One Neck to Choke

A crisis of accountability destroys nations

After the narrowly averted assassination attempt on President Donald Trump, the question on every mind was whether the failure of the Secret Service to identify and neutralize the threat was due to incompetence or malice. There is plenty of evidence one could supply for either side, as well as hybrid options like malicious incompetence, and malicious negligence. Whatever it was, I was grieved it resulted in the unnecessary death of the heroic Christian volunteer firefighter, Corey Comperatore.

As the events were unfolding I tried to piece together the available facts and vet the rumors. All the public statements were designed to argue for incompetence, but those arguments were so bad that they looked malicious. Making up absurd lies about the slope of the roof being a safety hazard, refusing to come prepared with answers to a congressional oversight hearing, and refusing to answer why President Trump was kept on the stage when the shooter was known about for much longer than 10 minutes. We are told they knew that weaponized drones were a threat vector but that their counter UAV-system was having technical difficulties that day, which enabled the shooter to survey the land with his own drone earlier that day. We are expected to forget that Democrats tried to pass legislation to deny Secret Service protection to convicted felons while pursuing a witch hunt of malicious felony charges against Trump. Democrats responsible for trying to prosecute and demonize Trump were the same people who command the Secret Service and who apparently refused requests for additional resources.

Combining the pattern of malicious political behavior with lies to defend themselves, it makes sense to attribute malice, but when you see an obese woman charged with defending a US President struggle to holster her service weapon in at least two separate videos, a healthy dose of incompetence applies as well. She’s now been spotted in Vice Presidential candidate J.D. Vance’s security detail.

Failures like these can only exist as the result of a cascade of a dozen or more other failures, any one of which being corrected could have prevented the incident. Therefore it was a failure of process, not merely a mistake.

A Crisis Of Accountability

All these questions are stimulating intellectually, but the point is largely moot. There is enough plausible deniability of malice that it will functionally be treated as a series of implausible mistakes, each of which involve shared blame among multiple parties. Secret Service Director Kimberly Cheatle has already taken the fall by taking all of the heat in the congressional hearing and, after much denial that she would, putting in her resignation. An organization supposed to be made up of elite tactical security officers fails to stop an attack on a president, not by failure under pressure but failure to apply the most basic and routine preventative measures, and the public is presented with a dramatic tension about whether she would keep her job. In terms of tangible outcomes, if Trump is reelected, this cuts her tenure short by a mere six months. Nevertheless, the outrage of the general public is placated and we have moved on.

Western democracies presently face a crisis of accountability. It is ironic. The whole concept of democracy is to use elections to hold government accountable, and to use rival ambitions between politicians to eliminate the tyranny of absolute power vested in a single person. Instead, the diffusion of power through agencies and teams of individuals dilutes the responsibility that any one person could possibly bear for failure. When failure produces an outcome that the people in power are happy with, it is at least easy to understand why fixing the accountability problem is a low priority.

Crowdstrike

Unfortunately, this problem is not limited to democratic governments. The recent meltdown caused by the computer security company Crowdstrike provides a vivid illustration of the same principle through the critical enterprises and infrastructure that America depends on. On the surface, this problem may seem like a simple accident that could happen to anyone, but again we have a sequence of failures driven by the deferral of responsibility and accountability. The root of the issue was an error in what should have been a minor update to a security driver, but ended up performing operations that crashed the Windows kernel, making the whole computer inoperable until a fix was manually implemented. In principle, this should have been caught during testing prior to releasing the update, but not only was it not caught, it was pushed to millions of devices with automatic updates, resulting in complete downtime for all the systems run by the enterprise. The vulnerability made use of privileged access kernelspace, normally reserved only for device drivers and security software and not available to ordinary programs. In other words, the failure occurred because of their unique position of being responsible for the security of the computer.

These are critical systems that manage hospitals and airlines. The mistakes cost billions of dollars and there were likely lives lost due to the outages of critical services. However, each step of the way there were people responsible who had someone else to blame. The management of the enterprise could point to their IT Department, the IT Department to Microsoft, Microsoft to Crowdstrike, and Crowdstrike to their various internal departments. Nevertheless, the fact that the outages still happened and at the scale that they did demonstrates a complete failure of process where a single good decision could have prevented the outage in its track.

No one was forcing enterprises to exclusively use Windows operating systems for their entire fleet of computers, to use Crowdstrike as their exclusive security vendor, to automatically apply updates on release without testing, to update their entire fleet at the same time. Microsoft could conceivably find ways to be more resilient from errors in drivers, or have built in tools to easily track and roll back driver updates when they cause critical errors, and of course, Crowdstrike should have discovered their updates would cause kernel panic.

Each step of the way the people involved defer to the “safe” option. The old idiom, “No one ever got fired for buying IBM,” applies here. Windows and Crowdstrike were the “safe” vendors used by the big players. Automatic updates were the “safe” option when there is corporate pressure against security breaches. Now that this failure has proven the options were not “safe” it is easier to say, “It was not my fault” than to say, “Our process is critically broken and I was responsible for not fixing it sooner.”

How Bad Can It Be?

Historically, kings would execute their ministers for critical failures, even for things they didn’t do maliciously or directly. Today, the pendulum has swung to the other side such that people in authority can completely burn down their cities or bankrupt their companies and be granted a pass so generous that they can keep their jobs or pivot to their next office.

This attitude is only possible for a population that has grown complacent and lacks a healthy fear of failure. Failure no longer feels like an existential threat. We assume that things will naturally “return to the mean,” even when we mismanage them, but problems do not correct themselves automatically. No one thinks that they will personally miss meals if they fail at their job, or that if the government fails it could spell the end of a nation, but these are inevitable results of decline when it goes without remedy.

Now factor in external threats. If a recent high school graduate with no military experience could come inches from assassinating the front runner for US President, what could a hostile government accomplish? If a single mistake by a programmer at Crowdstrike has this impact, how vulnerable is infrastructure to a state-sponsored cyber attack? What if a Crowdstrike-style meltdown occurred on the eve of an invasion or missile strike? What if multiple of these scenarios were planned at the same time?

It explains why kings used to execute their ranking ministers. If the failure of a minister gets the king poisoned, or the castle besieged while the people inside slowly starve, the life of the minister is a small price for failure. The threat of serious personal consequences changes the calculation about what the “safe” option is. On my own computer, I normally apply updates daily without special testing or concern, just accepting the risk that perhaps once a year I will need to intervene manually, but if my life depended on it, I would outsource much less of this trust, and apply a much more careful strategy that I personally manage.

It’s true that not everyone can live up to a high standard, even if their lives depended on it, but these are not standards for everyone. They are standards for leaders given authority over critical positions in society. Those who wish to hold elite roles of governing cities, states, and nations, and those responsible for billions of dollars of commerce and infrastructure ought to face the downsides of those roles and not just the upsides, and if they are not up for the task, to be replaced by people who are.

When dealing with complex and risky positions of authority, there needs to be one neck to choke: A single individual with the responsibility and authority to get the job done right and stand behind the results.

In your own work, you should live up to these standards. When you are responsible for appointing authorities, you should approach it with this level of seriousness and not accept excuses that defer or dilute blame. The old industry adage of C.Y.A. (cover your ass) does not apply, as if one can avert the proverbial spanking by pointing to why their decision was justified, rather than the results they were responsible for.

Perhaps there are situations where those in authority truly are prevented from taking full ownership over the results, but where we stand today, the mere plausibility of an excuse is enough to completely remove all accountability. We need to demand more of our leaders, our subordinates, and ourselves.

Sticking your neck out is risky, but everyone who has done anything meaningful has put themselves into the position where failure is risky and costly and pressed through it to greatness. If our civilization is to be great, it must be led by great men, men with chests, even if it means they choke and get choked once in a while.