What is Encryption and Why Do We Use It?
Cybersecurity

Cybersecurity Fundamentals – Ethics Within the Cybersecurity Community

Short on time? Listen instead. 

Trust is earned, not customarily given freely or easily. It is achieved by association with others that have proven high moral and ethical standards, as well as through the experiences of those you deal with that can attest to your own. We in the cybersecurity community hold trustworthiness as one of the most essential traits to aspire to when working with a client or as part of an organization’s security team. 

We give oaths to uphold the ethics of our community and renew them every so often so that we never lose sight of the fact that our positions require such high standards because we deal with some of the most sensitive and potentially harmful (if lost or stolen) information that others can give into our care.

But for the regular folks, it might seem like we take ourselves and our work too seriously or that what we do is just mess around online all day. This is far from the truth in many ways, but we take our work very seriously, as it can mean the difference between a job being completed or even the loss of life if we don’t.  

What are our ethical requirements?

As a cybersecurity professional, I have had to study and test for multiple certifications from various providers, which all require an oath to obey and uphold an ethical standard. These oaths speak to a commitment to preserving the information we are custodians of, acting in a legal and honorable manner, and holding ourselves and others accountable for our actions.

Each professional organization speaks to these and other standards in their ethics oaths differently. Still, it comes down to doing what is proper to preserve what we are charged with and not allowing ourselves to breach the confidence and trust of others by doing unprofessional or unethical things.

Our ethical standards can range from not using illegal or unauthorized software to continuing education in our field or specialty. From not associating with black hat groups to ensuring that we don’t advertise, our skills are more significant than they are. We also are asked to keep learning and passing on our knowledge to others throughout our careers so that everyone in the community can benefit from our experience and expertise.

Why do we care so much about ethics?

The information we deal with daily is important, not just to us but to others. Some of us deal with personal data related to healthcare patients, like their health conditions, payment information, treatments, and who is providing their care. Other professionals, like myself, are part of teams that have, at times, dealt with information that could potentially cause harm to our nation or national defense if they were to become known or were lost. 

Suppose you use social media sites, such as Facebook or Truth Network. In that case, there are people in the background protecting the privacy of men, women, and children from illegal or inappropriate disclosure to those that would use it with ill intent. A child’s location and what they like to do may not seem like sensitive information to them, but to the wrong person, this is precisely the information they could use to find the child and do them harm. 

Our obligations here are to make sure that we don’t, by mistake or intentionally, allow others to come to harm and preserve the usability of the data out there. We must be diligent, careful, and intent upon these obligations.

How will this Affect You?

It is estimated that Americans consume over 5 Gigabytes (GBs) of data per month, the same as over four MILLION pages of written text. Of course, only some of that data (possibly not even a large chunk) is written word, but all the same. If no one, including you, is protecting the information that is most important to you, then it becomes freely available for anyone to access it. Good or bad, you wouldn’t be able to decide who you wanted to see or use it.

This is why ethics is so important. Your ability, or that of an organization, to control who has access to and can use your information/data is important. The wrong information can cause you harm or keep you from being able to do your job.

So, protect your information and that of others by ensuring those with charge over it are working ethically to defend it at all times. 

What should you do

When you are working as someone in control of a cybersecurity team, or as a team member in such, or if you are simply watching over your family’s well-being, take the time to research what they are doing, how they are doing it, and why. 

Ask yourself some of these questions to see if you can determine whether something is ethical or not:

  1. Is what is being done for good or ill?
  2. Were you asked to do something, or are you doing it just to find out some piece of information you want to know?
  3. Are you allowed by company policy to do what you are doing?
  4. Is the person you are working with telling others things they shouldn’t about the information they work with?
  5. Is the system/network you are on safely managed enough that you can be assured of the data being secure on it?
  6. If you are getting ready to hire someone to work with your data, are you reasonably sure they can do the work and will be ethical in handling it?

All these questions and more are good questions to ask yourself and others when trying to protect someone’s information. Make an effort to assure yourself that you are getting what you need and that a wrong decision won’t affect your ability to continue to move forward.

Northstarr Recommendations 

Staying safe and protecting your data is never a “one-and-done” experience. It is a constant routine of checking and rechecking to ensure you are using the right people and processes. With Northstarr System Solutions as your partner in the work, it becomes much easier to keep the routine going and going well.

To find out more about how we can help, visit our website or give us a call at (888) 767-2210 to set up an appointment.  We look forward to meeting with you!