Fcc chair ajit pai spoke about 5g technology and the need for the United States to lead the world in its development and the importance to think about security now before the system is established. It was hosted by the Wilson Center in dc. Good afternoon everybody, and everybody who is in line on the security line, and everybody watching us very soon on a cable network. I am jane harman, president of the Wilson Center and today we are probing a very complicated issue that is be doubling policymakers in washington and all over the world. At least three parts of that problem are the us, china and the 5g supply chain. The Wilson Center has just produced, let me get my prop, this is a prop, a spectacular policy brief by melissa griffith, who you will see in a little bit which is entitled there is more to worry about than huawei. She will explain in detail but run, dont walk, get this and read it. What captures the attention around 5g is Chinabased Huawei has led the way in developing the superfast networks which will power self driving cars, virtualreality and cuttingedge technology. Since chinese companys are required by law to comply with information requests from Chinese Intelligence Services us officials are properly concerned that companies who want to incorporate this Chinese Technology and the data of their users. Other ways it could be compromised too, but a few more thoughts. The mantra that defined the last decade was move fast and break things, suggestion from here, we should think about slow down and assessing and that is what you will here today, what is the problem and what are some policy solutions that will help solve the problem. Fortunately the Wilson Center offers policymakers and their staffers the tools to assess new technologies like 5g and the implications for National Security. For the luddites in the room there are any, our audiences are always smart, 400 staffers from capitol hill, from nearly 300 offices on capitol hill a foundation in Technical Skills through our bipartisan, bicameral, cyber, and ai boot camps or labs that take place each friday. That is part of our science, technology, and Innovation Program, which is brilliantly led by matt king. She is hiding in the corner. She directs our socalled skip program, science, technology and Innovation Program where these labs are housed. Overall, 800 hill staffers have come here on friday. The others have gone to our Foreign PolicyFellowship Program so they can learn foreignpolicy as well as we can teach it. Today, we are talking about one problem we have talked about, we are delighted to welcome the man with the plan, ajit pai. Last time i saw ajit pai was in the hamptons in a warmer period of this year and possibly less hectic than the one we are in now but we participated in a panel and i learned a lot and we discussed this coming year and guess what happened . He is the first fcc chairman to go viral. Often appearing in videos where he embraces internet means while announcing new policies. He joined the federal Communications Commission in 2012 appointed by president obama for a 5year term in 2017, he was designated as chairman by donald trump. Good, bipartisan, love it. He has worked at the doj, u. S. Senate and the fcc office of general counsel and in the private sector at verizon. He joined me today to discuss a proposal, two, which the commission will vote on on tuesday. I wont summarize what they are because he will tell us what they are. That is my first question and following the conversation and audience questions there will be a panel of really smart people who will introduce themselves joining us and one of those ironies told you is the author of this amazing science Technology Innovation program. What do we call this . Policy brief. Im going to sit down and we are going to have a short conversation so get your brilliant questions ready. Thank you very much. [applause] first question is a surprise question. The fcc is proposing two rules. What are they. Before i answer it i want to express my gratitude for the Wilson Center, to host this, this is been the locus of the most important policy discussions in washington and in my view i dont think theres much more important than this. I thank you for your leadership in congress over the years, i found consistently on the House Intelligence Committee and other legislative assignments, you discharge your responsible is with a sense of the partisanship and focus on the National Interest as opposed to narrow partisan interest of the time, very much appreciate that. I want to say on a personal note i feel like i have been chasing you, we actually share the distinction of being chief counsel of the subcommittee on the constitution in the Senate Judiciary committee. Obviously you have gotten to Higher Grounds and i feel i have a little bit of chasing to do to keep up with you. Who was your chairman kick you sam brownback, former house member. So this is a really important conversation. The question is what is 5g and why does it matter . The United States we made it a priority to lead in the development and deployment of 5g technologies because these are increasingly going to transform american industry to healthcare, agriculture, education, manufacturing to shipping. We have done that by implementing the 5g fast plan, a plan for facilitating american superiority in 5g technology. You can find a planet sec. Gov 5g. Getting more Wireless Infrastructure deployed, and infrastructure of the future and promoting more Fiber Deployment which is critical for carrying wireless traffic into the core network. What the metrics of success have been so far, we went to advance American Leadership in 5g. With the future comes a major challenge as you know, which is the attack surfaced in terms of security is much greater. 5g will be unlike predecessor technologies like 4g and 3g in that these will be software defied as opposed to defined by hardware and the software could be located anywhere in the world. Because we are talking billions more connected devices coming online it wont just be phones but refrigerators to cars, we need to ensure security protocols are followed up front as opposed to afterthefact. The United States position overall is we need to think about 5g security now at the early stages of deployment as opposed to afterword when retrofitting might be prohibitively expensive if not impossible. What is the fcc doing to accommodate this interest . We will be voting this coming week on a proposal that is both forwardlooking and backward looking. The forwardlooking component involves universal service fund. This is a 9 billion annual x venture fund and the money from the fund is into Telecom Companies across the country primarily to deploy broadband infrastructure in rural areas and underserved areas. One of the things we propose Going Forward is to prohibit the use of that funding being used by recipients unequipped and or services that have been determined to present a National Security threat to the United States based in part on legislation passed by congress on a bipartisan basis last year the National Defense authorization act, we included an initial designation huawei and cts companies that would be on the prohibited list in terms of Ways Companies can use this money. The backward looking component is to say we understand there may be problematic equipment already in our networks so we are starting a conversation about understanding where that equipment might be, who is using it, what it is being used for etc. And also to start a kickstart conversation about how we finance the removal and replacement of any quit but especially to the extent we are talking about rural carriers disproportionately that incorporated problematic equipment, they might not have the resources to do that and in consultation with the members of congress and others we want to make sure we have an accurate sense of where we are right now. Forward looking and backward looking set of proposals we are voting on next week. What is the prognosis . Will it pass . I hope it will end on a bipartisan basis i know the time in which the political environment has become tribal lies but when it comes to National Security we do speak with the unified voice and my expectation based on conversations with my colleagues is we will see a strong bipartisan note next week. What we see in terms of letters from congress weve seen members from both sides saying we support your efforts in this regard. Basically this is using a us fund as leverage to get companies to do something on a forwardlooking basis and on a backward looking basis to trade in technology they may have already purchased because there is Huawei Technology in the United States already for nonhuawei, nonChinese Technology but the rest of the world out there, how do you see this in the context of a world where Huawei Technology is available just about everywhere, certainly not just here . That is why i have been very involved not just domestically but across the United States government to other countries and representatives of the United States government on these issues and not just with respect to the company, we recognize the risk profile applies to any company, we want to understand the risk framework for any company putting incredibly Important Services into our network so our message for our allies has been we want to make sure we all have common understanding what the risk is and how we might Work Together to share information about how the risk may be materializing. That is a conversation that is ongoing but we had positive feedback so far. Everybody agrees about the problem. I would doubt based on what i read that there are different strategies and they keep or by Huawei Technology. Some countries are exploring different strategies from the United States and our method is pretty consistent but to the extent you disagree with the security assessment, we respect your right to make whatever decision you want but speaking for the United States we dont believe this is an area we can take a risk and hope for the best given how transformative 5g technologies are likely to be, the United States wants to make sure it is aforethought as opposed to an afterthought and we think carefully about the risk profile of any equipment coming into our networks. That is a worthy objective but i can imagine another government saying to you okay, we are worried about risk profiles but we will make sure our systems, these are softwarebased systems as opposed to prior systems. Melissas paper helped me understand what the difference is, no easy deck of intersection where you can block bad guys from coming in. I am learning but even so what about the answer that says we are worried about this, we will fight intrusion but even if we dont buy chinese made technology there could be intrusion from others. We will fight intrusion whether it is using Huawei Technology or not. I offer several responses to that. We embrace a riskbased framework applicable to any supplier of equal for 5g Network Equipment or services but the question is degree of risk and you pointed out in your opening remarks quite accurately that the extent china has a national law that compels any comedy subject to its jurisdiction to comply with Chinese Intelligence Services and prohibits that company from disclosing the request with thirdparty which is customers in china or abroad that is a serious risk. Additionally the question is one of the ability to host government to detect these risks in real time. As the paper points out we are not just talking about a wireless tower the needs to be upgraded the software the needs millions of lines of code to update it and any of those lines that is malicious could be a vector for malware and viruses. Does any government have the ability to police in realtime all those lines of code. I assume the answer to that is now. We certainly believe the risk is too great. Beyond the scope of most government ability to police. The third and final point which we often hear, that agreement is significantly cheaper and the argument i make on that point sometimes the only problem with cheapest ends up costing too much not just in terms of security risks which is something very difficult to put a value on believe in its own terms something that is 50 cheaper or 80 cheaper over time as you are locked into a particular vendor and that vendor has software that is buggy or there are back doors to the police or other kinds of problems you will pay the price for making a decision at the beginning. We do not want any country to the penny wise and pound foolish when it comes to this question. I get that and other countries have to think about that but as i understand it from reading this policy paper, the Huawei Software is buggy, what a great word. Is that an official word . A technical term. Wouldnt anybodys software possibly be buggy if it is more expensive . It is difference in kind. Look at the uk Cyber Security report, who have examined softer equipment. There is a difference in kind. If there were parity, what is the risk and given the National Legal framework that is in place in china in particular we have concerns National Intelligence law and lack of the judiciary and the willingness of the Chinese Government to exert leverage we have seen in this country for the past month over things like basketball, the taiwanese flag, hong kong and macau, we have concerns the Chinese Government would be hit strategically in this area. What if you succeed, and the Wilson Center genius goes to china and forgets to take his burner phone and takes his regular phone your, no chinese based technology in the phone and compromised in china, then what . This is one of the concerns when i travel abroad, given a briefing about cyber hygiene and the like and we encourage any citizen to take those precautions. We work with the state department, deportment of Homeland Security, and others to make sure that when we go abroad we are taking steps to protect ourselves and our fellow citizens. The mistakes are made. They are always made but with the purest of intentions in the purest of technology it still could be compromised by the chinese or pick another country and we could end up with some bugs, defects, whatever, that we didnt intend. These are not just limited to the fcc but cross governmental effort and is important for anybody traveling abroad not just to china but anywhere to be aware what devices you are using, basically dont plug it into your computer and have questions asked. I have heard and seen it all. Technology as it, coming from one of the most innovative states involves this we got used to this being an open positive thing. We need to think about risk factors. I am just making the point in the whole Security Landscape there is no 100 security. So speaking of this i speak on the defense policy board. Ive been to the pentagon and worried about this, Chinese Technology out of the supply chain. What if we keep this and we have a nonChinese Technology 3 situation and everybody observes good cyber hygiene. We are all happy campers and the rest of the world doesnt play so they basically operate the rest of the world on different technologies. How does it make us more secure . It is a problem to the extent we are interconnected. Networks dont know or respect National Security, we need to make sure we do protect ourselves from the sec perspective, earlier this you we denied china mobile to enter the United States marketbased on the opinion of the National Technology and others, the entry would present a risk. And the counterparts around the world, from india to germany about the need for these issues. The United States did not exist in a digital vacuum, not just trusted issues. As unsophisticated about this. In the in the world i had some role such as insisting that our analysts look at open source intelligence, open source that is published and available, not classified. If we only have access through our equipment in some part of this and the rest of the world out there. How do we maximize this . For my part i engage vigorously, the information that is out there, i was talking before hand, about ticktock, the other things bubbling up in the news Many Americans are aware about another industry that evolved very quickly. We are accustomed to wallets and purses in china. That is the anomaly. We understand where the chinese marketplace is generally in addition to direct spending we discussed before on things like Artificial Intelligence and quantum computing. Even if it doesnt direct cybersecurity and the holistic view. I dont care where the information comes from as long as it is credible. We want to learning classified and unclassified basis. China is a strategic competitor. That is what the National Security strategy says and i agree with that but that doesnt mean an enemy. With we say go away china, we dont want your stuff, we dont want to deal with you does that help us, is that the best approach to achieving our National Security goals, or is it an alternative saying understanding china better than we do and that is something robert daly, the Kissinger Institute is trying to do and notice in the name of that instituted his china and the us, not the other way around and understanding China Matters so if understanding china and trying to find ways to work with china to the extent we can is a good idea, is a policy like the one you are going to vote on a week in that direction or is it in the other direction . I would d for a to the state department on the Broader Diplomatic Community on setting the policy for the fccs perspective we think it is a constructive way forward simply to say we want a riskbased framework for understanding equipment or services from any country or company that come into our networks. We are always looking to engage constructively on issues where we can collaborate and theres a strategic issue at play. It occurs to me i had a couple more questions for the audience. Even if your rules are adopted. The leverage you have is money and if people, is it possible for people to say i dont want your money, i will use privatesector money or i will borrow from somewhere else to do what i was intending to do in your pool wont apply to me and retroactively raising money to get agreement to be changed. I dont want to change my equipment. I will not comply or i will find other financing and take out your money. Weve not heard concerns along those lines from particular carriers, any entity or trade association has concerns when it comes to financing. We are engaged in a conversation which is why part of that backward looking proposal, we engaged with congress on financing mechanisms to see whether or not the concerns might be addressed in that regard. Comment on our mutual and former employer, the nuanced knowledge of china could be increased, just a thought. Im glad youre in the position you are because you are smart and have that background. The Wilson Center is poised to try to teach the technology and teach the understanding so instead of demonizing a country or a person and a lot of personal demonizing goes on in congress too we can urge people to understand better and provide nuanced policy options. That is what we are trying to get. I couldnt agree more. I have tried to learn as much as i can having traveled to china. It is limited but if generally speaking, not just about china on this vector but generally speaking the history of the place, what motivates them. The diversity of the country, beijing, and these other places. I know there are differentiations. Last thing is cost. Huawei products in particular are much less expensive and ubiquitous. Isnt there something we could do to challenge this through the wto . I expect concerns the Chinese Government does subsidize huawei and other Like Companies and it seems clear they made this determination of National Champions and whoever chooses that can compete on the national change and to the extent possible, they block out foreign competition. Whether that is a violation of rules i would d for to the trade wars and it is not we do in the United States, we dont have a domestic supplier of 5g equipment. It is not a parochial trade interest or the kind of thing the United States traditionally does. The fcc and other federal agencies, we see it as our role to set Building Blocks to innovate and invest around and have a handsoff approach. We dont pick particular companies, subsidize them and go forth and conquer. That is not something we have traditionally seen in the marketplace of ideas. We do not have a domestic qualcomm does a little bit but why dont we . Some of the subcomponents we did a Semi Conductor and historically had a strong place software, some of the components, the equipment is used by huawei and others but for a larger conversation, for a variety of reasons and International Suppliers is when building recent years. We are the innovators. We should be way ahead on this and it makes me sad. I see people nodding. s marble smart people, questions, identify yourself and ask a question, dont make a speech. There was someone in the second row. Right here. A question, no matter what we do there will be software we cant trust but as agencies are using 0 trust solutions to protect their data and make sure there is user base access and not just based on how the network routes it would that be a good solution to make sure we are not losing our data or intellectual property . I am personally working with our Information Technology teams, to make sure our own network is as secure as possible so 0 trust solutions are things we are exploring as well. There was a question on the left along the aisle. Who had a question . In the technology. Identify yourself. I am in dc. China is pretty high and china, with that. Offering a similar counterparts. What is your application to National Security . With respect to what the treasury is for 5g and how we matchup visavis china as i mentioned in my opening remarks, the early metrics are good in that we freed up a tremendous amount of spectrum but simply to say 5g which is a predicate your question, we are stacking up well if you look at the amount of spectrum we freed up and the number of sales we expect to deploy with the largest on record for homes and businesses in the United States, Going Forward with respect to 6g we have our eyes on the future so we are looking at that as well but our primary focus at the moment is on making sure we free up the Building Blocks for 5g but i will say one of the reasons china has the ability to do that is they dont have multiple layers of regulatory review we have, local and in some cases federally recognized Indian Tribes with a bite of the regulatory apple. One point i have been making to the extent the United States wants to leave in 5g we want a consistent set of regulations that any Company Large or small can innovate and invest around. The other issue is what the National Priority is going to be. They want 6g, a driver for chinese innovation in the future. We need the same sense of mission in the United States thinking about technologies in the future. One of the reasons last december our agency became one of the first in washington to host a forum on Artificial Intelligence and Machine Learning, understanding what Machine Learning is and how it is likely to affect connected health and driverless cars. There are many adjacent technologies bubbling up. We need a Strategic Vision to understand the potential for these technologies. We teach ai here. Is it premature to talk about 6g when we have barely started on 5g . The eu is talking about 6g. How many years or centuries the way data moves, wont be centuries but how far off as a completed 5g network . It will be several years, to be sure the lifecycle is quicker. I remember 2g phones in the 90s and 4 g starting in 2007 with a smart phone and about quicker than many people into the paid it. We are in a faster cycle but we are in early stages of development. The bulk of my attention is focused on 5g. Other questions with the pink scarf here . Thank you for your discussion and thank you for organizing the worlds first 60s last march and the delegation in town next weekend there are already white papers if you want to read it, you can find the white paper. How is it going and i would like to hear your briefs about that. For those who are blissfully unaware every four years the international to the comedic asians union which is a branch of the United Nations organizes a conference in which spectrum policies for the world are hashed out and there is one ongoing right now in egypt. I spent the first week in egypt. From the United States perspective, i was advancing the ball in critical priorities in the government for example with respect to policies we were advocating strongly for the Us Government consensus position as appropriate level for protection, not just the weather sensors but the 23. 6 ghz ban and 24. 5 and above, similarly with respect to earth stations in motion, the us position is gaining supported able to protect not just geostationary satellite orbit but others that will be providing connectivity. Some of the other items in consideration, the 6 ghz ban to free up the 7125 mhz, if made available to the commercial marketplace while electric utilities could allow innovators to make wifi pretty much everyone in this room is familiar with wifi, looking for a wifi channel, just imagine if we had 6 of these channels available, untold innovation and investment, low bandwidth and highbandwidth applications which one of the things we want to do is highlight the importance of the 6 ghz band as well. We are in the early stages but hopefully things will go well the next several weeks. Not surprised finland is leading the pack. They have great winter olympics, now they focus. That answer was daunting and we will give a test on it. The hour is over and i will be the first to flunk. When you mention the word gigahertz. We will all try it. More questions in the middle of the room, microphone is coming. Jordan wilcox, rand corporation. Do you feel that the threats posed by huawei have a parallel partner in companies in china and Data Collection for devices of any kind in the United States and if so do you think, what could be done to monitor that . Very good question. I mentioned earlier the letter from senator schumer regarding ticktock and we see members of both parties expressing concern, not just from china but other countries, face apps which is owned by a russian company, concerns have been expressed about how data generated on both platforms using these apps could be used or misused although the fcc does not exercise jurisdiction over Companies Like that unless we are monitoring the situation. From a conservator perspective it may not be different from another, the functionality of it, the location of where the data is stored, the practices regarding how the information is used are things the United States government needs to take a look at. We worked consistently with the department of Homeland SecurityCyber Security and infrastructure security agency, the head of that, working on those issues among others. We have a close consultative relationship with them and others in this space. We have time for a couple more questions and then we will move to the other panel. 15 minutes or 0 minutes. Cant see that far. 5 minutes. Lets see. Cant use. I am kent hughes of the Wilson Center. In mid2017 donald trump directed the whole government to take a look at the Defense Industrial base including civilian parts of the economy that contribute. Most of that is classified. Are you using that information to alert city us for the items we have that we ought to protect or federal investment to plug the holes where they exist. I can say publicly we have taken account of that executive order. So a couple more questions. Where are you, smart people . Robert daly who heads the Kissinger Institute on china and the u. S. Thank you very much for your remarks. This follows up on some of the things jane has touched him. He said we need a sense of mission, a Strategic Vision. Part of this seems to be involved in things like subsidies in poor communities to buy other equipment they couldnt otherwise get and to be hooked up. Senator rubios call for an American Industrial policy but why is there no american analog to huawei . That is not huaweis fault. This seems to forming be fallis an industrial policy or perhaps violations of what is sometimes called market orthodoxy. Ive been in discussions with congressmen were hit a wall where the answer to all of the concerns you have raised seems to go against market orthodoxy and the conversation stops there. Do we say such a problem . How do we resolve it . A very good question. The concern about industrial policy is one that members of congress have been debating at the maybe other Administration Agencies with equities and their work from our perspective at the fcc, we dont have the resources to come up with some sort of industrial policy along those lines. Our position is simply lets have a riskbased framework for understanding the risk posed by any supplier and insure domestic recipients go with trusted vendors. If that trusted vendor happens in finland or sweden or korea we are generally, historically have been indifferent to. We want to make sure the equipment we are funding is trusted. Whether not and social policies needed to rectify larger Market Forces evolved over time before this position, these trends started, something i think members of congress would have to engage with. Theres a variation on that question. Innovation has been at the core of our freemarket success in this country especially in california. Just point that out. But what happened to American Innovation around 5g . What are we behind . You would agree we are beheaded. With 5g i dont think we are behind. If you look at some of the early markers where attractive 92 commercial deployments in the United States by the end of this year, holding the largest spectrum spectrum auction on december 10, 3400 megahertz. We have 2. 5, 3. 5, 3. 7 compassing american, 3. 7 compassing American Companies in victim new companies into the space. Mentioned earlier about the space, not thought of in the content of 5g. Americas leading when it comes to satellite orbit companies, spacex and one web. These are American Companies who were not just launching small satellites at a speed and price point comparable to provide a spear were innovating the launch site. Those are developed and the United States. Southern california. And my Congressional District spacex started there. Its excessive. My point is you talk about a lot of other stuff. You talk about the backbone of software as the backbone of our next generation Communication System for the entire world, and we are not, the u. S. , there are western countries that are helping but we are not the leader. It surprises big. In terms of equipment and services there are other supplies from around the world. One of the things which emphasize in our conversation with other countries will looking to advance the pecuniary interest for American Companies. This is a nonamerican supply chain. And also just to close because i think were out of time, am i right . Yes, we are. The innovation in america has come from a hugely diverse workforce. Not everybody in america looks the same, and the immigrant i would say from my Vantage Point of some of the grew up in california and watches with the fires and all the other place in california at the moment but the diversity in the workforce. For example, the Indian Diaspora just to pick one has been extraordinary, and without those people we might not have invented a lot of the stuff we have but in this area we seem not to be as swift with the exception of our fcc chairman, as we should be. Complement back to you. On that note, wouldnt you agree this guys trying his hardest across administrations to bring clarity and confidence to government and that this is an area that needs attention and hes thing attention, and lets thank him for coming. Thank you. Thank you very much. [applause] and the test will start in 45 minutes. Meanwhile, were having another panel that will show you how much more we even know about this topic. Please join us here. And our moderator will introduce himself and the panel. [inaudible conversations] [inaudible conversations] hello, and thanks for sticking around for the second part of this conversation. My name is uri berliner, im the Senior Business editor at npr. We have a panel here. Who know a lot about this stuff so well get started. Robert daly is the director of Wilson Centers Kissinger Institute on china and use. He served a diplomat in beijing, an interpreter for chinese and american leaders for president carter and Henry Kissinger picky as the net of china programs johns hopkins, syracuse and the universe a look at my favorite part, he was a producer of chinese language version of the sesame street. Hes widely recognized as an expert in u. S. China relations and lecturer for an wide all over the place. Melissa griffith, youve heard cited before, her Research Deals with the intersection of security and technology and focuses on National Defense and cyberspace. Shes worked in cybersecurity, Transatlantic Relations and how small countries, small states can defend themselves in an increasingly dangerous digital world. Chose a phd candidate in Political Science at uc berkeley and affiliated research at the center for longterm cybersecurity. Daniel kroese is a Deputy Assistant director at the National RiskManagement Center andy focuses on publicprivate partnerships to annette cybersecurity and the resilience of Critical Infrastructure, his work also deals with efforts to manage risks in the Global Supply chain, something that was talked about earlier, and the security of the 5g networks which is that a primary topic today. Daniel was formerly chief of staff for kurtzman John Ratcliffe who was the chair of the cybersecurity and Infrastructure Protection subcommittee. Melissa, why dont we start with you . Can we talk about what the evidence is, what the record is huaweis behavior . Have been a bad actor . Are there examples of them spying or allowing chinese authorities to spy or their equipment being used to hack . Whats the record . So i think theres a bit of a mixed record, an area of hot debate on how malicious while we has been in 5g. The area thats afforded it is its just really shoddy code. Regardless of whether youre concerned about them being a malicious factor, they are really big capitals and software and in the firmware on Hardware Devices and that allows malicious actors great opportunity to leverage those holes. Including chinas government, including while with but not limited to that. When we think about Security Threats to u. S. And other instances where we had compromises those have not been to Chinese Technology. That is notable. That is been by countries like north korea, iran, china, russia and the leverage existing holes, these vulnerabilities. Its a mixed record about why huawei is not building backdoors can was not their operating a kill switch at any moment to turn up Critical Infrastructure but the reality is there code allows for those things because its pretty shoddy. Daniel, one thing that came up in the conversation with the chairman and the congresswoman was 5g has a broader attack surface which is a scary idea that its much more vulnerable in many different ways. Can you talk about that and what that raises about should we be rushing to adopt all this 5g technology with his broad attack surface . The promise of 5g as the chairman and others mentioned is undeniable victory sector of the economy. It affords also the opportunity weve never seen before, trillions affected i could economic opportunity. Would recognize a promise. On the Risk Security amazing side, there is a lot we still have to understand and confection was about the risk. The discussion earlier about software, 4g, alumnus functios have been virtualized and 5g has not. That adds millions of lines of code what we did not have before. When you look at the use cases of 5g and the way its going to metaphoric telemedicine and Autonomous Vehicles and the like, we are no longer talking about a dad intact data of how 5g could be or manipulated as well. Melissa touched on some of the reporting of huawei equipment and other telecommunication kit that comes in china. I telling report came out of uk into huaweis cyprus can be sent we have a decade of what is posted limit testing. It was a fascinating report with my doubt, this is because its testing was in the field, testing 4g, and they said they had limited assurance of their ability to of Risk Management scheme that gives them confidence and said they had almost no ability to ensure binary equivalents, which means what they spent enormous amount of effort and time and Energy Testing in the center, they are not sure thats whats diploid in the field. But thats just for 4g before you have a factor of ten or 100x amount of code. When you go from the current generation where we are not sure we have any insurance is not a leaky product and we dont know what protesting which is deployed and you go to attack surface of the next generation which is going to be orders of magnitude more code that will have more updates itself whether or not its an intentional backdoor or just an unintentional bug, you package it altogether and the attack surface on this becomes enormous. There was no 100 perfectly safe riskfree vulnerability free product. Recognizing that reality i just laid out, what all that means is you have to trust on the front in. If thats a reality we are dealing with millions of lines of code, you really cant enter that new world with that attack surface from a position of compromise trust. Given that performance maybe we should slow down and assess if 5g is, with all the benefits, also the challenges and threats to Public Health potential because of the vulnerability, its going to be embedded in our hospitals, in our transportation system, in our homes, the connectivity. Does it make sense to secure the Network First and then race to develop . Anybody jump in on that. It may make sense to wait for china isnt waiting. Not all these qualms are few. They are to point very, very fast. October 30 last week they started full 5g programs in 50 different cities. Relatively cheaply, 18 a month u. S. Theres a glitch in the system many people with 5g capable phones yet but theyre getting them fairly quickly. I was in beijing last week and the whole cityscape has been transformed by these massive towers, multiple input, multiple output antennas, rooftops all over beijing. On november 5 actually china using these set a new 5g speed record for single cell phone users. These track individual phone users. They are ready for you to sign on and they can jump on and be even faster resident the traditional 4g networks. This is already happening. Even if we have these bad code multiple vulnerabilities, china is going be learning this as they go in a nation of very early adapters and they will adjust. They would be filling some of those gaps as they move. Theres a question here with 5g, how much of this is innovation . If its about innovation and Public Welfare that it might make sense to wait for the reason you mention. Or is this about commercial dominance and about the balance of power . In which case the first movers get a committed if that is because are learning a lot. This question is what is the right framework . Is it our own National Security and vulnerabilities or is it a concern about whose would have the interNational Champions and we tend to confuse those different categories. I would push back because i think we put a lot of emphasis on a person first mover advantage. This is the argument for speed, is it your the first mover you get a lot of practice, you deploy much faster. Makes it harder for other companies or competitors to do it in the same quality. I dont think thats been borne out in the telecommunications in general. The big, players can 4g were not the first movers. Theres a false narrative even if we look at these as separate, geo political versus social economic good of the country. We put a lot of weight on the first mover. I would also push and say we have a lot of good experience around cybersecurity more general in Critical Infrastructure that tells us the its a real terrible plan to chase a horse once its left the board. Lets add some security or, maybe i can patch on resiliency, and the horse is just gone. We are at a moment where we do need to emphasize security just as much a speed. First mover does not like anyone in in the space. We know that historically. You cant expect a Critical Infrastructure that is as critical that only to our economy at the waist militarist fight to the what all of us communicate in the future. You cannot deploy that in insecure and not resilient firm. This is the most Critical Infrastructure in the future. We cant put speed ahead of security. I hope that remains true. Within china if the horse leaves the barn, its still a chinese horse and a chinese barn. They have a close with a lot of users and strong levers of control so in fact, they know with horse is because they have the surveillance cameras. They have the worlds biggest market and with early adapters and willingness to use these adapters as the guinea pigs without regulation. You make an important point. I hope it holds but if theres as much at stake as you say there is we may want to be skeptical about that assumption even if it is true up to now. So in china is racing ahead, what are the using 5g for . What applications right now and whats coming online and what can we learn from . Chine is proud it just won the latest International League of legends team competition. Most of it is fast delivery of mobile lunches and gaming in the shortterm but then we get into the kinds of innovation that you are discussing. Its important here to not look at 5g just as this totally sequestered standalone issue. Basically where at the high level talking about in a connected world of stuff that fits together that enables a whole host of activities for individual consumers and for the broader critical structure committee. We look at that what the 5g its not like theres a date for 5g gets flipped on and theres just Autonomous Cars everywhere. You look between now and 20232025 and what went to is t in terms of 5g deployment will go from the current 4g buildout, have nonstandalone 5g deployment where you have 5g on top of existing 4g infrastructure and then move down the road close to the 2025 where you have the true nonstandard or true standalone ig but even within that when you look at some of what provides the functionality of that, all that is existing Fiber Network and the new fiber willing, satellite plays a role. A connected holistic ict infrastructure we need to think about as well. We need to look ahead over the coming decades and in a world where that infrastructure is going to power more and more than ever has before, hold moe valuable data than ever has before, how do we have framework of risk informed lens that gives us trust and assurance in the organizations, the components and the people that play vital roles in that. Just getting back to huawei. Just wondering like, is it practical to purge huawei equipment from the United States, and if it is at what costs . As we heard earlier there are a lot of world carriers that installed huawei equipment years ago and this proposal would require them to go out and physically pull out all this gear and get paid back but it would clearly be destructive. Is it solving a problem . If we do this or is it just a preventive measure, solving a problem that currently exist . I think we look at the u. S. Right now. We are largely pretty good shape at all the major carriers have committed to not putting huawei and other untrusted Telecommunications Equipment into fifthgeneration networks and it is a smattering of rural carriers across the country that have huawei. The estimates are similar between 700 million 2 billion of what is the cost of rip and replace. If you talk to carriers its more replaced and rip. When you think about the u. S. Compared to the rest of the world, the total cost to get wally out of our systems, entirety some in that range, we spent a lot more before. We are in a good spot right now in the u. S. Its not untenable. Even if we do this rip and replace, ericsson and nokia manufacture most of the transmitters, receivers, writs in the peoples republic of china. If were concerned about surreptitious installation at some of all abilities they are just as open. My question is this. Given all of those vulnerabilities, given the imminent hacker ability of the systems made by anybody what almost anybody and this question about vulnerabilities that you phrase, seems to me when i look at these costs, when we talk about the vulnerability from huawei, the question has to be, we have certain safeguards in place, germany and uk are say they may let huawei into the least vulnerable parts of the system because theyre confident that they can while these all technologically. Given there some ability, not perfect to monitor, it seems to me the and asked question is, what is the marginal increase in the ease of hacking and access to the Chinese Government of huawei equipment as opposed to any other equipment . Because if the marginal increase isnt that great, then were not talking about enormous vulnerability that comes from huawei. Were talking about vulnerabilities from these systems generally. I dont hear the question asked and it seems like a key question. This is one of the reasons why theres more to worry about than just huawei. The answer to your question between marginal benefit of trying to break out while we both in use networks but also in networks globally just part of u. S. Ambition has to do with what that network would look like without huawei. Part of what my push is to think about three different scenarios we could get in the u. S. When is this ideal scenario where we are able to undermine chinese dominance in the u. S. And globally in Critical Infrastructure, like 5g. We are able to gain leadership. Thats the best case scenario, that we are hearing articulate in the first conversations. The second scenario is we get some traction but we have a mixed vendor model of which huawei will be probably one of them. Either in the u. S. Or abroad to some extent. The worstcase scenario is huawei wins this supposedly of which illdefined concept of a race and is the primary critical vendor both in u. S. Around the globe. Any three of those worlds theres still one really vital security test for the us and thats how you operate sicker on hilly Insecure Networks . Independent of huawei is doing in the space come in the pit of what future we fight or something we have to solve that question of 5g general. That has to do with the software, reliance on software. That has to do with ability to check, monitoring versus the pushing outward at the network. This has to do with concepts around iot like increasing the attack space and the vulnerabilities that brings with it, iot, internet of things devices are insecure. These are what will be popping onto this. Any of those worlds thats the fundamental National Security. For for a human question that raised by these technologies and the china question per se or china dimensions. I do want to underplay the ways in which china amplifies Security Threat to the United States and his networks but it is not the sole security problem. Even if china would decide it did to compete on 5g for whatever reasons that carry on, finland, swindling, do your best. Even if we ended up in the world magically we still have a major security problem with one of the most Critical Infrastructures in the world coming up for economies. What worries you the most . Huawei or the underlying . Underling. It hasnt been, a lot of Security Solutions unerring articulated at least in the public space are very issue tailored to huawei. I am less concerned whether we can solve those and more concerned with whether or not we look at this much broader area of Risk Management and thinking about so maybe we can do in decryption. We construct document segmentation networks, how much bang for buck does that get us and start doing a comprehensive risk analysis versus a geopolitical concern over here lurking in this corner, theres Real Security implications, lets just address that. At the end of the day were left with a deeply insecure network. I would like to ask robert the steps that of a taken to blacklist huawei, to isolate huawei in the u. S. , at the same time without a trade war with china and a just wondering what you think, whether theres a connection between these more aggressive steps against huawei in the trade what and if not how do we go about convincing the American People these are separate issues . There is a broad connection and a specific specific connection we are now engaged in a global competition with china for influence over security architectures, over trade and investment, very much over the development marketization and regulation of tech that is new to the foreground, relating also to norms and practices and underlying value systems. The huawei question like the trade war is a subset of a global rivalry characterize a deep distrust. Every aspect of the rivalry reflects on the other. You cant pull these to make things apart. The more specific connection is that the president has twice implied that he might change some of his attitude towards huawei if he gets ideal that he wants. This is very difficult because the claims we are making against are all based on security. They should have nothing to do with the trade deal and so if were willing to pull huawei in that sounds like were cynical about our sicker to get it sounds like we are cynical about the rule of law because the Eastern District of new york when asked the canadians to arrest the cfo of huawei, we were very careful to say this has been done not by the administration but this has been done by due process of law. When the president subsequently implied he might willing to let her go for a trade deal, this was been even more strongly interpreted as hostagetaking. Theres both a broad geostrategic competition site of which their link and the president s statements have also applied there may be a link between how we treat huawei, including the placing of it on the entities list and other issues and the trade deal more general expert daniel, id like to bring back to you. As 5g moves forward, we know what the sec is proposing what other steps do you think the government can take to secure the networks here forcefully . The first step for us has been engagement. My agency is not a regulator and yard from chairman pai who has a strict regulatory mission. So the first step for us is we have awesome opportunity to have a seat for the entirety of the i. T. Sector and the communication sector in u. S. And bringing together. Its in the last 18 months where weve had forums like this pop up every single week. Sort of the hockey stick of 5g engagement, the circuit if you will has just increased exponentially in terms of interest in it but there was some level said activity that is not taken place. There was so much activity going around admiring the problem but not understanding from an architectural perspective what 5g means. And understand just the fundamental job of critical for such sector protection and enabling and underpinning technologies like 5g. Weve done extensive work with i. T. Partners to do a lot of initial activity of understanding at a Network Component elemental level how 5g architecture works. Were talking about and avoid network at this point. Thats been one of things most lost any media is this is an issue where the ship has sailed and what do we do now. For the most part we are ahead of this curve where he can make some smart tailored investments, r d decisions, catalyzed Risk Management activities together. Understanding what were talking about when we say standalone versus not stand alone, what is the virtualized space and how it can enable that network slicing. Truly understanding that, so that is been from dhs a perspective much of the last year for us is really digging our teeth into that. Theres a lot of work that it not been done. Another big activity for us is on the understanding the marketplace dynamics around this, and our goal is simple. We want to risk informed deployment of 5g technology around the country and the world but we also want vibrant and their marketplace, 5g providers and manufacturers. When were talking things like interoperability, about Price Transparency and discovery, theres a lot of work that so much more nuanced than just huaweis zte versus the trusted alternatives. Weve engage more heavily with organizations which their goal was a radioactive network portion of 5g, ensuring you have true interoperability between those, and thats been, its one thing, theres an extensive standardsetting process where you will have 790 pages of really detailed standards worth the toxic frequency and some of the privacy issues, but is it practical for that world provider to take one can put from this company here thats in the court, yet the cisco router and youve got the small self pizza boxes on every street corner, like can you stitch together a diverse and this aggregated 5g network in a way that works . Theres interoperability but theres real interoperability. You hear stories about the qualcomm chips, though system is two times slower. Theres great work being done. We have very defensible position in the u. S. About huawei that we have intelligence to support it was right decision. That every country has agreed. We will make a risk informed case but something unless every country has agreed with is that we cant get into a position, and i can 80s ibm controlled the whole stack. From the service to the mainstream to the software to the people coming in to maintain it, that was the communication stack that you had. There was this Great Innovation of disaggregation of things. No one is saying do you know what i really would like an 5g . I would like to go back to that model. That makes a lot of sense. When were talking to other countries with a great Risk Management success so far selling that narrative maybe we are still going to continue to engage in talking what vendors are trusted and im trusted and why if you look at the report, uk report, everyone agrees that for something as vital important, this is whats going to power and underpin all Critical Infrastructure for decades ahead. You cant have a model where its just top to bottom your lock in. So how do we understand the market place of who the players are so theres true interoperability and affair private marketplace for them to compete on the quality and security resilience of the products they offer. Those of exciting activities we insist on having a gauge on but theres a whole of government effort so far. Were early on in the process. Theyre still five, six, seven years until we have realized all of this. I found your comment reassuring to a degree but theyre still of the question which occurs in u. S. China relations and internationally, across a number of sectors. Either about chinas infrastructure lending to belt and road which is fairly massive and were coming up with smaller pots of money that we want to use to do better quality lending thats probably more sustainable. The question was this question of quality versus quantity. Seems to me in confidence like africa, south america, to a degree in central asia, the model you outline and youve applied the same thing, we are offering quality, an ideal set of circumstances that is expensive and slow coming, or as china is offering quantity and good enough technology to get started now, including with a lot of lending. Im concerned in many places we lose the quality versus quantity and desperately poor areas. This is one way they can get in on benefits relatively cheaply now and china continues to march ahead and much of the rest of the world although not, for example, western europe will go for the chinese deal. They will get the data, set the standards. How can we make this argument for something that is ideal, expensive, and slow coming and how can we prevail in the developing world when china is offering something that is good enough, inexpensive now . I think this comes down to the tactics. We have really forced the conversation. We need to think this through the operators viewpoint, the world provider or the foreign country, the person who runs operations for the thirdbiggest telecom and the g20 five country that collectively serves six to 7 million people. Those people are generally wellintentioned. They understand the argument. Understand the issues around serious concerns about both the lack of independent judiciary and rule law. It is while we think to lakey prada, et cetera. Then theres a practicality. They have to sing people and to play the stuff and pulse of them put other stuff in. Theres work to be done just in terms of playbook and better understand the mechanics around hey, heres how we will work with you to help you understand how this is not maybe as scary as it seems and you dont need to just say ill take, you cant do it top to bottom, soup to nuts option. Thats not just a theoretical think that were doing get out and theres a real engagement issue going on in the u. S. Where were out in denver meeting with world provider out there who has wally in the system and the owner is a veteran and a selfdescribed patriot and he said listen, i like a pot of money to help do this and sounds like its like on the way in some capacity. If not i still want to do to the extent i can but you have to help me figure out how to do it. Thats what a limited for us rip and replace is the wrong order. I had to serve people. I cant just rip and then figure it out. For security reasons or quality reasons . Security reasons. He wants to understand sort of the sequencing of how you face things in a ghetto more trusted the place and have confidence that he snatches pulling stuff out of the ground and all of a sudden his customers have reliability issues. Thats what we can come together and help build some of those at a tactical level of how you do that. I do have some degree of confidence. Also when you look at a lot of the conversations going on in europe and across the world, whether its 5g or just 4g lte, a lot of the axis one world will need to be replaced because its old. We can think of is not as a scary moment in the sand that either this is the moment of reckoning or go down the good fats are bad path, but hey, right here this year for the 15 of your Radio Access Network that you need to replace, lets help make a risk informed decision. There are economic concerns which are troubling but when you post like it like that, when ts a huge cost of manual labor of doing that, physical equipment is only a fraction of that and so 15 of 40 , 15 theyre doing this year you can give people, if theres an operators lens on board and comfortable, this year i have some decisions to make and you face at 15 and that maybe is more expensive but in the grand scheme of things lets go for that. Thats much different than this is your moment of reckoning. We can do good work on the tactical level. I want to get back to melissa and your policy paper pick you said you were more concerned about the underlying infrastructure that is being developed. What are you most concerned about . What is most vulnerable, what poses the greatest threats to individuals, to the institutions, to the United States as this is developed with these very broad kind of surface area that is vulnerable . To clarify that, i am most concerned about it because i think with too much focus on huawei. We are just missing the forest for the trees. In terms of areas of concern when it comes to 5g there are a couple. I dont think we have really good understanding about how 5g networks and with other Critical Infrastructures, so these are broader questions about resiliency for society at large. How do you maintain Energy Production if youre 5g Networks Goes down, for example . These are broader questions about whole of government, whole of Society Solutions in which one of that would be 5g. Thats not unique. Thats a concern with 4g as well. We do have great understand about how the sphinx interface the waste we manage risk at the level between Critical Infrastructures. More on the 5g upcoming technology, i think theres a couple areas i find concerning. One is the further shift toward software. There are Important Solutions that are out there being developed and a note if you talk to specific carriers they are more optimistic about some of the tools they can leverage and apply them to 5g but when you have a more robust understand what security in the Software Since it means. The other one is really the internet of things. This is the punch of 5g, this is what it gets us, a lot of devices. The internet of things has dogged us now for a good ten years candidate terms of being incredibly insecure. Thats a problem not only for the security of 5g but those devices can be leveraged against other types of target so theres a real magnifying site of 5g thats really concerning. I want to bring this to your own personal digital security. Are you wary at some of these things and how to practice the best hygiene to protect your own data and privacy, all of you . Why do we talk about that . These are hugely important developments and the policy will but we all try to make her own life more secure. Lets talk about that a bit. The short answer is yes. There are two different buckets. We live in this world where for cybersecurity infrastructure, think about advanced persistent threats and nationstate attacks and point of leverage and managed Service Providers and a lot of consequence modeling and so Systemic Risk stuff that is new and maybe an evolved Threat Landscape from seven or eight years ago. The other hand is, theres all these basics that the country is in doing. Youve seen recently children not going to school because of ransomware attacks. People turned away from hospitals because of ransomware attacks, not because we didnt do something some crazy systemg to do but just because tenyearold technology 15 euro Security Best practices that are noncontroversial were not deployed. How do you balance those . You have to keep doing both. Thats a good answer. Im also concerned with the fact a lot of the time when we see these blazing instances in the news what were looking at, a solutions already there as been there for a while because question had you implement at scale across antiquated and Diverse Technology . That concerns me. On a personal, i am clearly wearing an internet of things device. Theres a variety of risk you would be concerned with. There are a package of basic cyber hygiene and it is can do. Update your technology, things of this nature that are not overly complicated and yet are surprisingly underutilized. Having a better sense and this is something i know i pushed with friends at duncan a better sense of your technology is doing. Often people dont understand the security implications or how to secure something. Its like a magic box in your hands. Wait, you mean this app is on in the background . Its an information . Yes, its sending information. Just basic education and hygiene standards can be huge on individual level. The of the part for me is theres a bit of a Civic Responsibility. I studied a lot of small countries where theres strong Civic Responsibility to kind of the state, the National Interest to certain extent. People should be concerned if the device they own has been compromised and is being used to leverage at the dos attack against your own government or another government. Thats basically some holding your technology hostage. You should be concern as an individual i want to take proper cyber hygiene to prevent that. Theres also you can prevent everything but you can take some basic steps campaign basic awareness and think about your technology as part of this broader ecosystem. My brief thoughts with far less useful. I tried to spin as little time in cyber and as possible entity to my children that affect you do have a choice of not living on the internet. You can opt out a lot of this and not a new social media. The institution of the Wilson Center when we traveled to china or russia, we are told not to take her own phones and its very easy to get a burner computer to take with us. Every year we all have to take and retake we take not one bute different Computer Security courses. That actually does, its highly redundant teacher antenna pretty alert. It becomes very easy to spot phishing attacks. You can do a lot for institutional integrity. When i i read of all of the promises of 5g, they have yet to raise a problem im trying to solve. I dont really need my car to talk to my refrigerator. [laughing] i think final thoughts . We have a few more minutes, is that right . I80 question mostly for melissa. Given that youre mostly concerned about the problems that this Technology Poses to everybody anyway, you are more worried about that and while with your pc for cooperation . Weve been speaking about chinese tech as wholly competitive and demonized by coming not work with china and other International Players to try to answer some of these questions that youve raised . If china is moving ahead with the hardware and American Companies were made ahead with the software, are the any im not trying to be poly and is but in one area for forgetting to ask if theres room to cooperate on standards, and regulations pollyanna should ish to turn some of the whole demonizing language which is not just about between good and evil, d. C. Prospect for that or a way to distrustful and too far apart . Theres a couple of areas of concern daniel points out when discovers after that have over 14 years of history trying to rectify, thinking the uk here, trying to deploy while we technology at scale in a reliable and secure and resilient manner. Their fifth annual report that came up once again came to the conclusion they didnt have good degree of confidence. Thats 14 years, i think that is concerning. Because of the weakness of the thoughtful or maligned intent . Its unclear. I have not seen any evidence in the public space that would claim the Chinese Government is out there masquerading in 5g Huawei Technology building in backdoors, shutting the extent, heres a kill switch there. That is an area of concern but a lot of speculation at this point in the public space. I do think that are ample opportunities for that given how buggy, tactical term, that code is. Not just for china. If you really buggy code thats an opportunity for any malicious actor. Thats worth pointing out that we keep saying the word china. Thats not the only malicious actor. A country like the United States or likeminded states would be concerned about. Theres areas for opportunity when we start doing much more of a Risk Management comprehensive process about what this threat space looks like. That allows us to say in what ways does huawei introduce security that is unacceptable and in what ways at cost to mitigate some of those concerns. These are questions wrapped into encryption, vpn, segmentation, question about building resiliency, backups, things of that nature. As soon as we start operationalizing that a lot of work daniels talking bout we have a better sense of where we can work with huawei, mitigate the risk and we just actually cant. I dont think weve done that yet. Huawei or no huawei. If were we only have a binr conversation about china bad can we are not going to be able to achieve the secure and resilient results we want. The same time the u. S. Government had that been too apologetic about what our assessment of the strategic intent there is, and we did a public webinar this pass by door on a Chinese State campaign to leverage provided as an ultimate point of leverage to steal billions of dollars of intellectual property across dozens of countries. Thats something we put out publicly and with a boatload of intelligence behind, and were not going to shy away from that strategic intent that been demonstrated, hijacking and rerouting of internet traffic. At the same time if were only trying to sell that narrative we were not to the operational stuff as well. To be a time for questions . Yes, okay. Over there. [inaudible] [inaudible] im a defense fellow, my question is regarding deployment of starling satellites and one producing global wifi coverage. This is outside the scope of this compression let me know but i do question as to whether a more innovative or not it innovative but a better or effective policy solution would be to work on rather than ripping out a replacing all of this hardware infrastructure all across the country, would be better to build new infrastructure or to prepare everyone to use wifi as provided from space just the way we do with gps . Satellite and fiber need to be huge part of the 5g conversation generally, and we worked with the satellite segment within the can vacation sector. Even when your type of 5g connectivity whenever areas or maybe you dont have quite the connectivity, sunlight satellia great option in terms of filler in between. You might have no discernible difference in terms of the functionality of the connectivity at all. It likely is an area where an enhanced partnership and engagement with the satellite because it sort of a few different segments. It would be worthwhile because its part of the equation that is not going away. Way in the back. Im at georgetown university. Robert daly question earlier, i was wondering as to what developing nist standards isnt its as if threat still care for its huawei or no key attack deployed. Seems like they will get access those networks and im wondering why what our conversation is in technologybased rather than the can of Great Power Competition conversation we are seen . So i think a large amount of the conversation has been technologybased in terms of thinking about what the structure of 5g is, the technological realities of that. You are absolutely right in the sense if youre a malicious actor of significant scale and jeff strategic imperative to compromising networks for whether that espionage or sabotage, you are not necessarily going to care what is the operator, the vendor of that network except for some of those are easier target than others. If youre looking for a weak link, your opportunity in is these factors. If youre a malicious actor it is in your best interest to have your adversaries operating on very Insecure Networks because those are your entrances between seen time and time again with particularly very qualified actors, they go for the really low hanging fruit. They will enter casinos internetwork to their fishing. Still find the more porous opportunity go for. Thats like another reason why we should be much more concerned about operating secure across the stack whatever that stack is, at the same time we shouldnt just wait for him since i i guess we lost the battle around this. Tuesday on cspan house returns at 10 a. M. Eastern for general speeches with legislative business at noon. On the agenda a shortterm spending bill that would fund the federal government through most of december. On cspan2 the sin is back at 1r judicial nominations for the 11th Circuit Court of appeals. On cspan3 the House Intelligence Committee continues its impeachment inquiry with to make public hearings. The first includes testimony from jennifer williams, an aide to Vice President pence, and Lieutenant General then. Later in the day the Committee Hears additional testimony from ten morrison who is also part of the National Security council, and kurt volker, forming a special envoy to ukraine. Attorney general william barr spoke at the federalist societies National Lawyers convention in washington, d. C. He discussed the history and intent of the constitution and said that congress does not have absolute oversight over the executive branch