The "Cyber War Threat" Debate

I mentioned back in April that I was going to be out of DC on June 8 -- but that if I had been around, I would have been sure to attend the Intelligence Squared debate at the Newseum on the motion that "The Cyber War Threat Has Been Grossly Exaggerated."

Well, the results are in, and the "against the motion" side won big. Ie, the team of Mike McConnell, former DNI/NSA director, and Jonathan Zittrain, of Harvard Law School, was apparently way more effective in arguing that the threat was real, than the "for the motion" team of (my natural allies) Bruce Schneier, all purpose security-guru, and Marc Rotenberg of the Electronic Privacy Information Center was in arguing that it has been overstated. Info on all debaters at the site.

Teams "win" or "lose" these debates by measured movement in audience opinion before and after the discussion. Obviously such results can be cooked, but here are the reported opinions:

BEFORE: 24% for the motion (agree on "gross exaggeration"); 54% against; 22% undecided.
AFTER: 23% for; 71% against; 6% undecided.
     Net change: "undecided" vote breaks in a major way for the "threat is real" camp.

A transcript of the whole debate is available in PDF here. I've just read it through quickly, but on first glance I can rationalize the results this way. First, the "anti" team, especially Zittrain, seems to have taken the requirements of structured debate more seriously than the "pro" team, especially Schneier. A sample from Zittrain after the jump. Second, and to my relief, the "anti" team took great care not to say that a "cyber war" was going on now. Rather its point was, the threat of such a thing happening was serious enough to justify the current level of press and political hype.

Congrats to all participants. And, no joke, it's a real public service to have debates of this sort that bring top-tier participants together and add the sizzle of prize fight competition to a discussion of issues of first-order importance.

Fundamentals of Debate 101: Of the four participants, my guess is that Jonathan Zittrain had most experience as a high school or college debater. Illustration of his approach: setting up the opponents' argument in a way that suits the rebuttal he has planned. This may not be spellbinding rhetoric, but it's a very effective debate presentation. After Rotenberg and Schneier had spoken, Zittrain said:

So, here's where we're at so far. Marc says, "Vote for us if you don't want a police state." Bruce says, "Vote for us if you think journalists and their headline writers and sometimes their sources exaggerate," and, "Vote for us if you don't want a military state." So, I stand here proudly before you in the negative, despite the fact that I do not want a police state. I do think that journalists and their headline writers sometimes exaggerate -- is it okay to say that in the Newseum? Is that all right?...

I want to give a more gradual view of the vulnerabilities that you'll notice both Bruce and Marc handily acknowledge. "Oh, we're not saying the system works. In fact, we agree it's utterly vulnerable. We just don't like the use of the word 'war,' and we don't like the use of the word 'war' because it might give people a platform through which to have bad things happen after that, to militarize or to create a police state or something like that." Well, fine. We have to argue against that, but let us be truth-tellers about the state of vulnerability in our networks and our endpoints, and then deal with it from there, neither exaggerating nor understating it.

So, what kind of threat am I talking about? Let me just give you two quick examples...

Worth checking out.