Cybersecurity Ethics

This course examines ethical issues relevant to ethics for cybersecurity professionals, including privacy, professional code of conduct, practical conflicts between engineering ethics and business practices, individual and corporate social responsibility, ethical hacking, information warfare, and cyberwarfare. Students will gain a broad understanding of central issues in cyberethics and the ways that fundamental ethical theories relate to these core issues.

Course Material

This semester has been transformative for me as a cybersecurity major and aspiring ethical hacker. The topics we explored in PHIL 355E challenged my perspectives and helped me develop a more nuanced understanding of ethics in the digital age. Among the many topics, three of them resonated deeply: privacy and informational dignity, the ethical use of professional skills, and the morality of cyber warfare. Each of these areas not only deepened my understanding but also shaped how I envision my future responsibilities as a government ethical hacker.

The topic of privacy and informational dignity had a profound impact on me. Initially, I viewed privacy as a technical issue and as something that could be managed through better encryption, secure systems, and stronger policies. However, studying Luciano Floridi’s concept of informational dignity changed my perspective. Floridi emphasizes that privacy isn’t just about protecting data; it’s tied to autonomy and identity. Losing control over personal information is more than an inconvenience and it’s a violation of dignity. This insight became even clearer when paired with James Grimmelmann’s analysis of power imbalances between corporations like Google and individuals. Learning how companies prioritize profit over individual rights made me rethink the ethical challenges of data collection and its impact on society. As a future cybersecurity professional, I recognize that my work will directly impact how privacy is upheld in an increasingly interconnected world. This realization emphasized the importance of ensuring that the systems I help design and secure respect human dignity and autonomy.

The ethical use of professional skills was another topic that struck me. Bill Sourour’s story about coding a deceptive pharmaceutical quiz highlighted the responsibility that comes with technical expertise. His decision to follow orders, even when the project conflicted with ethical principles, raised important questions about integrity and accountability. As someone entering a field where I’ll have access to sensitive data and systems, I realized that my skills carry immense responsibility. Armstrong’s idea of professional duty reinforced this, emphasizing that professionals are accountable not just to their employers but also to society. The concept of virtue ethics, particularly the golden mean, taught me the importance of balancing professional obligations with ethical principles. Sourour’s case reminded me that there will be moments when I’ll need to question directives that conflict with my values. As an ethical hacker, I will have to navigate these challenges thoughtfully, ensuring that my work aligns with principles like honesty and care for others.

The morality of cyber warfare was the third topic that profoundly influenced me. At the beginning of the semester, I thought of cyberattacks as a strategic tool for national defense and necessary in certain contexts. However, analyzing the Israel-Hamas conflict through Boylan’s concept of “attack and response” and Taddeo’s principle of “war as a last resort” challenged my assumptions. The cyberattacks on civilian infrastructure blurred the lines between military and civilian targets, causing widespread harm and fear. Utilitarianism, with its focus on minimizing harm, provided a critical lens for evaluating these actions. It became evident that even if these attacks served a military purpose, their disproportionate impact on civilians were not ethically justified. This case made me think about the broader implications of my future work. As someone who will be responsible for defending systems and, potentially, launching countermeasures, I now understand the importance of ensuring that my actions align with ethical standards. Cyber warfare isn’t just about technical efficiency, it’s about protecting lives and upholding justice.

Reflecting on these topics has fundamentally changed the way I view my role in cybersecurity. Privacy, professional responsibility, and the ethical implications of cyber warfare are not just theoretical issues and instead, they’re challenges I’ll face in my career. This course has shown me that being an ethical hacker means more than identifying vulnerabilities or strengthening defenses. It means approaching every decision with integrity and ensuring that my work contributes to a safer and more just digital world. I’ve also learned that ethical dilemmas rarely have clear-cut answers

Moving forward, I want to carry the lessons from this course into my professional life. Privacy is about protecting human dignity, and I’ll ensure the systems I work on respect that. Professional skills come with significant responsibility, and I’ll strive to balance my technical expertise with moral principles like honesty and care. Finally, cyber warfare requires not just strategic thinking but also ethical judgment. As I work toward becoming an ethical hacker for the government, I’ll remember that my ultimate goal isn’t just to safeguard systems but to protect people and uphold justice. Ethics will be at the core of everything I do, guiding me to make thoughtful and responsible decisions in a field where the stakes couldn’t be higher.