This week's topic is cybersecurity ethics. Ethics can be a very slippery topic since it often depends on the situation and the person what is right and what is wrong.
Someone who works in cybersecurity has a very special position of power over their workplace's data. That power can be mistreated and manipulated to be ethically incorrect. A good way to navigate these ethics in a situation of power is to ask yourself if that was your personal information would you like it to be public? For example, if my information was breached, I'd like to know right away. Many companies try to hold back saying they were breached to make themselves look better. But in the end, people's safety is more important. Users need to know if they need to change their passwords or lock their credit.
Another example of cybersecurity ethics can be seen in everyday users of the Internet is the use of streaming and/or pirating movies and shows. The world we live in right now is based in subscription models that often overcharge for streaming their services. Many people then choose to pirate this media by finding it elsewhere online. It's ethically not in anyone's best interest to do that. The user could get a virus on their computer or some other nefarious actor could get a hold of their data, and the people who made the media aren't getting any monetary benefit for their creation. I like to recommend to people who want to save money and not pay for all 300 streaming services out there, try the library first! They have DVDs of many shows and movies, also a free streaming app called Kanopy. We must all work together to make the Internet more secure.
My last discussion topic for cybersecurity ethics covers the topic of cost. Investing money in cybersecurity sounds good on paper, but companies usually have a million other things to throw their money at. Now more than ever, companies are realizing how important cybersecurity is, usually from experience. Just a month ago, I went to Loffler Tech Fest at the RiverCentre in Saint Paul and heard a panel about cybersecurity. Some of the people there were representing companies that had been compromised in some shape or form. Only realizing in post that they should've been more cybersecurity-aware. But it's all a juggle of money since cybersecurity incidents can be costly to fix, but investing in your company to be more secure can also be expensive. I think all companies should give it a good try to make their cybersecurity team robust and all their employees aware of issues like phishing and password usage.
All in all, people are not means to an end and shouldn't be treated as such. Cybersecurity is necessary to protect users and their data, but it often toes the line when it comes to ethics. Discussing each situation and evaluating the amount of power cybersecurity professionals have is necessary to being ethical.
Articles Read
- Cybersecurity Ethics: What Cyber Professionals Need to Know
- Cybersecurity Ethics: Everything You Need To Know
- Cybersecurity Ethics: Why It’s Important
- Computer Ethics Fundamentals