“Americans can and should have confidence in our election system,” Wray said. “And none of the election interference efforts that we’ve seen put at jeopardy the integrity of the vote count itself in any material ways. And so in that sense, people can have confidence.” 

But that doesn’t mean there aren’t threats to the election process, he said, particularly highlighting foreign governments’ desire to meddle. 

“The other part, though, is the chaos, and the ability to generate chaos is very much part of the playbook that some of the foreign adversaries engage in,” Wray said. “And there is the potential. If we’re not all collectively on board, that chaos can ensue to varying levels.”

Wray and Nakasone spoke in a fireside chat moderated by Mary Louise Kelly, host of NPR’s All Things Considered, at the 10th International Conference on Cyber Security, held at Fordham on Jan. 9. Kelly asked how 2024 compares to the 2020 election year.

“Every election as you know is critical infrastructure,” Nakasone said. “We have to be able to deliver a safe and secure outcome. And so when I look at it, I look in terms of both the threat and the technology—but yes, it’s an important year, it’s a presidential election year, and we have adversaries that want to take action.”

Protecting America’s AI Innovation 

Nakasone said that as they look at foreign adversaries and how they are using AI, he noticed that they “are all using U.S. AI models, which tells me that the best AI models are made by U.S companies.” 

“That tells me that we need to protect that competitive advantage of our nation, of our national economy going forward,” he said. 

But that’s not an easy task, Wray added, noting China’s advantage in particular.

“China has a bigger hacking program than that of every other major nation combined and has stolen more of Americans’ personal and corporate data than every nation, big or small, combined,” he said. “If I took the FBI’s cyber personnel and I said, ‘Forget ransomware, forget Russia, forget Iran—we’ll do nothing but China,’ we would be outnumbered 50 to 1, and that’s probably a conservative estimate.” 

Nakasone said that’s why it’s important for the agencies to maintain the United States’ “qualitative advantage.”

“How do we ensure that our workforce is continuing to be incredibly productive?” he said.

Combatting Foreign Adversaries 

In addition to China, Wray and Nakasone highlighted Russia and Iran as threats, even as Russia is occupied with the war in Ukraine. 

“If anything, you could make the argument that their focus on Ukraine has increased their desire to focus on trying to shape what we look like, and how we think about issues because U.S. policy on Ukraine is something that obviously matters deeply to their utterly unprovoked and outrageous invasion of Ukraine,” Wray said.  

In order to combat their efforts to interfere in elections, Nakasone highlighted partnerships between agencies like the NSA and FBI, and the quality of work that U.S. agencies do.

“It will never be having the most people—it’s having the best people and the best partnership being able to develop and deliver outcomes that can address adversaries,” he said.

Calling Out Misinformation and Disruptions

Kelly highlighted a recent poll from The Washington Post that found that one-third of Americans believe that President Joe Biden’s win in 2020 was illegitimate and that a quarter of Americans believe that the FBI instigated the January 6 insurrection. 

“I’m not trying to drag either of you into politics,” she said. “But what kind of charge does that pose for your agencies as you try to navigate this year?”

Wray said it’s important for the NSA and FBI to call out misinformation right away. He highlighted how in October 2020, the FBI called out Iran’s interference efforts ahead of the November elections in an effort to make the messaging less effective.

“We have to call it out when we see it, but we also need in general for the American people, as a whole, to become more thoughtful and discerning consumers of information,” he said. 

The Use of Section 702: ‘A Vital Tool’

In December 2023, Congress gave a four-month extension to Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows intelligence agencies to conduct surveillance on non-American citizens who are outside of the United States without a warrant. The section has come under scrutiny as privacy advocates and members of both parties said it’s an overreach of government powers.

Nakasone called it “the most important authority we use day in and day out in the National Security Agency to protect Americans.”

He said that the agency uses it to address a number of different threats: “whether or not that’s fentanyl or Chinese precursors [to fentanyl]coming in United States, whether or not it’s hostages that foreigners take overseas, whether or not it’s cybersecurity, in terms of victims that we’re seeing in the United States.” 

Wray said that the section was “a vital tool.”

“This country would be reckless at best and dangerous at worst to blind ourselves and not reauthorize the authority in a way that allows us to protect Americans from these foreign threats,” he said. 

In the panel “Insider Risk: Mind Games” at the 2022 International Conference on Cyber Security on July 20, four experts on managing insider risk discussed the challenges that insiders pose to organizations and how their behaviors can be recognized and managed. 

The event featured three panelists—James Dennehy, special agent in charge of the FBI’s counterintelligence and cyber division; Eric Shaw, Ph.D., a clinical psychologist and founder of a company that helps organizations manage insider risks; and Doug Thomas, head of insider threat in counterintelligence and workplace violence and a managing director at JPMorgan Chase—as well as the panel moderator, Elsine van Os, founder and CEO of an insider risk management consultancy firm in the Netherlands. 

Problems Related to the Pandemic and the Great Resignation

There are four critical issues that impact insider risk management today, said Shaw: pandemic-related stressors, social identity stress, the rise of conspiracy theories, and new policies and practices that monitor former employees.

“The [pandemic-related stressors] pull directly on all the personal predispositions we associate with insider risk, whether it’s medical/psychiatric issues, personality, social skills issues, previous violations, or susceptibility to recruitment or social network risks,” Shaw said. “In psychology, we’re saying, ‘If there was a crack [before], now there’s a crevice.’” 

Van Os said another issue that is negatively affecting insider risk management is the Great Resignation. When employees leave their prior workplace, they often take home sensitive company data, thus eroding the company’s value, she said. 

FBI Security Measures: Multilayered and Still ‘Not Enough’  

Dennehy, a special agent for the FBI, said that the insider threat protections at his job are multilayered—but they aren’t enough.

“I work for the FBI. I have access to top-secret information. I have access to all the investigations that the field office conducts. So our insider risk and insider threat program has to be pretty layered—and it is. I started a new job at the New Jersey field office on Monday, so last Friday was my last day in the New York City office. I tried to get into the New York City office today to return a car. They didn’t let me in. I said, ‘No no no, it’s Jim Dennehy!’ And they don’t care,” he said. “My access to the New York office and to all of its files was cut off immediately.”

And that’s only one security measure. Every five years, Dennehy is polygraphed to check if he is spying on the U.S. government or showing signs of becoming a terrorist, he said. He is required to disclose all of his finances to the U.S. government on an annual basis, in addition to undergoing drug tests and mental health evaluations. But that’s still not enough to protect the FBI from insider threats, he said. 

In an insider threat study conducted by the FBI a few years ago, they found that hackers steal information by using their existing or shared credentials to increase their privileges in the company system, he said. In addition, there are likely double agents within the FBI, he said. 

“There are probably Robert Hanssens that still work in the FBI. Probably—we just don’t know about it,” Dennehy said, referring to the former double agent who pled guilty to 15 counts of espionage in 2001. 

‘I Want People to Be Engaged—For Their Sake’ 

Thomas said that one of the biggest challenges in insider risk management is convincing employees and executives that this is a real problem. 

“Unless they’ve actually had it happen to them and they know about it— [and]it’s probably happened, they just don’t know about it …  then it’s hard to convince the masses and the leadership that this really is a problem. It’s not a movie, it’s not just people with clearances, it’s not people who have access to weapon systems. This actually happens for real,” Thomas said. “I want people to be engaged—engaged for their sake, the firm’s sake, their coworkers’ sake—because if these things go wrong … it’s a big deal.”

In order to counteract insider threats, companies can seek to access more personal data from their employees, said Thomas. However, he added that they have to be sensitive about not being too intrusive.

“You have to be very careful about what kind of data you’re looking for, explaining why you want that kind of data, how you’re going to use it, how you’re going to protect it, and how you’re going to protect the reputations of the people you’re looking at,” Thomas said. 

How to Protect a Company’s ‘Crown Jewels’ 

Dennehy explained how the FBI helps research institutions and businesses to manage their insider threats and protect their assets. 

“What we want to do is …identify to us what your crown jewels are. What are your most protected assets besides your people? What information do you want to protect the most? And now let’s build your program around that.” 

At the end of the panel, Dennehy applauded JPMorgan Chase, one of the biggest financial firms in the world, for developing an insider threat program. The company’s action also serves as a lesson to other organizations, he said. 

“[JPMorgan Chase] probably learned because of mistakes. And they probably learned because of feeling the pain of that information going out the door,” Dennehy said. “Undetected, [the threat actors]could’ve taken down a billion dollar firm because that information could lead to the opening of a competitor company that’s now gonna take away their market share. And that’s where CEOs, CFOs, and C-suite are going to really start listening.” 

“I think we’re concerned about the same usual suspects in terms of nation states—Russia, Iran, China, each in their own way,” Wray said.

He recalled something another FBI official recently said: “The Russians are trying to get us to tear ourselves apart, the Chinese are trying to manage our decline, and the Iranians are trying to get us to get out of their way.”

“And we’re not going to do any of the above,” Wray said.

The pair described their agencies’ work to address these challenges at a fireside chat at the ninth International Conference on Cyber Security, held at Fordham on July 19.

Nakasone called 2020 “the pivotal year for the nation in cyberspace,” and said it taught him and his agency lessons that they’re applying today.

“We ended 2020 with SolarWinds [a cyberattack], and then we begin 2021 with a number of different instances,” he said, citing the Colonial Pipeline ransomware attack and others. “I know that informed me to think differently about what I should be expecting in the fall of 2022 … I’m thinking about traditional adversaries, I’m thinking about additional tradecraft, I’m thinking about new and unique ways that an adversary might try to disrupt or try to influence our elections.”

Even with Russia’s invasion into Ukraine and efforts there, Wray said they’re still expecting Russia to try and interfere in U.S. elections, and they’re working to prepare for it.

“I’m quite confident the Russians can walk and chew gum,” he said. “We are prepared and postured to counter both.”

He also noted that while some countries, like North Korea, have similar methods to the Russians, they are “differently situated.”

“North Korea, in many ways, is a cyber criminal syndicate posing as a nation state,” he said.

New and Evolving Threats

Wray said the agencies need to be prepared for “hybrid threats,” or those that start online and move into the physical world. He gave the example of how in the lead-up to the U.S. 2020 presidential election, two Iranian nationals led a campaign that aimed to “intimidate and influence American voters.”

The two individuals started by obtaining U.S. voter information from a state election website, before they sent emails where they pretended to be part of “a group of Proud Boys volunteers,” and created a video filled with disinformation, according to an FBI release.

“There was a little bit of hacking, but the disinformation layer that they built on top of that magnified potentially the risk of what would be relatively modest hacking,” he said.

Wray also cited Chinese multi-pronged attempts to interfere with a New York congressional candidate, Yan Xiong, who had previously participated in the Tiananmen Square protests before he became a naturalized U.S. citizen.

“We recently announced charges here in New York involving the [People’s Republic of China]’s efforts to detail a congressional candidate that started with, first, [them trying to]see if they could dig up dirt to prevent the candidate from being elected, and then if that didn’t work maybe manufacture dirt about the candidate, and when that didn’t work, [thinking]maybe we can have this candidate suffer ‘an accident,’” Wray said.

Wray said stopping these types of operations requires a mix of public exposure and law enforcement efforts.

“Most of these operations—if you think of them as influence operations—exposing them is a significant antidote to them,” Wray said. “But we also need some other kinds of disruption operations—arrests….sanctions.”

Dealing with Challenges at Home and Abroad

Wray said that the FBI focused on three main things related to election security: dealing with “foreign, malicious actors” pushing out fake information; investigating malicious cyber actors, both foreign and domestic, who target election infrastructure; and prosecuting federal election crimes ranging from campaign finance violations to voter fraud to violence.

“I think the first thing people need to be clear is we’re not the truth police,” he said. Their role is “targeting foreign and domestic malicious actors,” he said, and investigating federal election crimes and threats of violence.

He noted that violence, in any form, would be something the FBI would take action against, particularly the “alarming rise” of threats of violence against election workers.

“The idea that they would become targets of threats of violence is totally unacceptable,” he said.

Wray said that the attacks on the Capitol on January 6, 2021, were “a manifestation of another phenomenon, which is deeply troubling.”

“There are way too many people, in this country and to some extent, other countries, who are choosing to manifest their ideological, political, or social views through violence … in the case of January 6, [it was]that plus an effort to interfere with one of our most sacred constitutional processes,” he said. “There is a right way and a wrong way to express your views under our First Amendment, and violence and destruction of property, violence against law enforcement, that’s not okay. That is not First Amendment activity.”

Partnering with Each Other and the Public

He encouraged members of the public to play their role in helping protect the sacredness of elections.

“The best defense against malicious, foreign interference, all the way to something like a January 6th, is an enlightened, thoughtful public,” he said.

Working with the private sector, academic institutions, and members of the general public, in addition to collaborating with each other, are essential for both agencies, the directors said.

“What I learned in 2020 was the power of being able to engage with academic institutions and the private sector, with people that actually have this expertise that are looking at either ransomware or influence operations,” Nakasone said. “We bring the foreign insights of what the adversary is doing, the tradecraft, the techniques that they’re utilizing outside the United States.”

Wray said that today, all of the FBI field offices have “private sector coordinators” who lead their partnerships with local organizations and institutions.

Nakasone said that these kinds of relationships are not just beneficial for agencies like the FBI and NSA, they’re beneficial to members of those organizations too.

“It’s our insights on foreign intelligence—that’s something that the private sector just relishes,” he said. “The second thing is talent. When you’re on the other end of the line, you’re talking to an analyst from the U.S. Cyber Command and the National Security Agency. You’re talking to someone that is incredibly talented in terms of what they’re seeing, what they understand, the perspective of what they bring.”

Rocco Grillo, FCRH ’89, is a managing director in the New York office of Alvarez & Marshal, where he leads multidisciplinary teams that provide cybersecurity and incident response services to clients throughout the world.

He previously held a similar global leadership position at Stroz Friedberg, a digital forensics and cybersecurity firm co-founded by Fordham graduate and trustee Edward M. Stroz, GABELLI ’79.

Grillo, who earned a bachelor’s degree in sociology at Fordham College at Rose Hill, has worked closely with both corporate clients and government agencies, including the FBI and Secret Service.

“His 25 years of experience in cybersecurity advisory services, incident response investigations, and other technical advisory services, combined with his well-established understanding of commercial sector challenges and national security objectives, have made him influential to the development of national policy in cybersecurity—including the NIST Cybersecurity Framework,” according to The Consulting Report.

Anthony J. Ferrante, FCRH ’01, GSAS ’04, also has deep experience in both the public and private sectors. A former top cybersecurity official at the White House, he is currently the senior managing director and global head of cybersecurity for FTI Consulting.

Prior to joining FTI, he was the director of cyber incident response at the U.S. National Security Council from 2015 to 2017, and he previously served as chief of staff for the FBI’s Cyber Division.

In 2009, Ferrante, then a special agent in the FBI’s New York office, helped Fordham launch the International Conference on Cyber Security. The conference, typically held every 18 months at Fordham in partnership with the FBI, brings together university researchers, top security and law enforcement officials, and executives from companies including IBM, Microsoft, and Google.

More recently, Ferrante, who earned bachelor’s and master’s degrees in computer science at Fordham, helped establish the master’s degree program in cybersecurity at the University’s Graduate School of Arts and Sciences, where has served as an adjunct professor. In 2021, he joined the executive committee of the Fordham President’s Council, a group of successful professionals and philanthropists who are committed to mentoring Fordham’s future leaders.

“We’ve seen countless students graduate from the [master’s degree] program and start successful careers in cybersecurity, helping both to reduce the growing cybersecurity skills gap and better protect organizations from the endless barrage of cyber threats,” he told Consulting magazine in 2019.

Since 2017, Fordham has been recognized by the U.S. National Security Agency and Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education. The University is home to the Center for Cybersecurity, and its undergraduate and graduate programs emphasize both competency-based learning and applied research.

When he didn’t make either team’s roster, he set his sights on a career in law enforcement like his father, a police officer. He enrolled at St. John’s and soon found himself in a required first-year philosophy course.

“I approached my professor and I said, ‘Why do I have to take philosophy? I want to work for the FBI,’” Hughes recalls. “Lo and behold, I fell in love with philosophy. It absolutely grabbed me. And then, the same thing happened with theology.”

That passion for the humanities would not only inspire Hughes to pursue several graduate degrees, but it would inform the way he approached his non-academic career—first in the FBI and then as a lawyer. And that connection between studying the humanities and discovering a range of possible career paths is something he hopes to share with students as part of the Graduate School of Arts and Science’s GSAS Futures, a program that promotes career pathway preparation for Fordham graduate students across the arts and sciences.

Beginning Graduate Studies, and Shifting from the FBI to a Lawyer

After graduating from St. John’s, Hughes landed that dream job with the FBI, working in the agency’s foreign counterintelligence division, where he received a commendation from the agency’s director for “a security matter of great interest to the bureau and the nation.”

But he also had plenty of free time when he wasn’t working, and he decided to fill it by pursuing a master’s degree in theology at Fordham’s Graduate School of Arts and Sciences.

“It was a great school, a perfect place to study theology,” he says. “It was a very enlightening experience, and I had some great professors.”

He says Transcendental Thomism, a course taught by longtime Fordham philosophy professor Gerald McCool, S.J., who died in 2005, had a “tremendous impact” on him.

After completing his master’s at Fordham, and while still balancing his work at the FBI, Hughes earned a master’s degree in philosophy from Columbia, followed by a law degree from New York Law School. With his J.D. in hand, Hughes left the FBI and began his career as a lawyer, first as a law clerk to a federal judge, and then as appellate counsel for several law firms and as the deputy solicitor general for the New York state attorney general’s downstate appeals and opinions bureau.

Just over 21 years ago, Hughes began working at the Greater New York Mutual Insurance Company, where he currently serves as executive vice president & general counsel, corporate secretary. In that role, he oversees all of the company’s corporate legal activities and regulatory matters. He also finds himself working closely with, among others, the claims, personnel, and underwriting departments.

With all his success as an attorney in the public and private sectors, Hughes says his graduate studies—including an L.L.M. from the NYU School of Law and a second master’s in philosophy from the New School—have been essential to the way he approaches legal cases and his general counsel responsibilities.

“[When]  I wrote briefs and I argued them before the appeals court, there’s no question that the philosophical and theological framing factored into how I viewed and presented legal issues,” Hughes says. “Attorneys with whom I interact many times will tell me they appreciate talking to me about the law because I often frame issues and arguments from a different perspective. They like the fact that they get a different perspective on the law, and on other ways of looking at legal issues.”

Continuing to Study, and to Teach

Just last month, Hughes successfully defended his dissertation, earning a Ph.D. in philosophy from the New School.

He has also continued teaching his metaphysics class at St. John’s, where he continues to encourage students to keep an open mind about philosophy even though it is seemingly unrelated to their majors or career goals.

“I am heartened to see my students showing an interest in philosophy that they might not have otherwise shown had someone not told them that courses like philosophy could represent something more to them than simply an academic requirement for school,” he says. “I get a great reward out of seeing this realization in the students.”

One might wonder how Hughes has managed to balance his high-pressure, full-time legal work with his lifelong commitment to learning and teaching. He says it all comes down to passion and a sense of vocation.

“I don’t think you can do all this unless you truly love the things you are studying,” he says. “Over my career I’ve worked an average of 12 hours a day. It’s not just a nine-to-five kind of existence. I have a very loving family that always supports me, which has afforded me the opportunity to pursue my career goals and my studies.

“With the exception of the law degrees, I didn’t have to earn all these degrees, but I did it because I actually love studying philosophy and thinking philosophically. When you love doing something, it makes it a lot easier to do it.”

Fordham in the Family

Hughes’ connections to Fordham have only grown in the years since he studied at GSAS. One daughter, Kathleen, graduated from Fordham College at Rose Hill in 2014 and received her M.S.T. from Fordham’s Graduate School of Education (GSE) the following year. His youngest daughter, Brittany, is currently in her final semester of GSE’s five-year integrated teacher education track, which will result in an M.S.T. degree this May.

In addition to becoming involved with GSAS Futures, Hughes also serves on the GSAS Dean’s Leadership Committee. He says that when he spoke to GSAS Dean Tyler Stovall, Ph.D., about his involvement, he was struck by Stovall’s immediate grasp of the connections between studying theology and philosophy and a successful legal career—and that this shared view of academic pursuits only strengthened his commitment to being an engaged member of the GSAS alumni community.

“I was so taken aback—in a good way—when the dean told me why he had set up a meeting with me,” Hughes says. “I think what Dean Stovall is doing is fabulous. I immediately told him that I’m willing to put in whatever time it takes to do whatever I can for Fordham, for the dean, and for the students.”

A man answered the knock at the door. The agents didn’t know that this was their suspect. After a tense exchange with the agents, he pulled out a revolver and shot and killed two of them, Anthony Palmisano and Edwin Woodriffe, GABELLI ’62. He fled the apartment through a window, and city police and FBI agents captured him a few hours later. The murder of the two agents still resonates. Both were under 30, part of a tight-knit cohort of young agents in the FBI’s Washington field office, some of whom vividly recall the events of that day, January 8, 1969. And the killings were shocking for another reason. Woodriffe, 27 at the time, became the first black FBI agent to die in the line of duty.

For burial, he was brought back to his native Brooklyn, back to the city he loved, where he had worked his way through Fordham before launching his career in government service.

This April, the story of the earnest, witty agent who died too soon came back into the spotlight as the city honored him by making his name a fixture on the urban landscape. In a well-attended ceremony on a Brooklyn street corner, in the heart of the neighborhood where Woodriffe grew up, his immediate family spoke in remembrance of a radiant young man whose spirit seemed, somehow, to be present still.

A Child of Immigrants

Like so many New York stories, Edwin R. Woodriffe’s begins with immigration—his parents came to America from Trinidad when they were either in their teens or barely out of them, said Woodriffe’s daughter,  Lee Woodriffe, of Lithonia, Georgia. They  ran  a  dry  cleaning  shop   in the struggling Bedford-Stuyvesant neighborhood, getting up early every day—“no time off, no sick days, no nothing”—and instilling  a  strong work ethic in their children, she said.

The youngest of three boys, Woodriffe helped out at the dry cleaner’s after school and doted on his parents, Lee Woodriffe said. He was an altar boy at nearby St. Peter Claver Church, where he met his future wife, Ella Louise Moore, during Christian confraternity classes.

After graduating from Brooklyn Preparatory School, he earned a degree in accounting at Fordham’s City Hall Division at 302 Broadway, where he was vice president of the philosophy club. He paid his  way by working as a police cadet and as an elevator operator at Macy’s, his daughter said. Upon graduation, he and  Ella were married, and they had two children, Lee and her brother,  Edwin Woodriffe Jr. Lee was only 5 when her father was killed, but learned from others what he was like. He was a jazz lover who would sometimes play his saxophone on the roof of the building where the family lived, she said. A voracious reader interested in religion and philosophy, he was a deep thinker, which was apparent from his conversation and his humor, she said.

The idea of working in law enforcement had taken hold when he was young; he admired his older brother for being a New York City police officer. After working for the Treasury Department in enforcement, he joined the FBI in 1966. Sometimes he would sign letters “Eliot Ness,” Lee said, describing her father as “really good-natured, and just always cracking a joke.”

In the FBI’s Washington, D.C., field office, he was low-key and decisive, “a very classy individual” who was courteous toward crime suspects, said Ed Armento, a retired agent who trained under Woodriffe for a week.

Lee Woodriffe said her father was one of only a handful of black FBI agents. Retired agent Robert Quigley, GABELLI ’62, recalled working with three black agents besides  Woodriffe in the Washington field office. Given Woodriffe’s talents, “there is no doubt in my mind that [he]would’ve been one of the top FBI executives had he lived,” Quigley said.

He recalled a story of solidarity against racism that  was  told  to  him: When Woodriffe was an FBI trainee in Washington, D.C., he and his classmates went to suburban Maryland to rent apartments, but they all pulled out of a pending housing contract when told Woodriffe would be barred. “The other agents were aghast,” Quigley said, so they sought housing elsewhere.

A Tragic Day

Quigley remembers the day when agents learned of a bank robbery by Billie Austin Bryant, an escaped federal prisoner. Woodriffe, Palmisano, and another agent went to the apartment where they had heard  Bryant’s  wife or girlfriend lived, said  Quigley,  citing reports  prepared  afterward. The agents couldn’t have known it was Bryant who opened the door when they knocked—“They have no photograph, no idea what he looks like,” Quigley said. “Back in those days, all we had were radios in the car. There was no way to send a photo.”

Bryant told the agents the woman they were seeking wasn’t there. When they asked to come in and wait for her, he refused and started to close the door. Woodriffe put his foot in the door to stop him, and Bryant pulled out his revolver. Woodriffe and Palmisano never got a chance to pull their firearms, said retired agent Charles Harvey, who tried to revive the two agents soon after.

Bryant surrendered to a police detective six hours later, after being tracked down to an attic in a building where someone had reported noise, said Quigley, who was there when Bryant was captured. Bryant was sentenced to two consecutive life sentences with no chance of parole.

The 50th anniversary of the two agents’ deaths was commemorated  in Washington in January by the bureau’s Washington field office and the Society of Former Agents of the FBI. Harvey spoke at the event. “Our job is to never forget,” he said.

Meanwhile, in Brooklyn, another remembrance had taken root.

A Street Renamed

St. Peter Claver Church sits at the intersection of Jefferson Avenue and Claver Place in Bedford-Stuyvesant. Lee Woodriffe spearheaded the two- year effort to have the City Council co-name the segment of Jefferson Avenue starting  at  that  intersection  in honor of her father, hoping to keep him present in a part of the city that was important in his life, she said.

“I did not want his final resting place in people’s minds to be in Cypress Hills Cemetery,” she said. “It’s very important to me that [his story]come full circle, but come full circle in the right way.”

The co-naming sends an inspiring message, she said. “Here is somebody who came from an impoverished area, odds stacked against him, but through perseverance and diligence and having integrity and wanting to do  better, rose up through the ranks and really made something of himself. It’s a story of hope, and what you can become.”

On April 26, FBI Special Agent Edwin R. Woodriffe Way was formally christened in a ceremony attended by FBI agents, New York City police,  city  officials,  clergy,  and  friends   and members of Woodriffe’s family, including his widow, Ella Woodriffe.

“There’s a saying that hatred corrodes the vessel it’s carried in, but today I  have  no  hatred,”  she  said.  “I speak with heart-filled joy and thanking God for allowing all of us to be here in attendance as a testament to my husband’s memory.

“His  story  began  right  here   at  St. Peter Claver Church,” she said. “Edwin went to school here. He went to church here. He was an altar boy here. We met as teenagers  here.  …  We were married here, we had two children, and lastly, he was funeralized here. He will be forever remembered in our hearts.”

Edwin R. Woodriffe Jr., who was 6 when his father died, lacks vivid memories of him. “There are photos and stories from friends and family, but the nuances are lost,” he said at the ceremony. “What was his favorite color? I don’t know. I have one of his high school essays on basketball. Were the Knicks his favorite team? I don’t know, and if I did, I don’t remember.

“But he got a B+, by the way, on the paper,” he said, to laughter.

“The thing I  remember  most  is the idea of  him  represented  inside  the family,” said Woodriffe, whose mother got help from extended family in raising him and Lee. “I feel blessed that my father’s sacrifice was a part  of inspiring my sister and I to be the adults that we are today. And on the 50th anniversary of his passing, I’m honored to see his name on this corner, where his story can continue.”

Auxiliary Bishop James Massa of the Diocese of Brooklyn also spoke at the ceremony. He said the newly unveiled street sign is a reminder “that a great New Yorker once lived among us and overcame racial barriers in order to serve, in order to protect the vulnerable and contribute to the common good of our nation.”

Every 18 months, the International Conference on Cyber Security, or ICCS as it’s known, has convened leaders from academia, the private sector, and government to the University’s Lincoln Center campus. Past conferences have featured the heads of the CIA and the NSA, and this year’s gathering, which took place from July 22 to 25, concluded with remarks by FBI Director Christopher Wray.

Anthony Ferrante, FCRH ‘01, GSAS ‘04, a former FBI agent who was director of cyber incident response for the National Security Council from 2015 to 2017 and is currently global head of cybersecurity and senior managing director at FTI Consulting, participated in this year’s panel “The Tipping Point: Cyber Risks to Election Systems.” Fordham News caught up with him during a break in the action.

Listen here:

Full transcription below:

Anthony Ferrante It’s happening. It’s happening today. The question is, is at what point do we all sit up and take notice and take steps to really get in front of these threats and to make it a top priority?

Patrick Verel: Ten years ago Fordham and the FBI committed to bringing together the world’s best and brightest experts on law enforcement and computer science. Every 18 months, the International Conference on Cyber Security, or ICCS as it’s known, has convened leaders from academia, the private sector, and government to the University’s Lincoln Center Campus. Past conferences have featured the heads of the CIA and the NSA, and this year’s gathering, which took place from July 22nd to July 25th, concluded with remarks by FBI Director Christopher Wray.

Anthony Ferrante, a former FBI agent who was director of Cyber Incident Response for the National Security Council from 2015 to 2017 and currently global head of cybersecurity and senior managing director at FTI Consulting, participated in this year’s panel, The Tipping Point: Cyber Risks to Election Systems. Fordham News caught up with him during a break in the action.

Let’s talk about 2008. How and why did Fordham, which is your alma mater and the FBI, which you joined in 2005, team up to tackle cybersecurity?

AF: So the FBI and Fordham roots grow much deeper than cybersecurity. Believe it or not, when I was in the FBI in the New York field office in 2005 through 2013, there was always a consistent large, large consistent group of Fordham alumni in the field office. And when I say a large group, I would say anywhere from 50 to 100 Fordham alumni working in the New York field office, which is a large amount of alumni for a single field office. Myself, being a former alumni, studying computer science, always maintained excellent relationships with the faculty in the computer science department, and then of course in the university’s administration.

It was late 2007 when myself and a good friend Clavius Distinguished Professor of Computer Science, Frank Hsu—we’d regularly met for dinner right around that period of time, and we talked about the global implications of secure cyber networks, and how it’s more than just the responsibility of governments or private industry or academia. It’s actually in order to be successful in this space, we need a partnership between the three.

PV: I’m intrigued by this notion of bringing together the three different entities, that it’s not just about law enforcement. It’s not just about education. It’s not just about the private sector. It’s about all three working together. Is there something you can point to say like, this is, especially when you were with the FBI, that you could say having worked with somebody from an educational institution or a private sector at the time that you got out of the conference, like a contact that you made that you wouldn’t have made if the conference never had happened?

AF: Oh, absolutely. I mean, I could talk for hours about various cases, FBI cases that were enhanced just because of this event where representatives from Eurasia would come to this event and meet with their counterparts in Europe or the United States and they would break off and have meetings in private rooms where they would broker advancements in various investigations that they were working on. And it’s actually stories like that, that make me most proud of this event.

PV: You came here to talk about cyber risks in the election systems, which are obviously going to be on people’s minds next November. What’s your current take on the state of affairs now?

AF: I think it is definitely something significant that the entire country should set up and take notice. This is something we’re staring at as we enter into the election cycle, and risks to the electoral infrastructure should not be ignored. Not only should states and government officials be aware of the risks that they’re facing, but they should be equipped to handle those risks because in the world we live in today, there’s no way to avoid it. We have to confront it head on or suffer the repercussions.

PV: Scale of 1 to 10, 1 we’re completely unprepared, or 10 things are great, we’re doing in good shape. Where would you put us right now?

AF: I would say anywhere from four to six. I think that there are a lot of really important skilled people focused on the issue, but I also think there’s a lot of talk and not a lot of action, and I do think that the government today is spending a lot of time and making a lot of investments to prepare the states to confront this threat head on. But I also always think there’s room for improvement.

PV: It’s kind of crazy, right? I mean you’re talking about a system that relies upon 50 different states, all managing their own elections.

AF: Fifty different states and numerous different counties. I remember when I was at the White House actually doing preparedness and response in preparation for the 2016 presidential election, we learned some states actually conducted their voting hundreds of different ways throughout the state. So there was no single cookie-cutter solution for that single state, nevermind, as you just said, 49 other states. So it is a very complex issue, but the complexities of the issue actually give the United States a little bit of security just knowing that it is such diverse and distributed system, that there is no single point of failure per se, but there are many different little points of failure that the country needs to be aware of.

PV: If you learn to hack one system, you’re not going to be able to hack them all basically.

AF: It’s not going to be that easy. Right? And when I was working for the Obama Administration, we went to great lengths to study this and to look into this. And to hack an electoral system and actually manipulate votes without it being noticed is extremely hard, if not impossible. That is just one example of some of the built-in redundancies and securities of the system. However, like I said, there were just so many different systems and different ways to do, different ways for Americans to cast their vote that there are vulnerabilities throughout.

PV: Now for as long as I’ve been covering ICCS for Fordham, the Internet of things has been an area of concern with all sorts of devices being sold to the public that can easily be hacked. Have you seen any improvement in this area?

AF: No, absolutely not. Unfortunately, people ask me all the time, what is the greatest risk that you see or the biggest threat that you see, and you, some people will be, well some people say, “Oh goodness, the greatest risk I see is an attack on the electrical grid.” Don’t get me wrong, an attack in the electrical grid will have serious consequences, but that’s not the greatest risk.

PV: It’s Alexa, isn’t it? Alexa is going to take us all down, right?

AF: No. Alexa is a great tool, but it is an Internet of things tool. I will say my fear, the greatest risk when people ask me that question is I say is the Internet of things. You’re talking about 5.5 million devices coming online per day. I think the latest number I read was by 2025 there will be 50 billion devices, Internet of things devices online, on the public internet. Those can all be taken over and turned into armies of robots to conduct different adversarial activities.

I don’t even know where you’d begin regulating space like that, just given the fact that these technologies are designed and developed all over the globe, and sometimes it just comes that consumers look and they want to buy the cheapest device they can buy. And when you do that and you take that device home and you plug that into the global internet, you actually put a small computer online. And that small computer can be compromised and then turned into a robot that can be used to conduct any number of activities from conducting a denial-of-service against a major financial institution to exploiting a major vulnerability in a small tech company.

Don’t get me wrong, Internet of things devices are extremely convenient. They add certain comforts to one’s life. But what I always tell people, cybersecurity is risk management. You can’t properly manage risk if you don’t know the risk. So what I do is I get out and I speak to people about what the risks are. Once you know the risk, then it’s up to individuals to make the decision on their own. And believe it or not, when it comes to Internet of things devices, Americans today probably use two to three Internet of things devices and they don’t even know it. It’s-

PV: Give me an example. What would be something that people might be using and not even realize that is connected to the internet?

AF: If they subscribe to a major cable company and have cable at home and have a digital video recorder, a DVR.

PV: That would be me.

AF: That is an Internet of things device. A mobile phone is an Internet of things device, a smart watch, a Nest thermostat, an IP camera.

PV: The thing that seems the most frustrating is that the onus is on consumers to sort of be on top of the game when it comes to the security of these things. But most of us don’t have that kind of background, nor do we have the time to kind of look into these things. What are we supposed to do? Or how do you know exactly whether these things are secure?

AF: Yeah, I mean that’s a really fair question and it’s a question I’m asked all the time. For an average consumer, there is no one-stop shopping to know. Purchasing a certain device comes with these risks versus another one. It all depends on how the manufacturer markets their device and how easy they make it. And candidly, most consumers don’t care right now. I think that is the bigger question, is why don’t they care?

I’ve worked cybersecurity and cyber crime going on 20 years now and I’ve met with some of the biggest organizations on the planet to talk to them about significant cyber incidents that they were facing at that given moment. And they would work with me to help mitigate that risk and overcome it. But they really didn’t sit up and take notice until they realized that it was personally affecting them. It could be their personal machine or their personal safety or their bank accounts, their personal financial situation. And that’s something that I think, I think a lot of people, including our government is still grappling with today.

I can’t tell you how many times I heard in Washington that we just have not yet had a cyber 9/11 which is appalling for me to hear for two reasons. One is because I lived and worked in New York City on 9/11, and to even use that in a political statement of why we should not invest or take cybersecurity seriously is just appalling to me. But in another sense, I would say that we had a foreign entity partake in a massive campaign to affect the way the American people thought about certain issues in an attempt to influence their vote on Election Day, to literally undermine one of our bedrock principles, which is the right to conduct free and open elections, that so many of our forefathers and ancestors died for that right.

PV: If that’s not your 9/11 of cyber, what is exactly? I guess you have to shut down somebody’s electrical grid to get their attention.

AF: And that’s happened twice. It happened in Ukraine.

PV: That’s right overseas, yeah.

AF: Two days before Christmas, twice, two years in a row. So it’s happening. It’s happening today. The question is at what point do we all sit up and take notice and take steps to really get in front of these threats and to make it a top priority?

PV: What’s the greatest cybersecurity threat that Americans face that they’re not aware of, but they should be?

AF: The first two we’ve already heard about that. The third one I want to dig into a little bit. The first one is the Internet of things. They’re just coming online at exorbitant speeds. The second one we’ve also touched upon, which is the weaponizing of information. I think our adversaries have seen how this can have such a large scale effect on the way, the American way of life. The third and equally significant risk that people should be aware of is data.

Data is much more than just an asset. It can also be a huge liability. And data is being generated every single second. So much data is being generated by our smart devices, by our usage of a computer, by our searches on a computer, by our interactions with various Internet of things devices. And as we interact with these platforms, data is being generated. Whether it’s data on us, our habits, our family.

I’m not talking just data of documents and words in documents. I’m talking about the tone of our voice, the health of our voice, the different questions that we may be searching for on our devices or asking our smart devices for responses. All that is data that is being collected and harvested somewhere. And I think it’s important for people to understand the risks associated with that data.

I would say a fourth threat that definitely has me concerned is the threat of the insider. What is the insider threat? For different organizations it means different things. But the reality is, is the insider threat is someone living and working within your organization every single day, somebody who has an access ID, somebody who has a login to your network infrastructure, and someone who in theory has access to your data and in some cases your most sensitive data.

The insider threat has always been a threat, but now that I am in private practice, I am seeing more and more cases of insider threats crossing my desk, where organizations need help identifying rogue employees that are stealing information and potentially selling it to competitors, selling it to nation states, or conducting activities on their network to sabotage infrastructure.

PV: You know, what’s really funny? I think about data. This is weirdly enough, this is a question I thought of just this morning as kind of a joke, but I think it actually ties into what you were just saying.

AF: Yeah.

PV: Should I be using FaceApp?

AF: No comment.

But the agency cannot go it alone.

“Just as technology has become a wonderful force multiplier for the good guys, it has become a force multiplier for all sorts of bad guys—for terrorists, hackers, child predators, and a lot more. User-controlled default encryption is a real challenge for law enforcement,” he said, echoing comments that U.S. Attorney General William P. Barr made at Fordham on Tuesday.

Wray’s appearance at Fordham’s School of Law closed out the 8th International Conference on Cyber Security (ICCS). He last visited Fordham in January, 2018, when he delivered the opening remarks for the 7th ICCS conference.

To illustrate the FBI’s ongoing efforts, Wray highlighted the Bureau’s involvement in the December take down of APT10, a hacking group associated with China’s Ministry of State Security. The group had compromised the networks of U.S. government agencies and 45 companies around the world.

Working with field offices around the country and agencies such as the Defense Criminal Investigative Service, and the Department of Homeland Security, the U.S. Department of Justice obtained criminal indictments against two members of the group.

“The indictments marked an important step in publicly exposing China’s continued practice of stealing intellectual property to give Chinese firms an unfair advantage in the marketplace,” he said, noting that it also let to the first formal declaration that China had violated the 2015 Cyber Commitments agreed to by the United States and China.

“By revealing the names and activities of hackers in cases like these, we limit their travel and job prospects, and we increase significantly their cost to operate. An indictment signals to our allies that we’re so confident in our assessment of culpability that we’re willing to put the full weight of the U.S. criminal justice system behind it.”

Wray addressed foreign influence in his remarks, noting that the bureau fully expects to see in 2020 efforts to target election infrastructure to exact ransoms, temporarily disrupt election operations, and undermine voter confidence in the electoral process.

“Happily, we’ve yet to see attacks manipulating or deleting election and voter-related data, or attacks that actually take election management systems offline. But we know our adversaries are relentless. So are we,” he said.

Equally important, he noted, was foreign investment. If adversaries can’t access our most valuable and sensitive information, he said, they may try to buy their way to it. Working with the Committee on Foreign Investment in the United States, the Bureau has access to data about sensitive industries unavailable to private citizens. Don’t overestimate the effectiveness of protections and countermeasures available to your company, he said.

“A decision to enter into a particular joint venture or contract with a particular vendor or cloud computing company may look good today – it may make a lot of money this quarter. But that decision might not look so great five years down the road, if you’re then in the throes of a slow bleed of data. Or, worse, if you’re then suffering a major hemorrhage of intellectual property,” he said.

“So you’ve got to take steps, and make hard choices, to safeguard your R&D, PII, and proprietary data even after a deal is done.”

The issue of lawful access to encrypted data was where he was most hopeful that the private sector and law enforcement could learn to cooperate. In a New England town last month, he said the FBI received a tip that a nine-year-old girl was being sexually abused, and that the abuser was using an app—which Wray declined to identify—to distribute images of her anonymously. Agents contacted the app provider, located the child in less than 24 hours, obtained multiple search warrants, rescued her and arrested the suspect.

“Law enforcement receives millions of tips like these every year. I don’t want to think about a world in which we lose the ability to detect dangerous criminal activity because a technology provider decides to encrypt this traffic – data “in motion” – in such a way that the content is cloaked and no longer available subject to our longstanding legal process,” he said.

The FBI has been “hearing increasingly” from cryptologists that there are solutions that could work to protect encryption and fulfill law enforcement’s need for accessing encrypted communications, he said, which gives him hope that a mutually acceptable solution may emerge soon.

“This is not just a national security issue, it’s a fundamental public safety issue. If it is not addressed, it impedes not only federal law enforcement, but our state and local partners as well,” Wray said.

On the second day of the 2019 International Conference on Cyber Security, three U.S. officials—Justin Lee, special agent at the FBI’s Sacramento field office; Orin Paliwoda, special agent at the FBI’s New York office; and Sagar K. Ravi, assistant U.S. attorney for the Southern District of New York—gathered in a crowded Fordham Law School room and rehashed the case. 

From around 2006 to 2018, a hacking group called APT10, short for Advanced Persistent Threat 10, stole sensitive data from computers belonging to the U.S. government and more than 45 commercial and defense companies worldwide. Acting in association with the Chinese Ministry of State Security, APT10 exfiltrated confidential data related to aviation technology, satellite technology, advanced electronic systems, laboratory analytical instruments, maritime technology, oil/gas drilling, and even NASA Goddard Space Center. In December 2018, two APT10 members were indicted in the U.S. 

“The fundamental question is, what does China want when it hacks? What is it looking for?” said FBI special agent Paliwoda. 

Among China’s strategic intelligence priorities—aligned with some targeting priorities of APT10—are political power and stability, military power, and economic development, the agents explained. Another is much bigger. 

“One of China’s goals is to replace the United States as a leading superpower, both in the cyber realm, and in space. They want to be a leading dominant force in the military. Specifically, China wants to surpass the United States in each of these categories,” said FBI special agent Lee. 

There are several protective strategies for companies facing cyber threats like APT10, said Paliwoda. One of them is to assume the hackers already have access to your prime method of communication, and instead use out-of-bound communications. Another is to ensure that your communication traffic logging is as complete as possible. 

“You want to make sure that you have all your tools in place to find the communication traffic that could be outside the scope of what is normal to your system, and then narrow it down to find the actual server that is possibly infected,” Paliwoda said. 

What also helps, said Ravi, is teamwork, like the one shared among U.S. federal agencies to combat the China cyber threat. 

“The private government partnership is so vitally important to combating these threats,” Ravi concluded. “We certainly want to work with any victims out there, to work together to continue to be able to take actions like this.”

That was the central question at the session “How Smart Are Your Smartphones?” presented by Md Zakirul Alam Bhuiyan, Ph.D., assistant professor of computer and information science at Fordham, on July 23. Bhuiyan has written more than 120 papers published by IEEE and ACM—two of the most prestigious professional societies in his field. 

On the second day of the 2019 International Conference on Cyber Security, he spoke about the pros of using Wi-Fi, potential drawbacks of a network’s security and privacy concerns, and possible solutions. What’s wonderful about Wi-Fi, he said, is it piggybacks on already deployed infrastructure and works through thick walls. These days, people can even use Wi-Fi to transform themselves into human remote controls in their homes. Using simple hand gestures and a nearby Wi-Fi network, they can turn off lights and TVs, he said, showing a few sample videos on a projector screen. 

However, Wi-Fi has its fair share of cons. There are too many interferences, he said, leaving a network vulnerable to channel state information (CSI) attacks. A person sitting a few feet away from you in a cafe could compromise your confidential info, he said. 

In order to hack a person’s Wi-Fi network, a hacker needs to achieve four things, said Bhuiyan: force a victim’s device to be a Wi-Fi sender, locate CSI segments generated by password input, reduce noise in raw CSI data, and infer the person’s password using CSI. 

But smartphones are smart enough to deter some hackers. One possible way to protect people from hacking is CSI fingerprint localization, he said. Another method is one he’s currently working on: a non-cryptography-based authentication technique. 

After spending a good deal of the session on the vulnerabilities of Wi-Fi, Bhuiyan talked about a new, innovative purpose for those network signals: using them to detect guns in a non-invasive way. The signals can scan a person’s body and, through signal variations, distinguish the difference between soft, human flesh and a weapon’s hard metal exterior. Compared to cameras and probing human hands, they are less invasive. More research is needed, he said, but this method holds promise for the future—a future where Wi-Fi will remain ubiquitous. 

“We are talking, we are sitting, moving … wherever we are, our Wi-Fi can be utilized to monitor us everywhere,” Bhuiyan said. 

Barr, the first cabinet-level official to address the 10-year-old conference, began his talk by comparing stark advances in technology that have occurred since his previous tenure as attorney general from 1991 to 1993. He singled out encryption technology as particularly praiseworthy.

“Encryption provides enormous benefits to society by enabling secure communications, data storage and on-line transactions,” said Barr. “We can now better protect our personal information, more securely engage in e-commerce and internet communications, obtain secure software updates, and limit access to sensitive computers, devices, and networks.”

He pivoted quickly though. Like many FBI directors who have spoken at ICCS in the past, the attorney general focused on the frustration that law enforcement officials encounter when trying to gain time-sensitive information from encrypted devices.

“We welcome these improvements to privacy and security, and will work to preserve and strengthen them,” he said. “But at the same time, we must recognize that our citizens face an array of threats to their safety far broader than just cyber threats. Hackers are a danger, but so are violent criminals, terrorists, drug traffickers, human traffickers, fraudsters, and sexual predators—you name it.”

Barr pointed to one particular Mexican drug cartel as one of the looming threats the country faces.

“The cartel started using WhatsApp as their primary communication method, preventing U.S. law enforcement from conducting wiretaps that would enable us to locate fentanyl shipments and seize them at the border,” he said.

“We also found that the cartel had established a WhatsApp group chat for the specific purpose of coordinating the murders of Mexico-based police officials.”

The attorney general also laid out his legal reasoning for tech developers to provide access to encrypted messages.

“The Fourth Amendment strikes a balance between the individual citizen’s interest in conducting certain affairs in private, and the general public’s interest in subjecting possible criminal activity to investigation,” he said.

At the founding of the nation, an individuals’ “zone of privacy” was primarily considered one’s home. Technology changed the definition of this zone, he said. The introduction of the automobile created a new sphere of privacy. He noted that, like digital technology, the rise of the automobile facilitated economic growth and prosperity. But if the zone of privacy was extended to automobiles, it would be difficult for law enforcement to get a warrant before conducting a search. By the time police could have obtained a warrant the suspect would’ve driven away.

“[This] brings us back to today’s topic, data encryption,” he said. “With each of these earlier examples, our society has ensured that the traditional balance between individual privacy and public safety was maintained, as reflected in rulings from the Supreme Court.”

By creating a “warrant proof” environment, Barr argued that service providers, device manufacturers, and application developers are creating a space that may protect customers, but they are doing it in a way that “eviscerates society’s ability to defend itself against other types of criminal threats.”

If tech companies continue to resist efforts to work with law enforcement, he said, they run the risk that a drastic cyber-attack that might sway public opinion toward more law enforcement access to encrypted information. In the meantime, he advised that companies should be prepared to change and to bear the cost of that change.

“Some who resist lawful access complain it places an unreasonable burden on companies, who must spend time and resources on developing and implementing a compliance mechanism. To that, I first say, ‘Welcome to civil society,’” he said, later adding, “’If my business plan is to sell sawed-off shotguns,’ That’s tough. We as a community have a right to say, ‘No, we don’t care if that’s your business plan, the barrel has to be this long.’”

He said that like the automobile, the telephone, and more recently, cable companies, all technologically advanced companies must come to terms with unintended consequences associated with their products.

“In the tech sector, for example, we have seen a significant voluntary response to address the integrity of political elections in the United States following revelations about foreign interference,” he said.

He cited his own tenure as general counsel at ATT when the Communications Assistance for Law Enforcement Act imposed a “statutory duty on telecommunications carriers to maintain the capability to provide lawful access to communications over their facilities.” The same rules should apply to physical and digital media alike.

“I think it is absurd to think that we would preserve lawful access by mandating that physical telecommunications facilities be accessible to law enforcement for the purpose of obtaining content, while allowing tech providers to block law enforcement from obtaining that very content.”

He ended with by paraphrasing Microsoft’s Bill Gates’ saying that “there’s no question of ability; it’s the question of willingness” of the tech companies in “exploring solutions that will provide lawful access.”

“It is time for the United States to stop debating whether to address it and start talking about how to address it,” he said.