Cybersecurity Ethics

This course examines ethical issues relevant to ethics for cybersecurity professionals, including privacy, professional code of conduct, practical conflicts between engineering ethics and business practices, individual and corporate social responsibility, ethical hacking, information warfare, and cyberwarfare. Students will gain a broad understanding of central issues in cyberethics and the ways that fundamental ethical theories relate to these core issues.

Course Material

Reflective Writing: My Gain Out of this Class:

In this course great materials were covered. These days, Internet has become one arena where the constitutional given rights are deemed to be exercised. In relation to technology, the constitutional right of life, liberty and the pursuit of happiness can for example be expounded to the freedom of speech, privacy rights and even social responsibilities societies should undertake in an interconnected world. That is why in this course, learning the moral, ethical and social aspect of transforming the gifts of technology without eroding the fundamental human dignities and values were essentially important. In the world of Cybersecurity, any deed of technological solution that lacks moral, ethical and social responsibility can have a severe consequence on many if not millions of people. If Programming, coding or any other computing innovations are not guided by the universal and fundamental ethical principles or theories, which I believe this course has provided, the novel intent of Cybersecurity as an effective and efficient problem solving discipline will not only fail to realized its purpose but can in contrary be destructive. In relation to my major, three ethical topics that deepen, changed and enriched my perspective or position that I may use and incorporate them to my coming career are the principle of Consequentialism, Contractarianism and ethics of care.     

A Consequentialist thinks that any action is good if the consequence of that action is good and bad if the consequence of that action results a bad outcome. Now, as a Cybersecurity professional, this course, particularly the theory of consequentialism have provided me with a solid understanding that the decisions I may take in the privacy & data ethics can for example affects consumers in a good or bad way. In the same way any role I may play as a corporate social responsible (CSR) employee or a whistleblower for that matter can affects an organization in either way. In this course I also learned that the consequences of my action may not only affect consumers or the organization I may be working for but also the society, the social fabric which attaches these entities together. This is much-less deciding on the faith of a society. Having understood this and following the consequentialist principle suggestion therefore, as a Cybersecurity professional, I will always be aware of the consequences my decision may have on the lives of million and strive to always contribution goodness in a society.

Contractarianism refers to a moral theory that morality is based on an unspoken social contract between all members of society as members of society. As Cybersecurity professional, this concept is important because, it bound the agreement I will have with the general public or the organizations I will work for. Contractarianism will hold us; me, the society and my employer to some basic ground rules of existing in the Cyber world. Consumers agree in how they behave or what community guidelines should they fellow. On the basis of spoken and unspoken contract, I as a professional will do all my best on holding the contracts I entered with my society, such as protecting consumer’s data and to my employer, working diligently in protecting my organization’s property and assets. My employer is also responsible for the contract it entered with the employees and consumers. In general, this concept helps me locate my position in the dynamic world of consumer-business relations. Contractarianism familiarizes me with the idea of fairness and justice and what is considered as best social contracts for the society to exist harmoniously. The concept of “veil of ignorance” provoked a though of “not knowing” -as supposed to not personally knowing the individuals I may be working on their personal data. I think, the “veil of ignorance’’ will help me stay neutral as to be fair and just for everyone.      

 Finally, the ethics of care refers to the concept of being specially obligated to those who we have relationship with. From the Cybersecurity professional’s perspective, for example, I can have a caring relationship with the victims of a cyber-attack or cyber bullying. In the context of my professional Cybersecurity career for example, through the concept of “ethics of care” I will demonstrate my care to the victims, by doing my tasks in a considerate and thought manner that will secure their personal data, systems and networks. In the same way, I will also use this concept towards my employer. Losing millions of dollars to ransomware, legal expenses to settle a lawsuit and reputational damage cost are real problems that an organizations face in the challenges of an attack or a breach. From this understanding then, as a Cybersecurity professional, I will demonstrate my care to my employer by execution my assigned task within the scope of following  only the policies, regulation, standards and procedures my task allows me.

As a conclusion, this course has been one of constructive and beneficial for my major. Every module was enlightening.  It challenged my morals and ethical principles, somehow provoked a thought to what my moral and ethical position would have been in the middle of some Cybersecurity career challenges. In addressing and analyzing the cases, I believe it shaped and deepens on how I may apply these moral and ethical theories and principles to my Cybersecurity Career.