Rational Security, Episode #109: The “We Need to Talk About Devin” Edition

Devin Nunes throws a wrench into the House’s Russia investigation. Meanwhile, the Senate investigation hasn’t come off the rails. And should countries declare certain kinds of cyber attacks off limits?

Tamara is inspired by a Tweet storm.

Ben is surrendering his byline, sort of.

Quinta is imagining a list that wasn’t.

Subscribe through our RSS feed, on iTunes, or on Stitcher.

One thought on “Rational Security, Episode #109: The “We Need to Talk About Devin” Edition

  1. It’s also rather easy to seat a chemical weapons ban along the grounds of rational self-interest: no one wants them used on themselves or their allies, so no one should use or produce them. So I don’t think chemical weapons bans are simply touchy-feely morality based talk.
    However, the distinction Ben made between the chemical weapons bans and financial cyberattack bans applies on a different level, which is that one can really only be a transnational threat, while the other can be used in both domestic and international contexts. As it was pointed out, chemical weapons have a history of countries using them domestically against segments of their own population – financial cyberattacks don’t really have that same lineage. The general fear with financial cyberattacks is not governments destabilizing their own economic systems, but others. The result is a norm that doesn’t really step on the toes of the whole chest-beating “sovereignty” thing that states claim give them the right to do anything to their own people. While I can see fringe examples of domestic use of financial cyberattacks, this distinction makes the two not really that comparable.
    Even if everyone implicitly agrees to this norm, having the G20 explicitly state it can only strengthen it. The financial sector probably faces enough cyberattacks from non-state actors that it will never get complacent as a result of a ban either. I really don’t see anything to lose with the proposed ban…
    It is a little strange to me that governments should have to worry about the cybersecurity of their financial sector when non-state actors actually have the capital to defend themselves properly. Why would anyone work to defend government secrets when they could be paid so much more to defend company secrets? Unless you have easy marks like Sony around, it seems like a much better use of resources to go after more vulnerable targets.

    Oh and you guys should start putting out anonymous opinion pieces – I think Publius Decius Mus would be a perfect pseudonym to use.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s