What is the Ethical Dilemma Facing Cybersecurity Policy?

Written By Todd Mitchell

The biggest ethical dilemma facing cybersecurity policy makers is the question of whether you can be proactive or merely remain defensive. In the example of the Sony hack in 2014, the US government did nothing in response to a foreign government stealing dozens of films. However, if a group of elite soldiers from a foreign government flew in and climbed down into the building to steal the films there would have been a huge investigation with a bunch of local, state, and national agencies in response, along with threats of all out war!

The risk of cyber espionage no longer applies just to large conglomerate companies. Modern technology has made even the smallest startups a target for intellectual property theft (Krell, 2014).  The question remains: is a cyber-attack justified as a legitimate response to an attack? Even to a conventional attack? Research shows that cyber-warfare seems to be immune to traditional morals (Dipert, 2010). This is not surprising considering the motivations of hackers and hiding behind anonymous screen names.

The mitigation of this is to have the discussion ahead of time and build a well-defined policy. A well-built incident response and disaster recovery plan will detail the steps needed to react to any given situation. Including offensive and defensive steps or actions that are allowed. Opinions will vary greatly on what actions are appropriate. Research shows that men and women view ethical cyber issues very differently. Women are more conservative and rely on personal experience to guide them. Whereas men are more influenced by legal statements and policy (Kreie, Cronan, 1998).

 

References

Dipert, R. R. (2010). The ethics of cyber warfare. Journal of Military Ethics, 9(4), 384-410. doi:10.1080/15027570.2010.536404

Kreie, J., & Cronan, T. P. (1998). How men and women view ethics. Communications of the ACM, 41(9), 70-76. doi:10.1145/285070.285084

Krell, E. (2014). Ethics of ... cyber - espionage. Baylor Business Review, 32(2), 46-47. Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com.ezproxy.umuc.edu/login.aspx?direct=true&db=bth&AN=95937986&site=eds-live&scope=site

Todd Mitchell
Previous

What is FISMA? What are the Pros and Cons?
Next

Do Software Programmers Need to Use Cybersecurity?