Cloud computing is the next line in the competition with China

It's fair to say, federal agencies will never buy commercial cloud computing services from Chinese vendors.

It’s fair to say, federal agencies will never buy commercial cloud computing services from Chinese vendors. But China aims to take the lead in cloud computing worldwide. To examine that competitive challenge to the United States,  Federal Drive with Tom Temin  spoke with Jim Lewis, senior vice president for the Strategic Technologies Program at the Center for Strategic and International Studies.

Interview Transcript: 

Tom Temin It looks like you’ve migrated from writing cybersecurity suggested policy for the White House to looking at cloud computing, which kind of is related, I guess. Tell us your thoughts about cloud.

Jim Lewis Cloud is definitely part of the larger network security picture, and we had Rob Joyce speaking a week or so ago where he said cloud is the future of computing. So if you look at the national strategy, an emphasis on cloud security, an emphasis on the move to the cloud is a big part of it. So I don’t see a difference between cloud and cyber security, one is the same as the other.

Tom Temin All right. And so, again, U.S. companies only buy from U.S. vendors and there is generally a requirement for U.S. soil located cloud services. But that doesn’t really address the issue of widespread Chinese adoption by commercial entities here in the United States and the establishment of that Chinese infrastructure worldwide to go along with Amazon, Google and the rest of them. Fair to say?

Jim Lewis Two things are going on. The first is that if you talk to Chinese vendors, including Huawei,  they expect to regain global dominance, and they think that cloud and 6G are their paths forward. So cloud plays a big part in China’s plans for dominating global networks. The second part isn’t global network, so American vendors, American companies operating in America don’t face the risk of using Chinese technology. And let’s be clear, there’s a definite risk of espionage. It’s more than a risk, it’s a certainty. But they’re going to have to connect to countries elsewhere, and they’re going to have to connect to networks in other places. And that’s where the risk comes in. China pretty much dominates Africa now. They’re making big strides in Latin America, and the cloud market is part of that. So this is a continuation of the contest we saw over 5G a few years ago and the centrality of Huawei in supplying other people. It creates risk for the United States.

Tom Temin It’s fair to say, then, that in those countries that are still developing in the same way that they skipped the wired pots type of telephone systems, in the seventies, eighties, nineties going directly to wireless cellular in the same way they’re skipping the data center model and going straight to cloud.

Jim Lewis Cloud is going to be increasingly important for so many services. 5G networks depend on cloud. Artificial intelligence, robotics depend on cloud. Logistics will increasingly rely on cloud. Now, what flavor of cloud is, of course, one of the competitive features. Is it an American company? Is it in-house? Is it on prem? What we are seeing a shift, a migration in how people use computing technology to the cloud. And that makes it a strategic issue for the United States. If you are comfortable with having China dominate the global information infrastructure, OK, but I don’t think most people are.

Tom Temin Sure. There’s an old saying about roads. How many roads are in the United States? And the answer is one, because you can drive on any road from any other road, just if you traverse the right turns. Same thing is true of networks, really. In some sense, there is only one network worldwide increasingly more integrated. Does that mean that enclaves of U.S. only or protected types of cloud areas really are safe?

Jim Lewis Yeah, they’re probably, a protected cloud in the United States probably is safe. But the question is, no country is an island. And so if you want to do international business, you’re going to go on to foreign networks. You’re going to have to access or provide access to foreign clouds. And that creates the opportunity for mischief. So if you want to extend your statement, there really is one network and it’s global. And we’re having a dispute now over who is technology, who standards, whose norms will dominate that global network, ours or China’s?

Tom Temin We’re speaking with Jim Lewis, senior vice president for the Strategic Technologies Program at the Center for Strategic and International Studies. And if you’re, say, a vendor that has international sales and also sales to the federal government under some of the supply chain security initiatives, software supply chain security initiative. That would seem to be a problem if, say, on your commercial side, you’re totally fine with using a Chinese technology based or even a China based cloud provider. But then, [Cybersecurity Maturity Model Certification (CMMC)] program, for example, that’s going to mitigate against your ability to serve the federal government. I would think.

Jim Lewis To their credit, the previous administration had a clean network initiative that included clean cloud, and that was a recognition of the the interconnections between American companies, foreign companies. And the problems that having a big Chinese presence in the cloud could create. So this isn’t new, this is probably five or six years old that people have been thinking about it. Right now, the U.S. has a huge market share lead in many regions, not all, but many. And the Chinese hope to displace that. Some of their motive is commercial, clearly. But some of it is also a security motive. If you control the cloud, you have more influence, you have greater access to information. It just creates more risk. And so that’s what the previous administration was trying to address. This administration is continuing with that. One dilemma we have, and you’ve seen this in other places as well, is China’s willing to subsidize, China’s willing to engage in predatory trade practices. So I’ve had foreign officials tell me, the Chinese will show up, they will underbid Western companies by a significant margin, 20%, 30%. And that’s hard to turn down. So there’s an intention to make the world wired by China. And that’s what we’re having to push back against.

Tom Temin Is one of the questions then whether Amazon, Google, Oracle, all of these companies that our cloud commercial providers invest in their own infrastructure using Chinese gear?

Jim Lewis So far the use of Chinese equipment in the cloud isn’t a big problem, because for one thing, all the big leading U.S. cloud providers know the risks, and so they’re going to seek to avoid that. That’s been true for years. So the issue is not so much American cloud service providers, but more the people on the other end. The companies in Latin America, the companies in South East Asia, the companies in the Middle East, that’s where Chinese tech providers have a lead, clear lead over Western companies. And that’s where the risk is.

Tom Temin So what is the specific risk then? If the commercial usage is Chinese based over there in Asia, for example, in Africa and say, in the European Union and the United States, North America. It’s not, and I don’t know what South America is doing. What is the actual risk then to the United States?

Jim Lewis The risk is first espionage, because you’ve got American companies accessing foreign networks that are based on Chinese technology that could be compromised. The second risk is influence. If it’s the company that’s building the highways for you or building the railroads they are going to be more influential than the bystanders. The third is standards, which is that if you buy Chinese  cloud technology, the Chinese very often want you to buy related technology. So you end up with not just cloud, but with everything that appends to it being Chinese. And the fear is they’ll use it for market advantage the way they’ve done in other areas.

Tom Temin So there’s an economic danger here, as well as a national security threat.

Jim Lewis Yeah, One of the problems we’re having in this discussion is economics and national security are blending in a way they weren’t. I saw a paper recently that said that the U.S. is central concern was national security. That’s true. But the definition of national security is very different than it was 20 years ago. It includes economics, it includes technology, it includes things that don’t fit under the rubric of defense. So we’re being challenged in ways we’re not accustomed to.

Tom Temin Right. I think it was President Obama that pointed out, somewhat wryly, that, yes, it’s the economy that pays for everything else, including defense.

Jim Lewis And that’s where we are struggling, because the foundation of national security is the economy, and economic strength and the ability to create new technologies, the ability to afford new technologies. And we’ve seen countries fall behind when they’ve made the wrong investment decisions. That will affect spectrum allocation, that will affect global standards, that will affect the purchase of cloud services. Everyone knows about TikTok. And so we can we can skip another TikTok commercial, but TikTok is just the tip of the iceberg when it comes to Chinese software being used in American products. We have an interconnected economies. The Chinese have the same problem, I guess that’s a comfort. Our economies are interconnected, we’ve spent 40 years building closer and closer connections. And so when you lift the hood up, a lot of IT has some piece of China in it and that raises concerns.

Tom Temin So what should the United States do? Is there any policy recommendation that can strengthen the cloud position here?

Jim Lewis A lot of this comes back to rebuilding capacities we had in the Cold War. And that doesn’t mean doing exactly what we did in the Cold War. But when you look at foreign assistance, one reason people in other countries by Chinese technology is that it’s a lower price, it’s subsidized. It comes with a lot of benefits, education, workforce, capital, infrastructure. And we have to compete. But we have so many rules in place when it comes to foreign assistance, that very often it’s difficult for us to compete with the Chinese. The Chinese don’t come in and ask questions about social issues or political issues. The Chinese don’t care about bribery. Not to say maybe that we shouldn’t care about bribery, but we’re going to have to. We’re used to a world where we were dominant and we didn’t really have to compete, and so we could afford to impose rules that were peripheral below question of security and economic growth. And we have to reconsider that.

Tom Temin I think one recent, maybe it was an African official who was quoted as saying, with the Chinese we get an airport, with the Americans we get a lecture.

Jim Lewis And that wraps it up, folks. I’ve talked to African officials. And what I told them basically is, look, your key concern, and this is true for most of the developing world. Your key concern is economic growth. And so from a national interest perspective, you have to put that as a higher priority than American security. That sounds terrible. But coming in and telling people, do something because it’s good for the United States, strangely enough, doesn’t have as much selling power as someone showing up and saying, I’m going to give you an airport. And I’m not going to look the other way as some of the money for that airport is diverted to Switzerland. So we have not yet fully recognized that we’re in a contest. Cloud is part of that. The Chinese will get better. They’ll get a bigger market share. And that’s not in our interest to see that happen.


Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories