You're watching...
Former Homeland Security secretary Michael Chertoff explains why cyber-security legislation is needed.
Also in this playlist...
Auto-advance: ON
Auto-advance
This transcript is automatically generated
So much.
Some criticism already mounting against the president's new cyber security ordered that you just heard about.
Some saying the president backed off earlier drafts I had much stricter regulations.
Michael Chertoff is former secretary of homeland security and chairman and co-founder.
Of the chart up -- joins me now thank you so much for coming nine.
Let's get right to it has this specific criticism.
Is that an earlier draft of the executive order on the -- required that the industry come up with the best practices standards and that then.
And it regulatory agency would be assigned to go in and enforce -- that it was taken out.
Because there were lobbyists at the last minute on capital -- that pressure the president into excluding Matt what do you think of.
Up that charge.
Yeah I think -- executive order is an important step that is not a final step.
And it can only really address -- the US government doesn't doesn't do -- can't really make the private sector do things for that you have to ask congress.
I think what the effort here issue.
Move forward with a collaborative process in which the private sector works with the government -- are not out fishing I'm realistic mandates.
But also to make sure that we are raising our game in terms of defense all across our critical infrastructure show.
This is gonna move it forward but congress is gonna have to act to really complete the process.
People what do you think about best practices standards that -- There would be some sort of federal agency that went in -- forced it I mean to me that sounds like.
The SEC trying to deal with -- and monitor trading and although there have been many flaws and problems there.
At least there is a regulatory body that's out there with a set of rules and forcing -- Would that work into -- you know when applied to cyber security.
Well in certain areas of the economy we -- -- have regulatory agencies that have looked at -- -- of so our security and have made it part of what their requirements are that happens in the energy industry for example refer.
Other parts of that critical infrastructure in the country don't have there's kinds of regulatory bodies are.
You're gonna have to even -- that I think the executive order does.
Ask the regulatory bodies it exists to incorporate sharp security -- what it is day they require.
But it's gonna have to be more than those agencies to really get the job done so would you want to see one over -- group that sets standards and then winning in enforce it would that be good idea -- -- now.
I think actually good idea would be to have each sector of the economy set the standards that are appropriate for that sector and I think that's the model that's being.
Considered both by congress and by the executive -- So the other concern with what is he going on now is that if you had if you ask banks and alike to.
You know collaborate with the government about what their security is -- when they talk back and forth about attacks that a compromise -- consumers' personal information.
Are we justified in being afraid of back.
-- action were compromises consumers information are the attacks to hackers to people who steal the information.
By the way to protect that information is to have cyber security.
Now obviously when you share with the government you want to make sure you're not identifying individuals unnecessarily.
But frankly privacy is protected by securities not threatened -- Do you think it's -- and it is it.
Is it reasonable to expect that that the bank would be able to not identify you personally to share your information without sharing too much that I sleep at night feeling like that's the case when you've been -- -- here.
-- -- Yeah sure because what happens if banks non interest in Europe -- victim they wanted to know what are the characteristics of the attack.
What is the signature of the malicious tool what is the IP address from which attack was launched.
And to do that you don't need to consumer information you need to know -- -- bad guys are doing and that's where where it's gonna be shared.
How vulnerable are we right now I mean this is at a topic that -- so much attention.
But I think a lot of us are Fuzzy on the exact -- tale of how vulnerable we really are because it seems like when they attack a website.
Your money isn't necessarily stolen somebody steps in.
To stop them in time where there -- insurance for that I think people know there's a threat out there they don't feel personally vulnerable should we.
I think I think we should throw -- -- -- -- billions of dollars and intellectual properties that are being stolen every year from this country.
After billions of dollars in fraud that is that's been Caridad.
And while the chances of any given individual.
Being a victim may not be very high.
If you look at the major important sectors of the economy it's having a real negative economic impact.
Look it's like a job killing.
Attack where intellectual property and expertise and technical data.
He's exported illegally overseas and then used by other companies and other countries to produce goods and services more cheaply.
Secretary turn up thanks much for coming on today we really appreciate iron -- Good to -- yeah.
