There have been many topics, perspectives, and positions that I have identified and discussed in this class that have changed my perspectives on cybersecurity ethics. Before I took this class, I would always discuss ethical issues within the cybersecurity field from a personal moral standpoint. Throughout this class, I was able to learn about different ethical theories such as consequentialism, deontology, contractarianism, and ethics of care theories. I was able to identify and discuss each theory throughout the modules and then apply those theories to the case analysis to determine whether or not the cases were considered ethical. My perspective on how cybersecurity ethics is discussed has changed. I no longer look at it from a personal perspective of what is right or wrong, but I try to apply the different ethical theories that I have learned to provide an academic discussion on the ethics behind certain issues in the cybersecurity field.
A topic that we had a chance to identify and discuss was user data and privacy which went hand in hand. With how technology is advancing in today’s world, the issue of user data and privacy is becoming more and more popular as well as a huge concern. My view on this issue was mainly based on my personal belief that invading users’ privacy and collecting their data was unethical. After learning about the consequentialism theory and applying it to nations collecting data for their law enforcement as well as a way to protect their citizens forced me to remove my personal beliefs and consider the situations on their own. As a cybersecurity student, the issue of privacy and user data being collected has been a consistent theme in all of my classes. Being able to analyze when it is ethical and necessary to invade people’s privacy and collect their data will be extremely helpful, especially when policies come into place. Moving forward in my academic and professional career, having this knowledge and being able to discuss the ethics behind these topics will be helpful in determining how to tackle this issue since there does not seem to be a way to avoid it all together.
Finally, some other topics that I never truly considered their relationship to cybersecurity ethics were corporate social responsibility (CSR) and professional ethics. I was able to learn more about the ethical issue behind corporate social responsibilities and whether or not they have any. I used to view this topic from a purely business perspective, if it does not help the company then there is no need to do it. After discussing the role businesses have in our society and applying the different ethical theories to this issue, my perspective on this topic has become more in-depth. I am now able to understand that businesses need to work together and benefit society. From an ethical perspective, businesses will benefit from helping society. I now understand from the theories I learned that to some degree corporates have some degree of social responsibilities. The action itself and the outcome are all beneficial to all parties and if corporations do not take on any social responsibilities, they will bring more harm to themselves and society. Another topic that I was able to have a more in-depth understanding of was the concern behind professional ethics. I used to believe that regardless of the reason, one should always do the right thing, but after learning about this issue my perspective has changed. For certain occupations, I now understand their obligation to their profession is necessary for trust and reputation to exist. Applying the ethical theory of consequentialism to this issue has allowed me to have a more in-depth perspective. In the example of lawyers, it is ethically justified that they will defend their clients 100% even if they know they are lying or have confessed to a crime because if you had no proof to show that you were innocent you would want your lawyer to defend you 100% regardless of the situation. Situations like these allow for the greater good in the end and justify these actions as ethical.