Inside a Commission Hearing on the Chinese Threat

This morning I testified at the U.S.-China Economic and Security Review Commission at a hearing on Developments in China’s Cyber and Nuclear Capabilities. In the picture taken by Mrs Bejtlich (thanks for attending!) I'm seated at the far right. To my left is Nart Villeneuve. To his left is Jason Healey.

As stated on their Web site, the U.S. Congress created the U.S.-China Economic and Security Review Commission in October 2000 with the legislative mandate to monitor, investigate, and submit to Congress an annual report on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China, and to provide recommendations, where appropriate, to Congress for legislative and administrative action. The Commission holds hearings to solicit testimony from subject matter experts and builds on those hearings to produce an excellent annual report.

You can access the 2011 report on the Commission Web site, and even request a printed copy if you'd prefer to read paper.

A few weeks ago the Commission staff requested that I answer a set of questions, and I provided a draft response last Monday. When I testified each of us had seven minutes to make a statement, after which the Commissioners asked questions. The testimony posted online is the "extended" version of my remarks. I used an abridged version when speaking today, but didn't read it verbatim.

After we each made a seven minute statement, the Commissioners asked a round of questions. Each received about five minutes. We tried to keep to the rotation, which as you might expect was tough. Several questions were fairly complicated (like discussing the costs and benefits of "the cloud") so it was difficult to be anything near complete when responding. A few Commissioners were interested in supply chain questions and the problems posed by Chinese made telecommunications equipment.

I expect an audio recording of the event to be available at the Commission Web site within the next few weeks. Once that is posted I'll review it and share a few more thoughts on the Mandiant Blog.

In addition to my wife, thanks also to the members of the local computer network defense and intelligence communities who attended the briefing and said hello!

Comments

Anonymous said…
That’s pretty neat – congrats!

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics