1. Gen. Michael Hayden, former CIA and NSA director
"Nation-state actors are coming at us, coming at you. For the most part, they just want to steal your stuff...There are other actors out there now who are coming to your networks ... And, then there’s something out there that troubles me, the third group ... It’s people who are just mad, people who are mad at the world, and they have demands that maybe you and I can’t understand."
2. Craig Mundie, senior advisor to the CEO, Microsoft"I think people need to understand that really in the last 12 months, there’s been a qualitative change where the threats really are moving to destructive types of attacks. And, unlike conventional weapons, every time anybody in the world shoots one of these weapons, all the bad guys get to observe it, and they all immediately figure out how it works and how to clone it.
3. Rep. Mike Rogers (R-Mich.) (center)
"Right now [the U.S. has] the only intelligence services on the planet that are under siege from both its adversaries and from its internal support system ... Can we do some things that improve transparency? Are there some things we had classified that maybe we could declassify at some certain point to give the broader public a sense that there is true oversight? I think the answer is yes."Jeffrey MacMillan / The Washington Post
4. Ellen Richey, chief enterprise risk officer, Visa Inc.
"If a foreign government sent a squadron of aircraft to bomb my data center, I presume the government would do something to protect me. But if a foreign government or its protected actors in organized crime send a squadron of hackers to attack my data center, the government doesn’t seem to be able to protect us."Jeffrey MacMillan / The Washington Post
5. Howard Schmidt, former White House Cybersecurity Coordinator
"This arms race in cyberspace we’re seeing where we have 27 countries now that declared they have cyber commands or its equivalents, they’re now declaring they’re creating cyber-offensive ... If that applies and you’re going to create a piece of malware that you’ll launch against someone else, that's fine ... You better make sure that it can’t be modified and used against you."Jeffrey MacMillan / The Washington Post
6. Jane Lute, former deputy secretary of homeland security
"Security is typically something that societies assign to their governments to handle. We want safe streets: Government, you run the police. We want a safe country: Government, you run the military ... That’s true in all space except cyberspace. That assignment has not been handed over to government ... So the real key question now is what role will government play?"Jeffrey MacMillan / The Washington Post
7. Bob Stasio, former chief of operations, NSA Cyber Center
"If you’re a company, the best thing to do is to understand that there is kind of a limit in investing in these static security measures. At some point you have to realize you’re going to get hit and you have to realize when that happens."Jeffrey MacMillan / The Washington Post
8. William J. Lynn III, former U.S. deputy secretary of defense
"It used to be the focus of cyber-intrusions ... [was] theft of information, theft of data, theft of money. We’re seeing a lot now of disruption ... and we’re on our way to actual destruction ... The other trend is cyber-capabilities, most sophisticated military capabilities, were [once] the province of sophisticated nation-states. That’s getting less and less true. A dozen guys in flip-flops with Red Bull.getting stuff off eBay can pose a significant threat."Jeffrey MacMillan / The Washington Post
9. Steve Chabinsky, former deputy assistant director, FBI Cyber Division (center)
"You have traditional lines of business that really never did have to worry about security before and so they’re really unprepared ... The government really has to figure out, how do you stop the bad guys here ... How do you bring the private sector in a professionalized way to help with security?"Jeffrey MacMillan / The Washington Post
10. Terry Roberts, former deputy director of Naval Intelligence
"I think there will always be a lack of trust for all the reasons we know between government and industry ... If we come to government, we’re really laying our reputation and our crown jewels in their hands. All it would take - no offense - is one insider to leak that information at the wrong time and our company could potentially go down the tube. But if you have those trusted interlocutors ... there are a lot of mechanisms in place."Jeffrey MacMillan / The Washington Post
11. Ben Powell, former general counsel, Office of the Director of National Intelligence
"Information sharing, the role of the government, the role of the private sector, are all controlled by a complex web of laws — many of which have not been updated to account for cyberspace ... We don’t complain that DOD has radars around the country that look for incoming missiles, incoming threats to the country ... We need to think about that government role in cyberspace."Jeffrey MacMillan / The Washington Post
12. Mark Young, former executive director, Directorate for Plans and Policy at U.S. Cyber Command
"We still seem to make decisions with a very industrial age methodology. We wanted to share information, coordinate. It just seems we need to update our processes and our structures to the information age."Jeffrey MacMillan / The Washington Post