came in reporting a wrong way driver in the area of arizona avenue

and my comment on this is that cybersecurity has not only to do with cyber defense. cybersecurity is about striking the balance between cyber defense and cyber offense. so, is there enough consistency in our intelligence systems between the two? because the weaknesses of the systems that should be addressed in order to protect, to make our electoral environments safer, are also potential entry points for attacking other systems. so, is there consistency in our societies when they deal with intelligence and cybersecurity between the defense and the offense? and i think there is not enough clarity on that. it would be interesting to see whether this bill could actually imply imposing some restrictions on the cyber attack side of these conundrum of cybersecurity. >> so, i just want to -- i'll come to your question in one second. so, this has been a very frustrating thing for me and probably for all of you as well, is that you see one story in the news that says that putin could hack the presidential election, and then you see another story that says, no, it's not going

how many automotive sus cybersecurity experts out there? there are some names with i know but this allows us to identify those people. say in the future we do a closed bounty program? these are the people we want to work with because they have a history of finding things. >> the benefit of the disclosure programs are vast. we heard a couple this morning and this opening comments but why are some companies vendors still resisting programs? what are some reasons why some companies are not adopting bug bounties? they must not care about security. that's not the --. the fact is of course i tried to provoke you who --. it has been proven to be not just the best but the only way to detect vulnerabilities in live software. it is such that when human beings create problems, only human beings can find them. and not the same human beings. and not a small group of human beings. we've seen this effect in open source software why i've spent the last is15 years. and i remember when we came with this database to people they said no i can't use it it's dan

. >> former head of the cyber command general keith alexander discussed cybersecurity in the u.s. an event hosted by the atlantic magazine. he's interviewed by louise kel kelly. this is just under an hour. after the conversation we want to hear from you, so we are going to have time for questions and with that please welcome general keith alexander and to lead thme that the conversatione contributor who covers national security for npr. the stage is yours. welcome. [applause] good evening, everybody. it's a pleasure to be here seven days and counting. it's been a challenge to try to prepare to interview you because i got word a few weeks ago and as i went about my job covering national security at npr i would get some ideas and jotted down n and then some new event would happen whether it was the word of another russian hack or word that the nsa had been breached or the reports just outside communications, maybe mysterious communications between a donald trump server and a big russian bank all of which is to say i've rewritten my nose to interview you about 17 times and it speaks

cybersecurity experts will monitor election day from dhs's cybersecurity center and cyber fly teams will be standing by to deploy if there are any attacks. in new york bryan llenas, fox news. later today on fox... stick around for our fox5 news special. our team u-s/mexico border... to look into a controversial campaign issue: immigration. fox5 spent days in the desert known as a hot-bed for illegal drug activity. the team drove there with a las vegas man who volunteers his time to patrol... and be on the lookout for drug smugglers. then they traveled around... and met the men and women who enforce immigration laws. we'll also look into why people emigrate to the united states illegally. you can catch this exclusive show this afternoon at one if you missed a story or want to re-watch one... just download the fox5 app. we've got all our videos... and you can watch the newscast live... the fox5 app is free in the app store. the lights are back on at the paris hotel and casino--- after a power outage a few days ago forced thousands to evacuate. but even though paris is operating business as

there are a number of countries that are very progressive cybersecurity with great britain as an example of the cybersecurity work to the telecommunications sector if you're going to be offering telecommunications services that you have to be certified. >> do you see any type of consensus pdf? >> what recommendations would you give to congress to help the conversation correct. >> i will go back to my original point that i do believe we could get some pressure focused in this area to have that buying in investment patterns that by setting the standards the domestic and international groups coming to set the standards to force those buying behaviors of consumers that is a major step forward. >> allotted reports are indicating the number of connected devices we heard between 20 and 50 billion devices but what should they think about and general regarding several security or what does that take away? >> i think an innovation is progressing faster than what tends to happen if you go on that biorhythm of lack of unforeseen consequences. our ability to adapt and respond is what keeps the infras

we put out the advanced notice of the proposed rule making that suggest higher standards of cybersecurityrotections for institutions that are systemically important and from those that are interconnected that spill over to the entire financial system proposing the highest standards given the fact they could be a source of vulnerability. but i would say that we are focused with our own supervision working closely with financial regulators and the treasury to take the lead that this is something congress needs to look at very carefully. is unjust of matter of financial institutions and others involved in the economy and it is so broad thread that we are not able to do with adequate funding can. >> pilot 42 taking you up on your offer to have a more detailed discussion as to what is happening at the federal reserve as all this merges together issues stated the most significant threat that we face a while look forward to working closely with you. >> we have a process to go forward i think we are between votes? we will give you your five minutes. >> one of the controversial effects is last tim