Cybersecurity Ethics

This course examines ethical issues relevant to ethics for cybersecurity professionals, including privacy, professional code of conduct, practical conflicts between engineering ethics and business practices, individual and corporate social responsibility, ethical hacking, information warfare, and cyberwarfare. Students will gain a broad understanding of central issues in cyberethics and the ways that fundamental ethical theories relate to these core issues.

Reflective Essay

Cybersecurity Ethics has been an interesting subject to study this semester, containing various ideas, topics, and contentions which I’d never been exposed to before. Through the voluminous amounts of reading, there was a wide variety of viewpoints on cyber related domains from an even wider variety of writers. There were three takeaways that stuck out to me in particular. In this brief reflective essay, I’ll be explaining why the discussions of data ethics, whistleblowing, and privacy were most important to me. After reading this essay, hopefully you can understand why I found each one of these topics unique and essential. I found these topics so important, I felt it best to include their corresponding case analyses on my WordPress webpage.

This course immediately immerses students in important subject matter, one of those topics being data ethics. Data ethics is a contentious subject, and the reading and questions posited by the course emphasized the importance of proper data handling, mentioning best data practices like the GDPR and other government frameworks. Readings contained benign data invasion examples, that, on the surface, didn’t seem to be a problem. While these initial data breaches weren’t done with evil intentions, the course explains the potential dangers of future data breaches and their subsequent ramifications. What if they were done with malicious intent? Individual freedom is a central component of data handling, with government and business ensuring their systems and practices comply with socially accepted and mandated regulations and standards.

Whistleblowing, in my opinion, is seldom discussed in schools, let alone in society. The practice, to me at least, was rather nebulous when starting this course. Famous whistleblowing examples such as Julian Assange or Edward Snowden are noted within the reading. Both individuals leaked classified government information that contained evidence of wrongdoing. Specifically, the murder and mass surveillance of foreign and domestic citizenry. These figures underscore the practice’s significance. Sadly, both have either been arrested or are in hiding. An interesting facet of whistleblowing that the course argues is that the practice isn’t done with malevolent intent. Rather, its done out of care for an organization’s or institution’s core values and tenets. Whistleblowers care, and it is reflected in their actions. When there is no proper outlet to discuss wrongdoing, whistleblowing becomes the final option. This course highlights the whistleblower’s crucial role when proper channels for addressing wrongdoing are vacant, emphasizing that a whistleblower doesn’t leak out of malice, but out of care, responsibility or duty.

Lastly, the idea of waning privacy in digital spaces, as well as society at large, was an interesting discussion. Floridi, a featured author within the course, delves into the ideas of Information Communication Technologies, (ICTs), and Information Friction. He describes in his writing describe how throughout history, technology has dismantled barriers by which humans can connect and communicate with one another. While this has undeniable benefits, ICTs simultaneously erode personal privacy. Cyberspace and the internet should be seen as the ultimate ICT, removing all the informational friction. To emphasize this point, the course highlights Google Streetview, which has seen pushback from various cultures, such as Japan. Societies like Japan perceive the documentation of their street and homes a blatant violation of their personal privacy, as they see those areas apart of their personal property. The discussion of diminishing privacy accentuated the relationship between technologies and personal boundaries. The course highlights that there must be a delicate balance between the two, as there must be innovation, but not tat the cost of individual privacy rights.

Cybersecurity ethics has been a fascinating course to say the least. In all honesty, the reading at times was difficult and dry. The ethical tool reading within the course alleviated some of the monotony, using creative short stories and comics to deliver complex ethical principles. Overall, the ideas and principles forwarded by the course are timeless, and I feel as if I’ll remember and utilize them throughout the rest of my collegiate career, as well as when I enter the cybersecurity workforce. Data ethics, whistleblowing, and privacy are all complex subjects, with the course providing ample reading to give students a fundamental understanding of the topics.