WEBVTT 00:00.104 --> 00:03.000 will be walking onto the sixth hearing before the senate foreign 00:03.000 --> 00:06.600 relations subcommittee on east asia pacific an international 00:06.600 --> 00:09.977 cyber security policy in the fourteenth congress and her first 00:09.977 --> 00:13.860 tour in 2016 o one a thank ranking member carden who of course 00:13.860 --> 00:17.780 also a chairs the is and serves as the a ranking of the full 00:17.780 --> 00:20.472 committee for his cooperation is weak continue our port work 00:20.472 --> 00:24.250 together to address the important issues within this subcommittee's 00:24.250 --> 00:27.730 jurisdiction at today's hearing will be our second hearing on 00:27.730 --> 00:30.430 cyber security in the subcommittee which I believe goes to show 00:30.430 --> 00:33.810 the extent to which a cyber issues has become a strategic matter 00:34.080 --> 00:36.880 a critical to the foreign policy of our nation and subsequently 00:36.880 --> 00:40.200 to this committee's work and we are glad to welcome back as a 00:40.200 --> 00:43.691 witness the state department cyber security coordinator chris 00:43.691 --> 00:46.983 painter and this is a year a second time I believe testified 00:46.991 --> 00:50.259 before the subcommittee and we hope here for mr painter today 00:50.260 --> 00:53.499 about what has changed since we met just over a year ago an ar 00:53.499 --> 00:56.479 for cyber hearing of the subcommittee what global threats we 00:56.479 --> 00:59.520 are still facing and most importantly what we can do as a nation 00:59.520 --> 01:03.030 to deter those threats stick from his now released the department 01:03.030 --> 01:07.080 of state international cyberspace policy strategy as mandated 01:07.080 --> 01:11.850 by the amendment senator cardin I authored the 2016 omnibus legislation 01:11.948 --> 01:14.850 we think mr painter for fulfilling this congressional mandate 01:14.850 --> 01:17.870 in producing this document which will better inform his committee's 01:17.870 --> 01:21.290 efforts going forward and I commend you for standing up the cyber 01:21.290 --> 01:24.580 efforts at state and elevating cypresses to the forefront of 01:24.580 --> 01:28.500 our nation's diplomacy but we still obviously have a lot of questions 01:28.500 --> 01:31.993 about how this approach is being implemented how effective it 01:31.993 --> 01:34.610 is in deterring foreign cyber threats and how we can continue 01:34.610 --> 01:40.060 to build a viable norms in cyberspace or efforts to include detour 01:40.080 --> 01:43.450 in china chinese actors from continuing to conduct the commercial 01:43.450 --> 01:46.350 espionage against that states with agreements made last fall 01:46.570 --> 01:50.540 how those agreements are or are not being implemented at the 01:50.540 --> 01:53.910 questions remain about the sensitive data being stolen in the 01:53.910 --> 01:57.090 breech of the office of personnel management last year and other 01:57.160 --> 02:03.196 circumstances around the globe and so as we discuss russia and 02:03.197 --> 02:07.920 we discussed ukraine a we discuss iran we discuss united nations 02:07.920 --> 02:12.530 activities this is an important hearing up to place our cyber 02:12.530 --> 02:16.656 policy in the strategic role and so with that said on the news 02:16.656 --> 02:19.600 letter but you know right now we have her in entered into separating 02:19.792 --> 02:25.620 votes 11 o'clock and so we will wait as long as we can if necessary 02:25.856 --> 02:30.754 and that the series before we adjourn the committee hearing so 02:30.754 --> 02:33.413 thank you mister pager and with that I will turn it to a ranking 02:33.413 --> 02:37.290 member to regard for maryland well centered on a personal thank 02:37.290 --> 02:40.520 you for your leadership on the subcommittee of critically and 02:40.560 --> 02:44.872 gordon subcommittee of that deals with east asia deals with a 02:44.872 --> 02:49.787 civic and deals with international cyber security policy always 02:49.787 --> 02:53.000 sirleaf had a very busy agenda under your leadership and it's 02:53.000 --> 02:56.991 been a pleasure to work with you guys we should note presidents 02:56.991 --> 03:01.229 in vietnam that was part of the our challenges is the aman of 03:01.700 --> 03:05.986 stronger ties with the countries of asia all we've also corresponding 03:06.146 --> 03:09.470 much very much engaged in north korea and their proliferation 03:09.470 --> 03:13.500 activities and well as course channel and then later today there 03:13.500 --> 03:16.450 will be a full committee briefing on the traffic is trafficking 03:16.450 --> 03:20.186 in persons report and there are several countries in asia that 03:20.186 --> 03:23.710 are all major interest in regard to trafficking and other human 03:23.710 --> 03:27.830 rights concern so this is been a very busy subcommittee and I 03:27.830 --> 03:30.810 thank you for the manner that we've been able to work together 03:31.100 --> 03:34.810 all as we should on foreign policy issues without a partisan 03:34.810 --> 03:38.972 division so they can very much the cyber represents a new domain 03:39.002 --> 03:42.470 and global figures likely to be a son of again and shaping the 03:42.470 --> 03:46.470 world of the 20 first century as nuclear weapons were in shaping 03:46.470 --> 03:50.050 the twentieth century I have united states and others in the 03:50.050 --> 03:53.910 international community develop norms of behavior or shore freedom 03:53.910 --> 03:57.917 of expression and understand how concepts such as deterrents 03:57.969 --> 04:02.080 supply and cyber space will be critical foreign policy challenges 04:02.290 --> 04:06.440 in the years ahead these are could be easy that'd cause it what 04:06.440 --> 04:10.295 one person sees as a national cure the issue and others looks 04:10.308 --> 04:14.530 at his repressed and repressive to the ability of individuals 04:14.530 --> 04:18.790 to be able to get information out in their country help cyber 04:18.790 --> 04:23.190 technology is used to advance the flow of information and to 04:23.190 --> 04:27.740 protect us against cyber attacks can also be used to repress 04:27.740 --> 04:31.660 it people from being able to get information by governments that 04:31.660 --> 04:37.160 look at cyber is a threat to the to their all full tala terrien 04:37.205 --> 04:41.650 regimes so we have challenges here and how we deal with this 04:41.690 --> 04:45.450 is gonna be one of the major security challenges that face america 04:45.860 --> 04:49.570 the internet must belong to its users not john as the states 04:49.970 --> 04:53.306 they're especially repressive regimes like russian china they're 04:53.350 --> 04:56.600 seeking to block or control access to their people to the internet 04:57.070 --> 04:59.890 we will not be able to realize the full potential the internet 04:59.890 --> 05:03.480 to support freedom civil society and human dignity as long as 05:03.480 --> 05:07.610 certain nations continue to severely restrict internet freedom 05:07.950 --> 05:11.460 we need to be ca anderson of the dangers that cyberspace presents 05:11.590 --> 05:15.010 for human progress and political rights the same tools of internet 05:15.010 --> 05:18.110 freedom that can be used to organize movements for free speech 05:18.710 --> 05:23.690 all can also be used by isis to screw hatred and incite violence 05:23.720 --> 05:27.390 against the innocents technologies with the potential to open 05:27.390 --> 05:31.549 up access to government it can also be hijacked to crush dissent 05:31.850 --> 05:36.620 and crush human rights unit technologies do not take sides in 05:36.620 --> 05:40.810 the struggle for human rights but the united states a boxed we 05:40.810 --> 05:43.950 need to be leaders in upholding the principles of internet freedom 05:43.950 --> 05:48.494 and human rights in cyberspace we need the synchronized america's 05:49.053 --> 05:53.550 unit technology leadership with indisputable values and principles 05:53.940 --> 05:58.160 that would america brings to this international debate and that's 05:58.160 --> 06:01.740 why it's critically important that we develop except the bsl 06:01.740 --> 06:05.810 international norms in regards to the use of cyber and what is 06:05.810 --> 06:10.150 expected though obviously and it was we will we look forward 06:10.420 --> 06:14.120 all to building those norms last year the united states and china 06:14.120 --> 06:17.860 reached an unprecedented deal to combat cyber enabled theft of 06:17.860 --> 06:20.930 intellectual property with the intent of providing competitive 06:20.930 --> 06:24.600 advantage to companies or commercial sectors and to me that was 06:24.970 --> 06:28.467 an incredibly important moment but how is it being implemented 06:28.880 --> 06:33.610 m one what what how will that lead to acceptable international 06:33.610 --> 06:37.970 norms of the agreement took a noose in significance at the g 06:37.970 --> 06:41.030 20 summit in turkey when john agreed to join the rest of the 06:41.030 --> 06:45.330 g 20 nations and jointly affirming for the first time that no 06:45.330 --> 06:48.560 country should conduct or support information and communication 06:48.560 --> 06:52.248 technology in the but that of intellectual property with intent 06:52.248 --> 06:55.100 to providing competitive advantages to companies or commercial 06:55.100 --> 07:00.065 sectors I will support the u s china cyber grayman I am concerned 07:00.065 --> 07:02.764 that china money may not be living up to its terms about the 07:02.809 --> 07:06.320 day that will have chance to stricter review that i'm concerned 07:06.320 --> 07:09.561 that there's too much ambiguity in our current cyber deterrence 07:09.680 --> 07:12.994 policy which leaves are of a series confused about what behavior 07:12.995 --> 07:16.650 in cyberspace the united states is willing to tolerate we have 07:17.090 --> 07:21.015 we have what we have learned from the sony attack in the opium 07:21.015 --> 07:24.550 and hack into germany in what is considered appropriate in terms 07:24.550 --> 07:28.080 of an attack as opposed to mapping or other acceptable activities 07:28.319 --> 07:32.150 would have your word rudi where do you draw the right line and 07:32.180 --> 07:36.231 is that clear by u s policies internationally with german there 07:36.231 --> 07:39.875 a lot of issues that we need to review and this subcommittee 07:39.930 --> 07:44.379 has the responsibility ought to continue our active engagement 07:44.379 --> 07:46.751 and were joined at the day by the searing and I thank you in 07:46.751 --> 07:50.370 all the forward to listening to mister kramer thank you senator 07:50.370 --> 07:53.750 cardin a course will turn to our witness chris painter ad today 07:53.750 --> 07:56.750 the audible crist matruh serves as the state department's coordinator 07:56.750 --> 08:00.440 for cyber issues in this capacity mistress mr paynter coordinated 08:00.440 --> 08:03.540 and leaves the united states diplomatic efforts and implement 08:03.540 --> 08:07.052 the president's international strategy for cyberspace he works 08:07.052 --> 08:09.520 closely with components across the department other agencies 08:09.520 --> 08:12.900 the why how's the private sector and civil society prior to joining 08:12.900 --> 08:15.270 the state department mr paynter served in the white house as 08:15.270 --> 08:18.890 senior director for cyber security policy and the national security 08:18.890 --> 08:22.170 staff during its two years the white house mr pink mr paynter 08:22.170 --> 08:24.839 was a senior member of the team that conducted the president 08:24.839 --> 08:29.220 cyberspace policy review and subsequently served as acting cyberspace 08:29.310 --> 08:32.680 to cyprus he recorded the cornell development the president's 08:32.680 --> 08:37.280 2011 a national strategy for cyberspace welcome again mr painter 08:37.280 --> 08:39.944 to the subcommittee and thank you for your service we look for 08:39.944 --> 08:44.230 to testimony I thank you very much and the german gardiner ranking 08:44.230 --> 08:47.580 member card members of the subcommittee on east asia the pacific 08:47.960 --> 08:51.220 and international cyber security policy to is indeed a pleasure 08:51.520 --> 08:54.270 to appear again before your subcommittee to provide an update 08:54.640 --> 08:57.838 on our efforts to deter foreign threats and promote global norms 08:57.838 --> 09:01.000 in cyberspace and I would agree that the fact that this committee 09:01.000 --> 09:04.500 has shown attention to this issue helps heighten this issue as 09:04.500 --> 09:07.890 a foreign policy issue both here and around the world since I 09:07.890 --> 09:11.220 testified before your subcommittee one year ago the department 09:11.220 --> 09:14.500 of state has continued to make significant progress working closely 09:14.500 --> 09:17.550 with other federal departments and agencies across all of our 09:17.550 --> 09:21.790 policy priorities including international security internet governance 09:22.050 --> 09:25.990 cyber security due diligence cybercrime internet freedom and 09:25.990 --> 09:30.600 internet access and is also on point known as the chair been 09:30.600 --> 09:33.768 noted in the last month of the tarn department submitted to congress 09:33.768 --> 09:37.350 that upon the state international cyberspace policy strategy 09:38.072 --> 09:41.070 and therefore to bad i'm going to focus my remarks in a few of 09:41.070 --> 09:44.210 our recent successes in promoting our framework for international 09:44.210 --> 09:48.030 cyber stability however I am happy to answer any questions regarding 09:48.030 --> 09:51.419 the strategy which is which addresses all of our priorities in 09:51.419 --> 09:54.560 greater detail or any questions for my written testimony that 09:54.560 --> 09:58.120 was submitted for the record as described in those documents 09:58.120 --> 10:01.003 we have spearheaded the promotion of a framework for stability 10:01.003 --> 10:04.890 in cyberspace based on first the applicability of international 10:04.890 --> 10:09.060 law to state behavior in cyberspace second the identification 10:09.060 --> 10:12.192 of additional voluntary norms of responsible state behavior in 10:12.193 --> 10:16.240 cyberspace that apply during peacetime and third the development 10:16.240 --> 10:19.040 and implementation of practical confidence building measures 10:19.370 --> 10:23.270 to reduce the risk of misperception in escalation I would like 10:23.270 --> 10:26.027 to highlight today some significant developments that occur in 10:26.027 --> 10:29.378 the last year two advances framework of special interest to this 10:29.378 --> 10:32.579 subfamily are developments which are and as a subcommittee is 10:32.580 --> 10:35.560 well aware the nyse trades strongly opposes the use of cyber 10:35.560 --> 10:39.390 technology to steal intellectual property for commercial advantage 10:39.390 --> 10:43.014 and is continuously raises concern with china for some time in 10:43.014 --> 10:46.150 september 20 fifth in the us and china reached agreement during 10:46.150 --> 10:50.330 presidencies in pangs state visit on several key commitments 10:50.330 --> 10:53.479 on cyber issue was among those commitments and additional ones 10:53.480 --> 10:56.940 relating to law enforcement cooperation where that won neither 10:56.940 --> 11:00.150 country's government will conduct or knowingly support cyber 11:00.150 --> 11:03.310 enabled daft and intellectual property for commercial advantage 11:03.310 --> 11:07.040 and to both governments will work together to further identify 11:07.040 --> 11:10.590 promote appropriate norms of state behavior in cyberspace and 11:10.590 --> 11:13.280 hold a senior al experts group on international security issues 11:13.280 --> 11:17.070 in cyberspace while these commitments do not resolve all of our 11:17.070 --> 11:20.960 challenges with china on cyber issues nevertheless they do represent 11:20.960 --> 11:24.380 a step forward nor efforts to address one of the sharpest areas 11:24.380 --> 11:28.520 of disagreement and the u s china bilateral relationship I would 11:28.520 --> 11:31.948 also note that two weeks ago today on may eleventh we hosted 11:31.949 --> 11:34.808 the first meeting of the senior experts group in washington on 11:34.808 --> 11:38.470 the national security issues in cyberspace which provides a forum 11:38.470 --> 11:42.350 to further engage china on its views and seek common ground regarding 11:42.350 --> 11:46.110 norms estate behavior in cyberspace another topics agreement 11:46.110 --> 11:49.320 with china last year is parked in park build upon the success 11:49.320 --> 11:52.550 we had a few months earlier with the united nations group of 11:52.550 --> 11:55.258 governmental experts and when the united states in there tions 11:55.285 --> 11:58.826 gribble gamma lies which reached a consensus on its third reports 11:58.826 --> 12:03.760 and 20 of 2009 on issues related international security in cyberspace 12:03.760 --> 12:08.370 the 20 15 gigi reports most significant achievement was its recommendation 12:08.370 --> 12:11.468 regarding voluntary norms estate behavior designed to offer peace 12:11.468 --> 12:14.260 time which included concepts that have been championed by the 12:14.260 --> 12:18.030 u s these include norms against harming critical infrastructure 12:18.317 --> 12:21.510 are computers appear a security incident response teams as well 12:21.510 --> 12:24.300 as a norm that states respond to a properly requested mitigating 12:24.300 --> 12:27.120 malicious cyber activity and in emanating from their territory 12:27.760 --> 12:30.340 both of these developments I just mentioned fed into a third 12:30.340 --> 12:33.860 major accomplishment last november the leaders of the g 20 meeting 12:33.860 --> 12:36.910 in turkey strongly endorsed the us approach to promoting stability 12:36.910 --> 12:40.049 in cyberspace the latest communique affirmed that state should 12:40.049 --> 12:42.900 not conduct or support cyber theft of intellectual property for 12:42.900 --> 12:46.480 commercial advantage the communique also highlighted a 20 15 12:46.480 --> 12:50.458 gigi reported this cost affirmed in a national law and particularly 12:50.459 --> 12:54.517 the un charter applies to state conduct in cyberspace and endorsed 12:54.517 --> 12:57.210 the view the hostage the bye bye norms are responsible state 12:57.210 --> 13:00.470 behavior in cyberspace these three developments occurring in 13:00.470 --> 13:03.360 a remarkably short period of time along with recent agreements 13:03.360 --> 13:06.620 into regional security organizations to advance our work in developing 13:06.620 --> 13:09.640 cyber confidence building measures collectively represents a 13:09.640 --> 13:12.420 major step towards international acceptance of the us approach 13:12.420 --> 13:15.790 to promoting stability in cyberspace gives us great momentum 13:15.790 --> 13:18.350 as we work to convince more states to endorse our approach at 13:18.350 --> 13:21.311 the leaders level as removing two of the upcoming round of the 13:21.311 --> 13:24.370 gigi the begins in august where we hope to further develop his 13:24.381 --> 13:27.565 framework while they can be proud of our recent successes as 13:27.565 --> 13:30.777 important all swing out the prefect they still face a range of 13:30.777 --> 13:33.479 policy and technical challenges to our vision of an open inner 13:33.520 --> 13:37.780 operable secure and reliable cyberspace as we look ahead cyber 13:37.780 --> 13:40.010 security will continue to be a challenge to the united states 13:40.010 --> 13:42.770 we take into consideration the rapidly expanding a barman of 13:42.770 --> 13:46.500 global cyber threats the increasing reliance on information the 13:46.500 --> 13:49.400 reality that many developing nations are still in the early stages 13:49.400 --> 13:53.050 of their cyber maturity and the ongoing and increasingly sophisticated 13:53.050 --> 13:55.920 use of information technology by terrorists and other criminals 13:56.430 --> 13:59.263 there or that upon the state into space a continued increase 13:59.263 --> 14:02.530 and an expansion of our cyber focused of american capacity building 14:02.530 --> 14:05.860 efforts for the foreseeable future are again i'm happy to be 14:05.940 --> 14:09.376 here before the subcommittee unhappy taken questions that mr 14:09.376 --> 14:13.818 paynter and that all begin with with questions of odyssey of 14:13.819 --> 14:16.810 the past several years since 2011 which with the publication 14:16.810 --> 14:20.540 of the international strategy for cyberspace and out of the white 14:20.540 --> 14:25.410 house and we have seen activities from russia attacking critical 14:25.410 --> 14:30.760 infrastructure in ukraine I last december we've seen reports 14:30.760 --> 14:35.180 of a targeting of u s critical infrastructure by various actors 14:35.499 --> 14:39.289 now we've seen news reports of iranian agents attempting to access 14:39.289 --> 14:45.190 a a dam near new york city and we've seen north korea develop 14:45.190 --> 14:48.080 cyber is an asymmetric tool to threaten its neighbors and united 14:48.080 --> 14:54.826 states and we we continue to see other actions I despite the 14:55.301 --> 14:58.300 conversations negotiations that we have and so in light of all 14:58.300 --> 15:04.050 these attacks from russia china iran or supposed to supposed 15:04.050 --> 15:10.110 attacks from these nations does the 2011 cyber space strategy 15:10.110 --> 15:14.260 international cyberspace accurately reflect of the threats that 15:14.260 --> 15:21.200 we face today and if not what has changed in the 2011 cyber space 15:21.200 --> 15:25.420 strategy and what needs to change so I think the 2011 strategy 15:25.420 --> 15:28.100 was as you know a high level document the talked about our goals 15:28.100 --> 15:31.550 in cyberspace those goals haven't changed but I do think that 15:31.550 --> 15:34.620 as we look at the various challenges are facing in cyberspace 15:34.620 --> 15:37.420 particularly by various threat actors around the world we are 15:37.420 --> 15:40.580 gonna continue to hone the way we implement those goals and achieve 15:40.580 --> 15:44.252 those goals the strategy that was submitted to congress pursuant 15:44.253 --> 15:48.310 to the requirement of the committee are talks about both some 15:48.310 --> 15:51.062 of the threat actors are saying but also some atolls we have 15:51.062 --> 15:55.069 an actual sat two two to mitigate the stressing a lot of those 15:55.128 --> 15:58.060 rats and that's gonna be a continuing conversation and is to 15:58.060 --> 16:01.360 be continuing a flexible approach that we have that uses a lot 16:01.360 --> 16:03.989 of the tools and on national tours that really all the tools 16:03.989 --> 16:07.857 we and thus tolls one thing we said in our international strachan 16:07.886 --> 16:11.500 20 11 is that we need to look at all the tools we have is a government 16:11.500 --> 16:14.710 a whole of government approach that uses everything from our 16:14.740 --> 16:19.352 economic tools are diplomatic tool certainly what I do our our 16:19.450 --> 16:23.800 our law enforcement tools are under trade tools away might have 16:23.800 --> 16:26.870 an even archery tools in appropriate circumstances after was 16:26.870 --> 16:29.360 exhausted other remedies so we have to look at all the various 16:29.360 --> 16:33.795 tools we have i'd say and i'm in on some of the issues you are 16:33.795 --> 16:38.152 you raised about how I don't think we have a maid complete attribution 16:38.152 --> 16:41.259 but on some we have already been using a variant of variety though 16:41.259 --> 16:44.652 still certainly in terms of the diplomatic tools we have use 16:44.652 --> 16:48.310 the tools that diplomats here is we have not used them both against 16:48.310 --> 16:52.090 the people we are unhappy with and been very clear about what 16:52.090 --> 16:57.360 our concerns are I would argue that on the u s china agreement 16:57.360 --> 17:00.330 came about because this was raised consistently at a very high 17:00.330 --> 17:02.980 level of our government as the major area fraction that would 17:02.980 --> 17:06.520 affect not just sigh bridges between our two countries but really 17:06.520 --> 17:09.540 the whole the relationship and that was significant I think the 17:09.540 --> 17:12.273 fact that we have other tools include long forsman tools are 17:12.274 --> 17:16.240 used to indict pillai offices not case or more recently the indictment 17:16.240 --> 17:20.391 of the iranian actors for the dial service attacks and they are 17:20.823 --> 17:24.290 the outcome tracing the dam as a significant use of those tools 17:24.290 --> 17:27.680 that sen the deterrent message in that important how we have 17:27.680 --> 17:32.197 a sanctions of regime of four cyber we also have our banks of 17:32.197 --> 17:37.180 achaea to you obviously about a an additional sanctions authority 17:37.180 --> 17:40.480 for north korea we've used a north korean sessions the party 17:40.480 --> 17:44.154 back after north korea attacks of sony a couple of years ago 17:44.184 --> 17:48.090 obsolete use those tools are accurate or prayer we are reviews 17:48.090 --> 17:51.001 of stores were re constantly have those other tools in our tool 17:51.001 --> 17:54.540 set out so we really do have a variety of different ways to go 17:54.540 --> 17:57.830 after that but we have to understand the threats can a continuance 17:57.830 --> 18:00.610 can evolve and we need to be ready to deal with that evolution 18:00.610 --> 18:04.150 and use again all the tolls in partnership so I have a role in 18:04.150 --> 18:08.268 this but I work with all my interagency colleagues ought to do 18:08.268 --> 18:11.590 this the other thing i'd mention is that part of the issue was 18:11.590 --> 18:15.030 also talking to are not just our allies but other countries about 18:15.030 --> 18:19.820 what threats are out there so when I testified last year I mentioned 18:19.820 --> 18:22.814 what we were the first officer a kind aunt and that now there 18:22.814 --> 18:25.860 are over 20 countries are countries around the way all that have 18:25.860 --> 18:29.210 offices like mine and an unknown number of additional ones are 18:29.210 --> 18:33.408 located at australia just recently announcer cyber security strategy 18:33.408 --> 18:36.120 and they're creating an office like mind for instance a more 18:36.120 --> 18:39.400 more countries are doing that significant because it means that 18:39.400 --> 18:42.760 we can at a white house level the state department level talk 18:42.760 --> 18:45.455 about uh talk with or other countries and again the whole of 18:45.457 --> 18:48.334 government by about what threats were facing and what we can 18:48.334 --> 18:51.580 right we may be able to collectively and the third thing I mentioned 18:51.580 --> 18:54.290 as that of the norms and this is a long term game so we talked 18:54.290 --> 18:56.750 about montfort mitchell's revived by trade tools we talk about 18:56.750 --> 19:00.060 other tools the norms of conduct that were trying to promote 19:00.460 --> 19:04.600 and get more more countries to sign on for an n except creates 19:04.600 --> 19:07.560 an environment of where there are rules the roman art where there 19:07.560 --> 19:10.485 is an expectation of what's appropriate conduct in cyberspace 19:10.485 --> 19:14.970 and if you have countries who are acting outside bad expectation 19:15.270 --> 19:18.240 the countries who agree can act together to to work against us 19:18.240 --> 19:21.160 transgressors and that will take a while to build we've had tremendous 19:21.160 --> 19:24.360 progress over the last year but I think we're on the right track 19:25.020 --> 19:28.343 in your testimony in the in the is written testimony talk about 19:28.343 --> 19:31.370 to the various tools to poetic tools law enforcement tools economic 19:31.370 --> 19:35.872 tools military capabilities and intelligence capabilities obviously 19:35.907 --> 19:38.410 you've talked a number of diplomatic tools or that have been 19:38.410 --> 19:41.930 utilized a talk about law enforcement tools that have been used 19:41.930 --> 19:45.180 to investigate the cyber crimes and work in partnership with 19:45.180 --> 19:48.530 other nations to help and to enlist them in this investigative 19:48.530 --> 19:51.206 efforts of the economic tools will talk about more about the 19:51.206 --> 19:55.181 economic tools could you talk about the arab financial sanctions 19:55.623 --> 19:59.770 and and when a determination is made by the bi state treasury 19:59.957 --> 20:03.800 had to move forward on economic sanctions so this as you know 20:03.800 --> 20:07.006 the president sign a couple delays I could've orders one read 20:07.007 --> 20:11.675 out in the north korea on sonny attacks where all the dead were 20:11.681 --> 20:15.573 broad sanctions that went after members of the north korean a 20:15.715 --> 20:19.320 communist party a member cis andean people supported them on 20:19.320 --> 20:22.920 to was a cyber sanctions are order which was really the first 20:22.920 --> 20:26.000 of its kind anywhere in the world that are targeted specifically 20:26.000 --> 20:29.190 various kinds of very serious cyber combat than third just most 20:29.190 --> 20:34.030 recently on the north korea sanctions at all and together and 20:34.030 --> 20:37.190 that there is an evil now that that gives voice to that was that 20:37.190 --> 20:42.470 as long as well was you an hour gerda council resolutions on 20:42.630 --> 20:45.620 that first nations are together three has been used and there 20:45.620 --> 20:48.610 is a job the president at the end decides whether sanctions are 20:48.610 --> 20:51.830 used in this the right tool I would emphasize that's one tool 20:51.830 --> 20:55.740 models and so on if you look at the various tools you will make 20:55.740 --> 20:59.129 a decision i'll watch walls are appropriate what casey mccabe 20:59.150 --> 21:02.568 flexible depending on the various threats ufa is ought to eight 21:02.568 --> 21:06.320 the cyber sanctions are order has not been used but I am fully 21:06.320 --> 21:09.590 confident it will be used and i'd also say the fact that it exists 21:09.840 --> 21:13.660 as a deterrent effect in and of itself and and also changes behavior 21:14.392 --> 21:18.003 in that city of your refrigerator second order 13 64 tracks for 21:18.011 --> 21:20.470 is there any active consideration right now sanctions under the 21:20.470 --> 21:24.520 executive order I I will argue say is that there is an interagency 21:24.520 --> 21:27.499 group that looks at this of include state includes treasury includes 21:27.537 --> 21:31.440 lighthouse includes other agencies as well I can't make any statement 21:31.440 --> 21:35.050 about on actual designations under that but as I said this is 21:35.050 --> 21:38.038 an important tool rental sent one confident will be used routes 21:38.042 --> 21:38.507 in the park 21:39.981 --> 21:44.540 I thank you again on the most that the year anniversary of the 21:44.540 --> 21:50.713 announcement of the compromise by opium of millions of americans 21:50.819 --> 21:56.410 the information being compromised through a cyber attack millions 21:56.410 --> 22:00.550 of federal workers are at risk today as a result of the an attack 22:01.079 --> 22:08.590 on their economic issues are very much at risk of m as a result 22:08.590 --> 22:16.420 of that that announcement out I think it gave extra attention 22:16.530 --> 22:20.580 to the november agreement between the united states and china 22:21.150 --> 22:25.640 that we've referred to several times what the agreement we entered 22:25.640 --> 22:32.300 into with china abney effect of intervening china from actively 22:32.300 --> 22:37.750 engaging in that type of book attack against american all federal 22:37.750 --> 22:42.070 workers are out wide says that the we obviously take that kind 22:42.070 --> 22:45.114 of activity very seriously there's been a lot of work that the 22:45.114 --> 22:47.950 administration is dawn including the one thing I didn't mention 22:47.950 --> 22:51.640 in response to senator gardeners a question which is to me a 22:51.640 --> 22:54.360 lot of work to harm the target doing a lot of work to make sure 22:54.360 --> 22:58.540 we're doing to turns by the miles so the recent seen apple announcements 22:58.540 --> 23:02.110 by the administration both in terms of funding but also in terms 23:02.110 --> 23:04.550 of the programmatic changes to make sure that there is better 23:04.550 --> 23:08.030 protection of government systems are are part of how we keep 23:08.030 --> 23:12.221 that from happening in the future after the enemy had not made 23:12.223 --> 23:15.720 an hour and a public attribution of the lpm attack as I believe 23:15.720 --> 23:18.896 you know all or the character of it but I would but i'd say it 23:18.896 --> 23:23.760 is the agreement but we did say to china at the time and I think 23:23.760 --> 23:27.090 that secretary ogden presenter gleichen mention this is that 23:27.090 --> 23:30.893 kind of all that time intrusion is just too big to ignore him 23:30.893 --> 23:34.360 too disruptive and it's a real concern with resp act two the 23:34.360 --> 23:38.900 agreement that was made in the context of the shiva on this agreement 23:38.900 --> 23:42.650 not to use cyber to steal intellectual property for purposes 23:42.650 --> 23:46.540 of benefiting a commercial sector on that was something we don't 23:46.540 --> 23:49.109 do we don't think any country around the world should do and 23:49.109 --> 23:53.699 quite frankly I as as you know are china was not willing to take 23:53.699 --> 23:57.430 that that's a distinction that the distinction between intelligence 23:57.430 --> 24:00.238 gathering that every country does and the kind of commercial 24:00.264 --> 24:04.099 staff to benefit the vedic I think I know your your answers leaving 24:04.300 --> 24:08.980 which is now a wooden cover that type of all but I but I do think 24:08.980 --> 24:12.200 that the other thing it did was great number of mechanisms including 24:12.200 --> 24:15.559 the mechanism that's led by the from a general and they are secretary 24:15.559 --> 24:19.060 of homeland security and the group that I laid that allows for 24:19.060 --> 24:22.055 messaging in those context we didn't have those messaging channels 24:22.060 --> 24:27.226 before three years why I think it it does cover that 24:28.440 --> 24:31.930 china's largest companies are government owned 24:33.560 --> 24:38.000 so how do you deal with the issue of competitive advantage to 24:38.000 --> 24:43.520 companies all commercial sectors when you're dealing with a country 24:43.550 --> 24:48.420 china where so much of its economy is controlled by the government 24:49.080 --> 24:54.020 does not dare attack against our workforce very much affect their 24:54.020 --> 24:57.300 commercial advantage by either I think specifically what the 24:57.300 --> 25:01.680 agreement was then god in of approved at it at the g 20 minutes 25:01.683 --> 25:05.850 agreement that also got approved just right after she was here 25:05.850 --> 25:10.240 for his summit with a mama he went to the u k by mr cameron asked 25:10.240 --> 25:14.267 for a similar agreement idol mark lazarus sr as similar agreement 25:14.270 --> 25:18.690 and then we had the an oddity 20 statements specifically talks 25:18.690 --> 25:22.760 about daft of trade secrets intellectual property I as the as 25:22.760 --> 25:25.459 the thing was being stolen to benefit a commercial sector numbers 25:25.472 --> 25:28.310 and many things like that and even if it's a state owned enterprise 25:28.310 --> 25:31.820 I would submit that theft of english or property can be of even 25:31.820 --> 25:34.850 if it's going to a state owned enterprise violate that agreement 25:34.850 --> 25:37.680 if it's being used to benefit what's there in the commercial 25:37.680 --> 25:40.290 sector so that is what we're working on that so we're looking 25:40.290 --> 25:44.050 at very closely of course as we wanna stop all kinds of interactions 25:44.050 --> 25:47.660 of course we wanna stop intrusions even if they're for intelligence 25:47.660 --> 25:51.800 purposes but we need to do as good a job as we can to both to 25:51.800 --> 25:54.310 make sure we're preventing those and that's why the deterrence 25:54.310 --> 25:57.410 by the nile and farber to protection of our federal networks 25:57.410 --> 26:02.860 is really important are you prepared to advise the this committee 26:02.860 --> 26:09.540 as to whether the agreement with china has resulted in a reduced 26:09.540 --> 26:15.750 amount of activity by china in its attempts to steal intellectual 26:15.750 --> 26:19.944 property from american companies so I would have the backyard 26:20.025 --> 26:24.100 rises they I think recently i'm a rogers testified that this 26:24.100 --> 26:26.820 committee but another committee that we are watching very closely 26:26.820 --> 26:30.300 and the jury still out I think I director comey has said that 26:30.300 --> 26:34.842 he's seen some some more cooperation on cybercrime cases are 26:34.842 --> 26:37.151 we are we are looking closely and were connected to the local 26:37.151 --> 26:40.180 oscillator and all of our government and all the the tools of 26:40.180 --> 26:43.980 our government of being used to make sure that that's big that 26:43.980 --> 26:47.890 commitment is being honored I would also make clear however that 26:47.890 --> 26:51.490 as the president said how words are not enough we need to see 26:51.490 --> 26:54.678 them a short actions or matching and that we haven't taken a 26:54.680 --> 26:58.482 tools off the table we haven't taken on and eda tools we have 26:58.482 --> 27:01.180 only the tools I talked about in response to senator garters 27:01.180 --> 27:04.769 question off the tape or if we find that china's not complying 27:04.769 --> 27:10.580 with the grim well i'd I would just point out up I support moving 27:10.580 --> 27:14.360 forward with protocols of other countries you're dealing with 27:14.660 --> 27:17.450 a controlled economy you're dealing with a communist country 27:17.450 --> 27:22.540 in china and if the agreement does not protect our federal workforce 27:23.191 --> 27:28.080 than we can expect more in direct agreements with other countries 27:28.110 --> 27:33.500 you don't invade the privacy of a workforce and call that intelligence 27:33.500 --> 27:37.090 gathering for your national security that should be in the same 27:37.090 --> 27:41.910 category as the agreement that covers the theft of intellectual 27:41.910 --> 27:47.070 property and not if you're dealing with a country that has controlled 27:47.300 --> 27:52.600 companies then that we need to also understand that that needs 27:52.600 --> 27:56.615 to cover the type of activities that are being done by the chinese 27:56.939 --> 28:00.840 government so I hear just saying and not the federal workforce 28:00.840 --> 28:03.740 very much depends upon the use of technology to protect them 28:04.120 --> 28:07.300 but they also expect that we're going to be a raising these issues 28:07.300 --> 28:10.876 at the highest levels all in order to protect our workforce in 28:10.876 --> 28:14.579 august they should not be fair game and now the world of all 28:14.584 --> 28:20.290 intellectual on the era as a cyber attack timothy and I don't 28:20.290 --> 28:22.793 disagree that the five and a member of the federal workforce 28:22.793 --> 28:26.745 so I am I totally green items or that that we need to do now 28:26.745 --> 28:29.759 that there's an entity the now has all your personal information 28:29.759 --> 28:33.958 are either going to do in her life 103 to protect that information 28:33.982 --> 28:37.660 I do think that you see in a lot of activity and has really been 28:37.660 --> 28:41.090 sustained activity by but some of the recent announcements that 28:41.090 --> 28:44.724 talk about for instance appointing a federal sia you white house 28:44.724 --> 28:47.838 cia so as the chief information security officer we haven't had 28:47.838 --> 28:50.960 that before trying to make sure we have much better protections 28:50.960 --> 28:54.250 including the art of the dea agents on sign system these are 28:54.250 --> 28:56.950 all critical and this is not easy I mean you mention this is 28:56.950 --> 29:00.400 not easy because it's an asymmetric threat often in making sure 29:00.400 --> 29:03.110 that you get the protections implies it's hard to protect systems 29:03.410 --> 29:06.251 but is a lot of work we can and should be doing and and we are 29:07.044 --> 29:10.882 all I have other questions by which the next round I think senator 29:10.903 --> 29:15.150 cardin of just following up on that the opium question and in 29:15.150 --> 29:19.650 march I think emmitt marcia george komi hadn't been was the visit 29:19.650 --> 29:25.240 with us my level of chinese officials on further cyber crime 29:25.240 --> 29:29.110 issues investigations at do you know the the subject matter of 29:29.110 --> 29:32.650 that conversation did lead to opium what was or discussions about 29:33.319 --> 29:37.012 cooperation on finalizing her in resolution the opium on i'm 29:37.048 --> 29:41.044 i'm I will defer the f b I fronted a substance of any conversations 29:41.044 --> 29:43.955 and the law enforcement channels or investigatory channels on 29:43.961 --> 29:48.140 the cell and overall comment on that out in clearly out one of 29:48.140 --> 29:51.640 the mechanisms of a set up was a smack in islam that is led by 29:51.640 --> 29:55.779 the attorney general in the sector of aman security out there 29:55.955 --> 29:58.330 they're out there a number of things that came out that including 29:58.330 --> 30:01.980 a protocol for making sure where alan ball sharing in making 30:01.980 --> 30:04.930 requests of information from each other up in american economists 30:04.960 --> 30:08.580 of a conversation the director was a moment when talking about 30:08.580 --> 30:11.460 the tools available to deflect tools on fortune tools economic 30:11.460 --> 30:17.658 tools and a denial of efforts to end deterrence the state department 30:17.658 --> 30:20.230 is in communication department of france on a number of these 30:20.230 --> 30:26.058 issues as the sticker never evers denied a request by the department's 30:26.059 --> 30:30.109 reaction and either retaliation or any other cyber actions it 30:30.109 --> 30:33.071 was thick what I did there is a number of ways that we talked 30:33.071 --> 30:35.910 with armed offensively as a government look at all these various 30:35.910 --> 30:39.533 policy issues and we've been very supportive of the department 30:39.533 --> 30:42.497 of sciences strategies for operating in cyberspace than after 30:42.510 --> 30:45.570 the mount i've worked with them on those are documents I have 30:45.960 --> 30:50.444 a call every two weeks with my counterpart at the idea that I 30:50.444 --> 30:53.584 was deep policy where we talk about issues that are coming in 30:53.584 --> 30:57.010 and who do you consider your counterpart aaron hughes who is 30:57.010 --> 31:00.600 the eyes the vasti form cyber essential for cyber over there 31:00.630 --> 31:03.360 and before that was eric rosenbach was now the chief of staff 31:03.360 --> 31:06.660 to the secretary officer we have a very close coordination we 31:06.660 --> 31:10.960 have are one things I do in my own department as we have a month 31:10.960 --> 31:14.580 a coordination group in fact were meeting this afternoon our 31:14.580 --> 31:17.190 referring all the different agencies including deity in all the 31:17.190 --> 31:19.690 different parts of the farming together discuss or international 31:19.690 --> 31:22.750 engagement strategy I am in the white house holds a number of 31:22.750 --> 31:26.730 meetings added in I bc and razed the policy committee a level 31:27.234 --> 31:30.563 at a c r g level was all mention of talk about a moment lost 31:30.563 --> 31:33.250 or deputies some principles level so there's a lot of interaction 31:33.250 --> 31:36.953 unlike in a comment on specific operations or how those very 31:36.953 --> 31:40.510 things are considered but I think one thing were doing as a government 31:40.510 --> 31:44.070 that is your first and I mentioned in our strategy out while 31:44.070 --> 31:46.720 the tools used in his deity developing its capabilities having 31:46.720 --> 31:49.125 more mission teams are dealing with this and that's important 31:49.125 --> 31:53.530 as one part of deterrence is one part of our crunch up and so 31:53.530 --> 31:56.247 there has been much more activity is much more unity of purpose 31:56.247 --> 32:00.170 is much more discussion of this and our doctrine allows is to 32:00.170 --> 32:03.802 take all the different aspects into account both what ashley's 32:03.803 --> 32:07.390 we need to go after wrongdoers but also what the effects on our 32:07.390 --> 32:10.310 foreign policy with their effects on other issues that when it 32:10.313 --> 32:14.430 look at our policies I think you know is to look at law enforcement 32:14.470 --> 32:18.160 and network security aspects or talk about cyber defense before 32:18.410 --> 32:22.698 going to other tools often also certainly deity is looking at 32:22.698 --> 32:26.940 tools and harry's apostoli av like eisele so young that that's 32:26.940 --> 32:30.110 another issue that we were working on a bracket wigan to those 32:30.110 --> 32:32.863 particular family without getting into this specific uses physics 32:32.863 --> 32:36.310 of any kind of action though has stated parmentier has said no 32:36.310 --> 32:39.830 to any I again I can't live like an early comment on discussions 32:39.830 --> 32:42.900 I think are continuing discussions as there should be on any 32:43.110 --> 32:46.281 possible operation that's all that we do and that the same for 32:46.281 --> 32:48.960 any the other tools in the movies the question I guess are you 32:48.960 --> 32:54.004 in a position to say no to a department defense strategy or or 32:54.255 --> 32:57.240 we have an interagency process just like of the of the comments 32:57.240 --> 33:00.400 on our strategies and did comment on the strategy that I said 33:00.400 --> 33:03.870 to you we comment on strategies and and things that they're doing 33:03.870 --> 33:06.786 as well and so it it really is a whole of government processes 33:06.792 --> 33:10.450 not any one agency acting on their own working as it is but if 33:10.450 --> 33:14.380 if if the princes with korean inside the department decided to 33:14.380 --> 33:17.881 take an action against north korea because of the sony attack 33:17.882 --> 33:22.430 or against iran because of I have added a trickling for structure 33:22.672 --> 33:25.590 and with that that discussion that discussion would go to the 33:25.590 --> 33:27.901 state department correct that that discussion would involve the 33:27.901 --> 33:30.290 state department but essentially go to the president under the 33:30.290 --> 33:33.770 president is going to make decisions about what tools we use 33:33.770 --> 33:36.850 and when and what kind of tools when the user has told us the 33:36.850 --> 33:40.164 white house is involved in that type of decision on be of it 33:40.171 --> 33:43.320 out there is just like there is in other areas there is an interagency 33:43.320 --> 33:46.840 there's a c r j the cyber response group which is state at is 33:46.840 --> 33:51.392 a member of the all that's essentially itc level discussion all 33:51.804 --> 33:54.570 discuss since depending on the particular dropping out of a japanese 33:54.573 --> 33:57.402 leveling out or principles level notably the president involves 33:57.412 --> 34:02.990 national security advisor involves og the lisa monaco and others 34:02.990 --> 34:05.860 it involves a range of different people as we look at all these 34:05.860 --> 34:09.000 really important policy issues in this this sarah garner something 34:09.000 --> 34:12.860 that I personally assume as i've been doing this week varies 34:12.860 --> 34:16.360 as mr 26 years i've seen a real change over the last five or 34:16.360 --> 34:20.502 six years where we do have a a good process that comes together 34:20.505 --> 34:22.720 the maisha were looking at all the different aspects of this 34:22.720 --> 34:25.560 now this is not unique to cyber to be sure but I think this is 34:25.560 --> 34:28.413 one away system and added that the 34:29.970 --> 34:33.580 you mentioned earlier in your testimony that your office is the 34:33.580 --> 34:37.203 first office of its kind at and that of many other nations not 34:37.211 --> 34:41.970 exit 20 other nations are a trading some sort of office during 34:41.976 --> 34:44.944 the summer office during the discussion debate on the national 34:44.944 --> 34:48.127 fence authorisation act there will be an amendment to grady as 34:48.288 --> 34:53.259 cyber basically a cyber cocom of cocom level cyber command command 34:53.260 --> 34:58.630 command level of do you believe that we should create any higher 34:58.630 --> 35:03.450 level as cyber department administration and do you believe that 35:03.480 --> 35:06.450 your position within the state department should be elevated 35:06.450 --> 35:11.050 to a perhaps a special envoy level a master level i'm so that 35:11.050 --> 35:13.560 we can fully focus on this and bring more because this is an 35:13.560 --> 35:18.100 issue that is gaining a strategic importance and is going to 35:18.100 --> 35:22.601 be with us service routes as you have the al ahrar coming lives 35:22.601 --> 35:27.030 and so have our we focused enough on this in elbing enough to 35:27.031 --> 35:30.927 level towards the desert i'd agree actually army essentially 35:30.941 --> 35:33.910 honey I been portrayed with the secretary i'm in the secretary's 35:33.910 --> 35:37.140 office the reason the office was created in the secretary's office 35:37.140 --> 35:40.640 was so that it could reach across the department and really a 35:40.640 --> 35:43.980 very collaborative way work with everyone from us as sarah carden 35:43.980 --> 35:46.626 was talking about our democracy and human rights people on issues 35:46.626 --> 35:49.610 around in our freedom our economic era people on some of the 35:49.610 --> 35:52.938 economic and access issues and governance issues are counter 35:52.938 --> 35:57.018 terrorism bureau of allen and terrorist use of the internet are 35:57.270 --> 36:00.643 high in alghero in similar capacity building rumble on for submissions 36:00.643 --> 36:05.570 on abc arms control verification self so what i'd say is the 36:05.620 --> 36:08.530 architecture the way we set the architecture rap was so that 36:08.530 --> 36:11.300 we can work with all these groups and I mentioned I saw this 36:11.300 --> 36:16.460 recent our our our monthly coronation group we have are I have 36:16.460 --> 36:20.310 not had any issue I I can say in either meeting with other counterparts 36:20.310 --> 36:23.560 around the world at any level and four ministries I haven't had 36:23.560 --> 36:27.040 the issue with our structure and making sure we can really aggressively 36:27.040 --> 36:30.767 go after the things were trying to do and and really in a la 36:30.823 --> 36:34.070 cama i'm a former prosecutor summon impatient person as a rule 36:34.320 --> 36:37.470 but the fact that we were able in the last year to do as much 36:37.470 --> 36:40.780 as we don and something where just a year ago that your guy was 36:40.780 --> 36:42.844 sitting here and I was telling about these norms of behavior 36:42.855 --> 36:45.570 anatomy for his gossip was of the when I was time and a year 36:45.570 --> 36:49.184 later we have all this activity that significant cell so that 36:49.187 --> 36:52.860 neither the department wipers only really feel that we need to 36:52.860 --> 36:56.346 change what i'd say as I wanna make sure that weather comes in 36:56.346 --> 36:59.582 in the next administration and I think this will happen a lot 36:59.582 --> 37:02.450 about the presidential level the secretary level continues to 37:02.450 --> 37:05.849 really see this is a priority area and that as a as a core nature 37:05.849 --> 37:09.390 I am one of the other and special envoys of you on why the people 37:09.390 --> 37:11.819 who looks across the department and works with accommodation 37:11.888 --> 37:14.990 were elevating this issue which didn't believe in existence an 37:14.990 --> 37:18.949 issue out and she wearing a five grade and in terms of as a young 37:19.011 --> 37:22.551 adult bureau I don't watch the surrogates on bureau yet some 37:22.551 --> 37:25.120 years a promise it's its own bureau in the something's been raised 37:25.120 --> 37:28.435 before if you think about the cross cutting nature of the session 37:28.510 --> 37:31.095 and an presenter caryn you mention this as well when you talk 37:31.152 --> 37:33.580 everything from human rights in the importance of human rights 37:34.123 --> 37:38.570 law cyber security cyber crime international security internet 37:38.570 --> 37:41.960 governance capacity building if you create a bureau you do two 37:41.960 --> 37:45.640 things one you stovepipe itself that other people will say well 37:45.640 --> 37:49.030 that's a boutique issue guys going deal with tool you would pull 37:49.030 --> 37:51.512 the people out of all the bureaus that need to do this trying 37:51.515 --> 37:54.300 to mainstream this issue of the state were trying to make this 37:54.300 --> 37:56.970 something that is like every other foreign policy issues we want 37:56.970 --> 37:59.950 people to have to deal with this in every bureau regional bureaux 37:59.950 --> 38:02.999 and functional during the crate of yury had to pull the people 38:02.999 --> 38:06.340 out and frankly that replicated anyway so that's not very effective 38:06.340 --> 38:09.940 and we haven't seen that being done in other our countries around 38:09.940 --> 38:12.500 the world and they have the same sort of coronation function 38:12.760 --> 38:16.810 while the bed they pursue so I think that actually is counterproductive 38:16.810 --> 38:20.230 to us making progress in the story because it is by its nature 38:20.230 --> 38:23.826 a distributorship i'd say while they think we in out to give 38:23.826 --> 38:26.200 you an example of some of the things we've done we've just a 38:26.200 --> 38:29.910 couple weeks ago I think I mentions a sister when a soluble recently 38:30.590 --> 38:33.960 had a training for are essentially are cyber diplomats from over 38:33.960 --> 38:37.130 a hundred posts around the world we brought back the folks in 38:37.130 --> 38:39.700 those embassies who are charged with this issue we're looking 38:39.700 --> 38:42.980 at this cross cutting edge and was told each of them in the embassies 38:42.980 --> 38:46.330 to build a cross cutting team get the political content of the 38:46.330 --> 38:50.350 economic outlook at the league out of there is one get the avia 38:50.420 --> 38:52.958 a defence attache at the hole a group in the embassy to have 38:52.958 --> 38:55.390 a mini team on this and that's really the model were trying to 38:55.390 --> 39:02.270 promote the record I thank you for mentioning human rights human 39:02.270 --> 39:08.140 rights so i've been told off by the leaders in the obama administration 39:08.140 --> 39:13.090 is one of the opponent's traces top priorities for advancing 39:13.090 --> 39:17.399 not just american ideals and our national security because it 39:17.399 --> 39:22.743 very much affects the stability of regimes are added a prevent 39:22.743 --> 39:27.150 soggy voyage from korea being created that adds to radicalization 39:27.920 --> 39:34.700 so let me on just find out from you how active you are in promoting 39:34.700 --> 39:39.420 human rights in our cyber strategies we have export control laws 39:39.420 --> 39:43.880 that deal with our weapon systems because we understand that 39:43.880 --> 39:48.360 american technology should not be used against america's national 39:48.360 --> 39:53.200 security so therefore we restrict the ability of manufacturers 39:53.740 --> 39:57.990 ought to be able to export us technology they have to proceed 39:57.990 --> 40:04.120 under certain procedures america the algae in the cyber am is 40:04.120 --> 40:08.580 the best in the world what steps are we taking a mature that 40:08.580 --> 40:13.180 american companies are not exporting technology and cyber that's 40:13.180 --> 40:17.310 being used by repressive regimes to violate the human rights 40:17.310 --> 40:20.670 of its citizens so so this is an issue we are very concerned 40:20.670 --> 40:22.290 about an hour away 40:23.620 --> 40:26.449 it was only concerned about the use of these technologies because 40:26.450 --> 40:30.240 of the cue was another tool used technologies they were both 40:30.240 --> 40:32.660 concerned about technologies that could be used by repressive 40:32.660 --> 40:36.693 regimes to monitor citizens but were also worried about tools 40:36.693 --> 40:39.750 that could be used by repressed by regimes that are not our friends 40:39.750 --> 40:42.480 to attack us so we don't wanna have either of those things happened 40:42.960 --> 40:47.650 and we we wanna make sure that we are committed to keeping the 40:47.650 --> 40:50.613 most dangerous cyber tools are the most dangerous tactics are 40:50.720 --> 40:53.980 at the same time it were also committed to supporting the ability 40:53.980 --> 40:56.830 of our businesses are consumers and the government to defend 40:56.830 --> 40:59.620 themselves from cyber threats and promote innovation and cyber 40:59.620 --> 41:03.170 security self or it we we have to women talking a lot of our 41:03.170 --> 41:06.620 industry colleagues about this issue as I think you may know 41:07.003 --> 41:11.994 there was an agreement and the so called lawson r r of the wassenaar 41:12.020 --> 41:16.009 group aa to create certain controls for cyber technology they 41:16.009 --> 41:18.562 could either be used as you said for by repressive regime for 41:18.562 --> 41:22.970 monitoring of assistance or to attack us up we are in the mv 41:22.970 --> 41:26.145 converses in particular looking at how they get that implement 41:26.145 --> 41:30.036 and we are actually going back to wassenaar call which has 40 41:30.036 --> 41:34.671 to spedding states to talk about how those might actually apply 41:34.674 --> 41:37.690 whether we need to make some changes in the end those controls 41:37.690 --> 41:40.910 that were agreed to that's just one area of non proliferation 41:40.910 --> 41:43.633 but it's an important one and we need to make sure the or addressing 41:43.633 --> 41:47.306 this and even as we talk of osten are about making changes so 41:47.306 --> 41:50.430 it can promote innovation and cyber security while the same time 41:50.430 --> 41:53.910 targeting the behavior to you talk about how we need to that 41:53.910 --> 41:57.820 the right way so whatever will happen with wassenaar the negotiations 41:57.820 --> 42:00.940 there we also as we implement this need to make sure we walk 42:00.940 --> 42:04.800 that line in the appropriate way I we what we have been talking 42:04.800 --> 42:07.930 a lot and commerce asked our private sector but will also have 42:07.930 --> 42:11.822 at least another hour another note there is narrowest at the 42:11.822 --> 42:16.850 garrick and companies today are using their technology to support 42:16.850 --> 42:21.470 repressive policies of other countries as a way of granting entry 42:21.470 --> 42:26.150 into the markets of those countries are we trying to develop 42:26.150 --> 42:31.030 policies that will prevent the use of american technology for 42:31.030 --> 42:35.620 the repressive actions of the begins its own people and as I 42:35.620 --> 42:39.347 said I think that that one area where we've we've done this isn't 42:39.400 --> 42:42.890 this this boston area but it's a very delicate balance to make 42:42.890 --> 42:47.120 short were not stifling either innovation or stifling cyber security 42:47.120 --> 42:51.622 that's one area the other is is my colleagues are india rao had 42:51.622 --> 42:55.690 been promoting a we have a body to gather the idea business responsibility 42:55.690 --> 42:59.070 and protection of fundamental human rights are and how you have 42:59.070 --> 43:01.979 businesses look at that issue and the thing that would moaning 43:01.979 --> 43:05.012 there and in a couple different aspects one is the global old 43:05.048 --> 43:08.269 network initiative which saw a group of businesses that looks 43:08.272 --> 43:12.194 at what the ethics are what the rules are for a firm for businesses 43:12.194 --> 43:14.761 and this the voluntary association a number of businesses are 43:14.768 --> 43:17.730 part of that the other is in the context of something called 43:17.730 --> 43:20.340 the freedom online coalition which I think I mentioned to last 43:20.340 --> 43:23.270 year the man tom malinowski had just gone to the meeting and 43:23.270 --> 43:26.041 we support that group very much may have the next meeting in 43:26.041 --> 43:28.990 costa rica salon armies and for the first time coming up this 43:28.990 --> 43:31.280 year which is winning significant because getting more of our 43:31.280 --> 43:35.231 region as part of that that's important I should also say that 43:35.235 --> 43:38.580 as we do these all of government dialogues that we do with multiple 43:38.580 --> 43:41.710 countries around the world now human rights are always a part 43:41.710 --> 43:44.511 of that and so it's not just about cyber security human rights 43:44.511 --> 43:47.190 are part of it was with capacity building we weave that into 43:47.220 --> 43:50.900 but this up freedom online collection is talked about some of 43:50.900 --> 43:54.020 the responsibilities of businesses summoned up the tension between 43:54.020 --> 43:57.914 security and human rights are and and that's a continuing discussion 43:57.914 --> 44:01.765 so this is not an easy area all but we wanna make sure as I said 44:01.788 --> 44:04.560 the most dangerous tools are not given the most dangerous actress 44:04.560 --> 44:08.350 while the same time mceachern protecting the fish I would hope 44:08.350 --> 44:12.840 that you'd be aggressive in developing protocols related to the 44:12.840 --> 44:17.570 use of technology as well as some of the other areas that you're 44:17.570 --> 44:22.840 working on as it relates to protecting human rights act I would 44:22.840 --> 44:26.410 also hope as you look at this delicate balance and it is the 44:26.410 --> 44:32.100 documents and deny that but I would hope that she will use the 44:32.100 --> 44:37.620 same sensitivities that we use for military arms as we use for 44:37.620 --> 44:45.880 internet technology so that we are not wrapped up in the the 44:45.880 --> 44:52.250 view that the internet is as so global that technology development 44:52.250 --> 44:57.070 in the united states a must be a medium he made available globally 44:57.518 --> 45:02.569 are one it can be used by repressive repressive regimes to trample 45:02.569 --> 45:07.020 on the human rights of its citizens also think there's gotta 45:07.020 --> 45:12.000 be a trade off with commercial with corporate responsibility 45:12.650 --> 45:17.490 and that there needs to be of protocols in which american businesses 45:17.490 --> 45:23.440 are prepared to adhere to and not just that yield to the unreasonable 45:23.440 --> 45:27.791 demands of repressive regimes when he has one more question about 45:27.791 --> 45:29.340 why mr german that is 45:31.130 --> 45:36.840 can you tell me or what do you intend to clarify when an attack 45:36.920 --> 45:41.610 on cyber alley would trigger an inherent right of self defence 45:41.610 --> 45:45.570 pursuant to article 51 of the un charter wonder we get to that 45:45.570 --> 45:50.189 point so a couple things I don't think we have ashley to find 45:50.189 --> 45:53.260 that with the exceptional clarity in the physical world either 45:53.350 --> 45:56.116 and there's a reason for that are because it's often dependent 45:56.131 --> 45:59.160 on the circumstances of the attack however there's nothing magic 45:59.160 --> 46:02.250 about cyber when it when it does say that and I understand the 46:02.257 --> 46:06.180 sensitivities here again but if it isn't clear that countries 46:06.180 --> 46:10.290 can try to test and test and test of was to the line and say 46:10.290 --> 46:14.171 they didn't no the debt would trigger of the military response 46:14.171 --> 46:18.750 will self defense might also study clarity is important here 46:18.890 --> 46:22.530 so as I said we don't do this in the physical world as a reason 46:22.721 --> 46:26.567 are not just the fact of the factual basis but if you create 46:26.810 --> 46:31.052 clear red lines your trap to which we do on 12 will invade and 46:31.052 --> 46:34.390 of a nato ally that's a clear red line but their home in cyberspace 46:34.390 --> 46:37.880 is ukraine some clear red lines you give an incentive to actors 46:37.880 --> 46:41.848 to creep up to that red line knowing that they don't risk retaliation 46:41.848 --> 46:45.480 or don't risk our response and that as a greater good environment 46:45.510 --> 46:48.390 either so you do need and I think that the turn in strategy that 46:48.390 --> 46:51.530 was submitted by the department fans are recently taught about 46:51.530 --> 46:54.260 the need for some strategic ambiguity here which is important 46:54.580 --> 46:58.200 now that we have sad and one of things we got agreement with 46:58.200 --> 47:02.960 both in the context of the this recent gigi is article 51 actually 47:02.960 --> 47:06.010 does apply to cyberspace and that there are there is activity 47:06.010 --> 47:08.764 in that activity could be looked at just like you know when you 47:08.808 --> 47:12.170 look at physical activity as a causing odd death and serious 47:12.170 --> 47:15.620 injuries and causing major damage though is the kind of factors 47:15.620 --> 47:19.480 that are used now to look at physical space use the same factors 47:19.480 --> 47:21.970 in cyberspace you don't use a different set of factors and so 47:21.970 --> 47:24.970 that's one of things were pursuing in that I had won the other 47:24.970 --> 47:28.940 issues as you know we continue to lakeshore that cyber is part 47:28.940 --> 47:34.351 of nato's metals corp or operating precepts and we've sat on 47:34.521 --> 47:37.835 that the article five nato could apply to cyber incidents going 47:37.835 --> 47:40.740 to be a case by case basis or look at all those factors as well 47:41.492 --> 47:44.181 I should also just mentioned the out of the out of the centre 47:44.181 --> 47:47.656 gardeners question about how the bureau the issues you raise 47:47.656 --> 47:51.376 with respect human rights is another reason why when my officer's 47:51.377 --> 47:54.370 career the point was to not just look at the security issues 47:54.370 --> 47:57.720 but to draw in all these other interests and make sure that our 47:57.720 --> 48:00.700 approach both upheld human rights and looked at the security 48:00.700 --> 48:04.750 issues and support levels together I guess would underscore this 48:04.750 --> 48:09.102 point out I don't follow your point on article 51 another said 48:09.136 --> 48:14.720 the reasons why we're told in the conventional threats you know 48:14.720 --> 48:18.730 when those conventional threats have been initiated and you know 48:18.730 --> 48:23.030 the consequences if you don't defend yourself from those attacks 48:23.470 --> 48:29.378 in cyber were being attacked every second and to a large extent 48:29.500 --> 48:33.750 the consequences depend upon the success of the cyber attacks 48:34.340 --> 48:39.786 and we may not know about the cyber attacks as the opium of hack 48:39.806 --> 48:43.680 we didn't know about it until well after they have penetrated 48:43.680 --> 48:47.680 and gotten the information which puts millions of america consent 48:47.680 --> 48:54.075 risk at risk so I don't know if what I don't understand you wanna 48:54.099 --> 48:58.930 use conventional standards or whether we have our security has 48:58.930 --> 49:03.730 been a compromise from the point of view public safety etc but 49:03.730 --> 49:07.298 in cyber you just don't have the luxury of knowing that until 49:07.440 --> 49:10.960 maybe it's too late so therefore country will say will take it 49:10.960 --> 49:14.400 to the point until we get discovered in them will say gee we 49:14.400 --> 49:17.252 didn't mean to do it and therefore there's no response and articled 49:17.253 --> 49:20.470 with the wand records the other there is no limitation that we 49:20.470 --> 49:24.160 cannot take a range of different actions or whole idea of having 49:24.160 --> 49:26.788 all these different tools that we talked about how to look at 49:26.788 --> 49:29.710 is that we can take those actions even if it doesn't reach the 49:29.710 --> 49:33.520 level of an article 51 armed attack an armed attack is a specific 49:33.520 --> 49:36.320 term that triggers the right to self defence in a particular 49:36.320 --> 49:40.010 way and even when that threshold which we sometimes as a country 49:40.010 --> 49:43.880 may decide not to respond to them so we can use all jurors last 49:43.880 --> 49:46.800 resort among us right so we could still use all these tools we 49:46.800 --> 49:50.682 have an i'd also say there is a difference and I think that the 49:50.695 --> 49:53.500 and I talked about this recently or not that recently been fairly 49:53.500 --> 49:56.612 recently as a difference between attacking an intrusion attack 49:56.612 --> 49:59.370 in a destructive attack is different than an intrusion and the 49:59.370 --> 50:02.690 colour disruptive effects of past under international law and 50:02.862 --> 50:06.480 il one of the things we have been pioneering this idea as part 50:06.480 --> 50:09.510 of our framework they do now ashleigh law applies in cyberspace 50:09.510 --> 50:12.220 that wasn't clear a couple years ago it was seen as a free fire 50:12.220 --> 50:15.580 zone international law means novels including the triggering 50:15.580 --> 50:18.990 of article 51 including proportionality distinction when you 50:18.990 --> 50:21.540 actually have a shooting war is all those things are important 50:21.950 --> 50:24.620 and we need to look at all the tools we have even if it's below 50:24.620 --> 50:28.445 that threshold the idea behind the norms I talked about not attacking 50:28.451 --> 50:31.200 the critical infrastructure of another country absent wartime 50:31.620 --> 50:35.190 is that give us some rules the wrote even when you don't reach 50:35.190 --> 50:37.930 that high level to because that's activity we see every day we 50:37.930 --> 50:41.286 don't see the armed conflict everyday we see that the ft of an 50:41.286 --> 50:44.941 electrical property we see potential toxic against infrastructures 50:44.949 --> 50:48.449 wheezy attacks concerts as the rules the robot rover trying to 50:48.808 --> 50:52.011 promote so that we have activities begin to even below the threshold 50:52.480 --> 50:57.090 thank you vixen a garden and an estranged follow up through those 50:57.090 --> 51:00.560 questions up on critical infrastructure particular do you think 51:00.560 --> 51:04.660 that russia's attacks against ukraine's power grid in 2015 december 51:05.020 --> 51:07.500 a violated its commitment to the united nations and critical 51:07.500 --> 51:10.530 infrastructure out really as I believe you know we have not made 51:10.530 --> 51:14.520 any attribution of that incident we are very concerned at that 51:14.520 --> 51:17.320 time attack and I kind of incident and we have characterized 51:17.320 --> 51:21.980 as attack we have a aa group aa innovations group da justin deeley 51:21.980 --> 51:26.080 and others all work the ukrainians and the the aftermath of that 51:26.501 --> 51:30.480 um so it is something of concern by the things we've done is 51:30.480 --> 51:34.320 often not me personally but I da jazz colleagues are also made 51:34.320 --> 51:38.110 that made warnings to our own electrical grid and make sure that 51:38.110 --> 51:41.048 they were aware of what the rest were of this kind of attack 51:41.048 --> 51:43.453 going forwards and something we take very seriously but unlike 51:43.453 --> 51:46.712 an if I I you know we haven't had to be to that mike an attribute 51:46.712 --> 51:49.810 or unlikely characterize what do do you believe that russia still 51:49.810 --> 51:53.210 attempting to penetrate u s critical infrastructure I I would 51:53.210 --> 51:56.757 defer to what the dea and ice that in terms of on the russia 51:56.762 --> 52:00.290 being one of the russia china iran the north korea being some 52:00.290 --> 52:03.430 of the major the major threat actors who sang in the russia as 52:03.430 --> 52:06.430 a full spectrum activities but the setting among consumers that 52:06.430 --> 52:10.200 activity violate their commitment to their nations I again i'm 52:10.230 --> 52:13.230 i'm not going to characterize what russia is doing in the setting 52:13.230 --> 52:17.578 however are the there is an attack in our view it's voluntary 52:17.578 --> 52:20.590 non aba is a voluntary norm of this point which has been agreed 52:20.590 --> 52:24.952 to but if if there is an attack on critical infrastructure all 52:24.952 --> 52:27.680 by another country first of already taken seriously whether this 52:27.680 --> 52:30.500 normally not where imitate work and be able to use all the tools 52:30.500 --> 52:33.540 we have an artwork and second a widow wanted a country to do 52:33.540 --> 52:36.490 that that's exactly why we are promoting those norms around the 52:36.490 --> 52:39.240 world and of countries to do it that we have to make sure we 52:39.240 --> 52:42.223 can work with other countries that councils transgressors analyses 52:42.241 --> 52:45.260 the tools we have to defend ourselves in insulin we see penetration 52:45.260 --> 52:48.910 by russia or iran into critical infrastructure of the arab states 52:49.149 --> 52:53.300 of it whether that's an actual attack or whether that is a preparing 52:53.430 --> 52:56.890 the battlefield as it was on as it was characterized in one point 52:57.190 --> 53:01.260 and is that a violation of unit I I think we are we are concerned 53:01.290 --> 53:04.234 about we are certainly concerned about those kinds of penetrations 53:04.234 --> 53:07.399 lozenge versions and I think as you know in the case of iran 53:07.400 --> 53:10.277 there was an indictment for marta pondered justice against an 53:10.277 --> 53:13.640 actor not just for the doll serves attacks that we played a role 53:13.640 --> 53:16.520 in mitigating involvement the last time we were here the state 53:16.520 --> 53:18.890 department actually worked with other countries to have them 53:18.890 --> 53:22.440 to mitigate the botnets all over the world but also as the penetration 53:22.440 --> 53:25.660 of the dam in the skating system there was a really concerning 53:25.660 --> 53:28.350 issues and we're gonna make sure that we use the tools we have 53:28.350 --> 53:31.100 in this case others an indictment there could be other tools 53:31.100 --> 53:33.951 in the future do you think that today in an interview witness 53:33.951 --> 53:38.510 to change behavior from iran for the united states in terms of 53:38.510 --> 53:41.580 cyber activities against united states since the nuclear agreement 53:41.580 --> 53:45.940 of october just 15 20 is a beta change I I would defer that question 53:45.940 --> 53:49.357 to the din I who I think the dress this and were classified setting 53:49.891 --> 53:53.990 of in do we believe that there was an article in europe I would 53:53.990 --> 53:56.840 say the dna is considered cartwright serranus while the threat 53:56.840 --> 54:01.200 actors around north korea all russian john both before and after 54:01.200 --> 54:04.577 the nuclear agreement I think his recent to the dna threat assessments 54:04.577 --> 54:08.348 relatively recent at your response said to revelations I think 54:08.348 --> 54:11.220 was in york times regarding was capabilities to significantly 54:11.220 --> 54:14.550 degrade or destroy iran's nuclear capabilities before the jersey 54:14.550 --> 54:18.062 poet negotiations be yes and there's an article that talked about 54:18.062 --> 54:22.860 ted had they failed there was a possible cyber exercising taken 54:22.860 --> 54:26.070 against iran to bring down their nuclear physics were you a part 54:26.070 --> 54:29.700 of those discussions I can I can I can't comment on any operations 54:29.700 --> 54:34.020 or any plans that denies it may have had a lot in this area particularly 54:34.020 --> 54:37.469 in iowa state department cyber offices all I would say more generally 54:37.470 --> 54:40.820 that state farm is at some at some level was involved in all 54:40.820 --> 54:44.340 the decisions involving the use of cyber compose the office of 54:44.340 --> 54:47.980 cyber again I can't really get into that in the sun and his legs 54:47.980 --> 54:50.900 were no whether or not you are part of many discard either our 54:50.900 --> 54:53.990 office or the statement is all depending on what the particular 54:53.990 --> 54:57.360 issue is involved in these discussions as a policy matter all 54:57.360 --> 55:00.844 the time servants then I knock it again I can come to kill ya 55:00.875 --> 55:03.346 not try to get you to give me the details of the undersides when 55:03.347 --> 55:06.340 what you I haven't had an academic on whether that was actually 55:06.340 --> 55:10.913 a factor whether that was being considered all I I believe that 55:10.914 --> 55:15.171 all four american commander however I when I say it is all the 55:15.177 --> 55:18.811 state department is whilst in discussions with his back to a 55:19.330 --> 55:22.280 really all the tools for years as part of the interagency discussion 55:22.280 --> 55:27.280 and an won the changes that I mentioned before is that in i'd 55:27.280 --> 55:30.550 say we are many several years ago the state department had much 55:30.550 --> 55:35.096 more of a m ov a minor involvement was discussions now I think 55:35.103 --> 55:38.240 discussions are in the state ominous won the key players as we 55:38.240 --> 55:42.890 discuss on the decisions of the the cyber grimmett that senator 55:42.890 --> 55:46.230 carte spoke of earlier on how involved was the state department 55:46.230 --> 55:49.328 in drafting that third overall this drafting cyber groove me 55:49.340 --> 55:54.440 with that bob the trees are very very involved also out there 55:54.440 --> 55:58.280 was by think as you know the the presidency sent out a special 55:58.280 --> 56:03.240 envoy on long island to the united states about 10 days before 56:03.240 --> 56:07.110 the official visit while there were a number of meetings which 56:07.110 --> 56:10.286 I personally participated and then a meeting house of the sector 56:10.286 --> 56:13.518 carried despatches and some were very involved in that and words 56:13.518 --> 56:16.510 are involved in the negotiations the oneida go shares of the 56:16.510 --> 56:20.637 latter that agreement to personally was that we were very very 56:20.637 --> 56:25.640 wrong to the center court at the bottom which they haven't already 56:25.640 --> 56:30.499 voting or soon I just in in terms of china's activities as you 56:30.499 --> 56:34.360 mentioned we it's true it's it's premature to comment on whether 56:34.620 --> 56:37.950 the agreement is actually a deterrent a collection of commercial 56:37.950 --> 56:42.234 information for the guinness on commercial sector and we talk 56:42.234 --> 56:45.280 about russia's possible it was tax against ukraine and whether 56:45.280 --> 56:48.938 other violates the grooms in addition stockman ron's activities 56:49.222 --> 56:55.410 and ended the identifying china russia iran has ongoing jobs 56:55.410 --> 56:59.691 for that state's insider is a time for a new framework of negotiations 56:59.697 --> 57:04.360 we know russian china will not agree on what we believe should 57:04.360 --> 57:09.060 be a secure cyberspace open free internet is a time that we move 57:09.060 --> 57:12.300 forward with the like minded nations the five eyes the auto group 57:12.300 --> 57:17.280 that we move forward I in in our own ideas with our own nations 57:17.500 --> 57:20.080 to trade a block of interested parties the can then use that 57:20.080 --> 57:22.790 as leverage against others who simply are going to behave the 57:22.790 --> 57:25.200 way they should one woman express precisely will rejoin with 57:25.200 --> 57:28.030 these arms are given out at the born again china and russia agree 57:28.030 --> 57:32.070 to wed as key countries in this women's only are we have been 57:32.070 --> 57:34.790 trying to expand knowledge spanned the like minded tent where 57:34.790 --> 57:39.350 we certainly with r five I allies but also without the even other 57:39.350 --> 57:43.270 countries in europe with with that country's in our own region 57:43.920 --> 57:49.061 whole idea of this expansion added mention that just in you know 57:49.172 --> 57:52.426 one other things happen last year is that the president enormous 57:52.467 --> 57:56.153 every meeting with a foreign leader and every summer are well 57:56.205 --> 57:59.040 we have a high level meetings with other governments on a diplomatic 57:59.040 --> 58:02.546 level has raised issue of the importance of norms in cyberspace 58:02.546 --> 58:05.790 in points of the summer nationals already for him or her and 58:05.790 --> 58:11.600 to give an example japan india all china pakistan the art east 58:11.600 --> 58:17.600 asian summit the u s see you up in my love australia alteon of 58:17.600 --> 58:20.859 the g seven foreign ministers meeting and the jersey city have 58:20.860 --> 58:23.670 all had statements and response recently just a couple weeks 58:23.670 --> 58:25.900 ago when the new article it is right here there is a statement 58:25.900 --> 58:29.100 about cyber norms in there so that's important to continue the 58:29.170 --> 58:32.191 advance that framework that's different than trying to have a 58:32.233 --> 58:36.190 a a cyber treaty and I think one of concerns we have about the 58:36.190 --> 58:39.430 cyber treaty is that's often advocated by the chinese and russians 58:39.755 --> 58:44.030 to can try to control cyber weapons as a sign of the really they're 58:44.030 --> 58:46.860 trying to drona's gustavson ricardo's point really they're trying 58:46.860 --> 58:50.993 to control information or trying to diffuse information as destabilizing 58:51.022 --> 58:53.964 and they talk about information security that's not a productive 58:54.229 --> 58:57.460 force that's why the path that we've chosen which I think is 58:57.460 --> 59:00.480 the most productive is to promote how international law applies 59:00.520 --> 59:03.585 norms in cyberspace and confidence building measures among a 59:03.585 --> 59:05.860 like minded but makes the law ike might attend bigger and that 59:05.860 --> 59:08.570 means working with the developing world as well the lava capacity 59:08.570 --> 59:11.120 building efforts are aimed to those agreements and that officer 59:11.120 --> 59:14.840 doesn't include russia or china or russia china have signed up 59:14.840 --> 59:17.340 to the attic to the agreement within the gigi their pride and 59:17.340 --> 59:20.552 they will be part of the auxiliary to the violator of this is 59:20.580 --> 59:23.169 only considered oppose concerns and several other countries in 59:23.169 --> 59:26.420 other actors including cremona other actors transnational organized 59:26.420 --> 59:29.870 groups around the world so we did to promote and create expectations 59:29.870 --> 59:33.313 of what these agreements mahan and what consequences will beat 59:33.333 --> 59:36.082 that's par the long term efforts and so that is not an overnight 59:36.084 --> 59:38.530 develops the model of like minded nations though if we were to 59:38.530 --> 59:42.870 enter into some can bring that on at this universal agreement 59:42.870 --> 59:46.292 area semi excluding them because of to the rock on the knowledge 59:46.330 --> 59:49.029 of the kids and look at the latest point of were trying to promote 59:49.406 --> 59:51.758 international side was to build and the reason I think there's 59:51.758 --> 59:54.487 been uptake on these norms is that russia and china don't want 59:54.487 --> 59:57.740 their critical of destructions attacked either we want the widest 59:57.740 --> 01:00:01.610 possible are a group that's a grain of us and that we wanna be 01:00:01.610 --> 01:00:05.040 able to act like delay against transgressors were not there yet 01:00:05.040 --> 01:00:08.300 we made tremendous progress in the last year but as you know 01:00:08.300 --> 01:00:10.886 part of our strategy going forward is getting warmer countries 01:00:10.887 --> 01:00:14.700 signed up to an agreement the triage of some us some written 01:00:14.700 --> 01:00:17.280 agreement I just think is premature and the service too much 01:00:17.280 --> 01:00:20.080 more we did to do to understand what the expectations are given 01:00:20.080 --> 01:00:23.550 with our close allies and we continue to do that but it's clear 01:00:23.550 --> 01:00:26.990 that the minute you would agree that either china russia has 01:00:27.150 --> 01:00:30.830 lived up to their eyebrows was not said i'd say that the these 01:00:30.990 --> 01:00:34.578 this framework international law the norms in cyberspace and 01:00:34.578 --> 01:00:37.457 commerce building measures are in korea are increasing and will 01:00:37.457 --> 01:00:40.212 increase of national stability yes they're continually threats 01:00:40.212 --> 01:00:43.520 rather actors out there yes countries around the world will continue 01:00:43.520 --> 01:00:46.320 to gather intelligence as countries have since beginning of time 01:00:46.530 --> 01:00:49.210 we did do a better job in some other countries and protecting 01:00:49.210 --> 01:00:52.310 ourselves against them by trying to take off the most destabilizing 01:00:52.310 --> 01:00:56.091 contact off the table and have mechanisms to discuss and raise 01:00:56.091 --> 01:00:58.450 with them as with a confidence building measures and about are 01:00:58.450 --> 01:01:01.500 part of that that way of addressing that and then frankly the 01:01:01.500 --> 01:01:04.284 backup to all the this is all the tolls I talked about before 01:01:04.311 --> 01:01:08.730 if if countries are not abiding by that to use all the tools 01:01:08.730 --> 01:01:12.231 including diplomatic which is my area but also our law enforcement 01:01:12.231 --> 01:01:16.790 tools or trade tools are you know on the range of tools we have 01:01:16.790 --> 01:01:19.507 we need to be ready and willing and continued use of the deranged 01:01:19.520 --> 01:01:22.976 tools include things like a strategy to van cyber weapons his 01:01:22.995 --> 01:01:25.930 college like an entity kind of thing I I I think again i've I 01:01:25.930 --> 01:01:28.970 don't have a cyber weapon it is I think of the problem is we 01:01:28.970 --> 01:01:31.406 look at the facts the norms outside is important we do know it's 01:01:31.406 --> 01:01:34.390 every weapon was not announced because of the bible writers under 01:01:34.390 --> 01:01:37.360 article 51 another but now a cyber weapon could be too I can 01:01:37.360 --> 01:01:40.670 be dual use and that's particularly true in the sovereign and 01:01:40.670 --> 01:01:44.039 some will be focused on and said a cyber weapons as we've looked 01:01:44.039 --> 01:01:47.270 at the facts cyrillic the norms which are talking about is what 01:01:47.270 --> 01:01:50.270 affects women of ill attack on critical infrastructure with the 01:01:50.270 --> 01:01:53.488 endpoint not what told me is what and whether that's a door used 01:01:53.488 --> 01:01:57.550 to or not and so trying to restrict a quote unquote cyber weapon 01:01:57.580 --> 01:02:00.390 I think first of all with changing technologies not in work and 01:02:00.390 --> 01:02:03.230 secondly I think it would have an effect on terms the dual use 01:02:03.230 --> 01:02:06.662 technologies are used to protect its deserted you use for a malware 01:02:06.669 --> 01:02:09.903 ransom or I think researchers will tell you that they use malware 01:02:09.903 --> 01:02:12.426 on an anti virus companies and others to try to protect their 01:02:12.426 --> 01:02:14.983 systems to better understand the threats are out there is sort 01:02:14.992 --> 01:02:17.380 of good samaritan approach correct but I think you have to be 01:02:17.380 --> 01:02:19.800 careful in terms of what you're actually trying to control this 01:02:19.800 --> 01:02:22.750 is exactly the issue that we've raised we've all run up into 01:02:22.750 --> 01:02:25.430 the awesome arrangement were trying to make sure we want that 01:02:25.430 --> 01:02:28.804 balance or prohibiting governments from getting really battles 01:02:28.820 --> 01:02:32.880 we don't want to have at the same time were not that inadvertently 01:02:33.160 --> 01:02:36.040 or vertically ashley affecting industry's ability to protect 01:02:36.040 --> 01:02:38.289 itself with mill an innovative thoughts you don't anticipate 01:02:38.290 --> 01:02:41.703 any kind whatever weapons of mass destruction type by the band 01:02:42.153 --> 01:02:44.990 when it comes out because you're concerned that we can define 01:02:45.062 --> 01:02:49.110 a cyber like that when I was a senator as isaac the day credit 01:02:49.110 --> 01:02:53.530 courses for us to us and are not just our allies but as big communities 01:02:53.530 --> 01:02:57.050 we can we can muster to pursue this idea of what effects were 01:02:57.050 --> 01:03:00.664 trying to control what the rules of the road one of the norms 01:03:00.706 --> 01:03:03.720 we want how does or national law applied had a week communicate 01:03:03.720 --> 01:03:06.570 with each other there's been a lot of good work there to to make 01:03:06.570 --> 01:03:09.943 sure we have a long term stable environment cyberspace that's 01:03:09.943 --> 01:03:13.220 what we need to do that I think a more effective route especially 01:03:13.220 --> 01:03:16.040 now we're still in the beginning of this conversation yes we 01:03:16.040 --> 01:03:19.270 have lots of progresses I taught you last year but you compare 01:03:19.270 --> 01:03:21.652 this to the nuclear otherworld were really in the infancy of 01:03:21.653 --> 01:03:25.188 law these conversations cell I think that the role that the path 01:03:25.188 --> 01:03:28.050 ron is exactly the right path to raise awareness about these 01:03:28.050 --> 01:03:30.865 issues and what the threats are and talk about what things that 01:03:30.865 --> 01:03:33.060 we're not gonna do we don't think anyone should do and I think 01:03:33.060 --> 01:03:35.858 that's more effective than going to some treat final question 01:03:35.865 --> 01:03:39.269 isn't party generally they would ask for that not on fine leg 01:03:39.271 --> 01:03:43.200 and I think just one question but is there a discussion amongst 01:03:43.200 --> 01:03:47.779 nations to try to define what a cyber weapon is I I think that 01:03:48.131 --> 01:03:50.730 there has been discussions the past and is always run into some 01:03:50.730 --> 01:03:53.580 of the problems that I mentioned that that with dual use technology 01:03:53.580 --> 01:03:57.480 and new sorts of attacks and new technologies and place you know 01:03:57.480 --> 01:04:00.610 it's difficult to say what a quote unquote cyber weapon as and 01:04:00.610 --> 01:04:03.490 I think more and more countries are looking at where the effects 01:04:03.490 --> 01:04:06.710 were I never happens but if we if we had some kind of an agreement 01:04:06.710 --> 01:04:09.270 amongst nations that what a cyber weapon is in defining their 01:04:09.270 --> 01:04:12.130 dual use but when used a certain way as a weapon would that help 01:04:12.770 --> 01:04:15.640 I don't again I think it runs and all the problems I just might 01:04:15.640 --> 01:04:18.677 mention that once all the proms in terms of how do you define 01:04:18.677 --> 01:04:22.310 it and does not cover inadvertently odd things that you need 01:04:22.310 --> 01:04:25.310 for research things that you need ashley protect ourselves from 01:04:25.310 --> 01:04:28.740 from summer computer security companies I think that again I 01:04:28.740 --> 01:04:31.830 think the most effective way to address this is to go after what 01:04:31.830 --> 01:04:34.879 effects were looking up make sure that there's some clear understandings 01:04:34.879 --> 01:04:36.895 of what effects we don't think country should do and that there 01:04:36.895 --> 01:04:39.822 are consequences for those who have agreements on radio isotopes 01:04:39.822 --> 01:04:42.440 and other things that the old dual use so why can't we do it 01:04:42.440 --> 01:04:45.510 was time I think it's much more those in this area than that 01:04:45.510 --> 01:04:48.960 I think that these are the for small radio host of the radio 01:04:48.960 --> 01:04:52.730 isotopes in these these kinds of tools were considered will vault 01:04:52.737 --> 01:04:55.630 in chains and have different uses so I don't think we can really 01:04:55.630 --> 01:04:59.470 freezes them plates that humans in her garden knife if no for 01:04:59.470 --> 01:05:02.340 the questions the with ink master painter were ignored believe 01:05:02.340 --> 01:05:05.150 the voters started so they stopped one for attending today's 01:05:05.150 --> 01:05:07.740 hearing into mist rain for providing us the testimony for the 01:05:07.740 --> 01:05:10.160 information of the members the committee the record remained 01:05:10.160 --> 01:05:13.590 open until the close of business friday including four members 01:05:13.590 --> 01:05:16.420 to submit questions for the record mr painter would ask that 01:05:16.420 --> 01:05:18.950 you please proper reply to questions for the record as soon as 01:05:18.950 --> 01:05:22.143 possible and they will be made a part of the record with banks 01:05:22.150 --> 01:05:24.210 the committee the series no joint venture.