Article review - In Search of Ethical Code for Cybersecurity
Course:- Software Engineering
Reference No.:- EM132161074

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA references. Regarding if passive reconnaissance is ethical or not and requires written consent, would venture to say it's based on the details and circumstances involved with the actual client. It's certainly not against the law or unethical to gather or research information that's publicly available.

According to Walker, M. (2017), nothing happens before you have a signed, sealed agreement in place. Nothing. This agreement should spell out the limitations, constraints, and liabilities between the organization and the penetration test team, and is designed to maximize the effectiveness of the test itself while minimizing operational impact. From a hypothetical pen tester vantage point, we would want to gather as much publicly available information about my client in advance to advise them on what they should and shouldn't disseminate to the public as part of my assessment strategy.

Now understand the concept of getting "everything" sealed in a signed agreement before moving forward however, we don't consider passive reconnaissance apart of that agreement. According to Danny Bradbury (2017), Ethics plays a big part in many lines of work. Doctors can be struck down for violating codes of conduct, and lawyers can be disbarred. Journalism, too, has many ethical codes that overlap. Shouldn't those working in cybersecurity have a code of conduct too? The stakes are rising in this field, as attackers and defenders alike gain increasing power over our systems and data. For example, 40 years ago, most work was still manual and desktop computers were a hobbyist pursuit. Cybersecurity didn't matter as much.

Now, attackers can gain control of everything from our homes to our pacemakers electronically. Cybersecurity practitioners and researchers are working at the cutting edge of a highly adversarial industry, and dealing with a range of thorny problems. At the end of the day, my reputation and character mean more to me than anything with the exception of my family. So I'm not going to do anything that will jeopardize the aforementioned. With that said, I do believe there should be consequences if one deliberately decides to "cross the line" from ethical to unethical. Specifically, conducting actual pen testing on a system without written consent.

The following biblical reference lends itself very well to the topic of ethics: Matthew 5:9: Blessed are the peacemakers, for they shall be called sons of God. Regarding being a peacemaker as Jesus discussed in Matthew 5:9, Jesus used the word peacemaker in the context of solving a problem not ending a conflict such as a war. A peacemaker, in the context of solving a problem, is exactly what a security practitioner should not only be but epitomize. Proverbs 22:1 "A good name is to be chosen rather than great riches, and favor is better than silver or gold." Bottom line, as cybersecurity professionals, we should "always" operate in a glass house with a strict honor code and with an unwavering mindset that we'll "always" protect the users that we support and the profession even if we're place in those uncomfortable and unenviable positions.

Article - In Search of an Ethical Code for Cybersecurity.

Attachment:- Assignment File.rar


Verified Expert

The paper is related to the review of the penetration testing and the passive reconnaissance This paper also highlights the requirement of the new policies and procedures that works for the penetration testing and modules This paper has been prepared in Microsoft Word Document.

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
Discuss the difference between using brainstorming and the Delphi Technique for risk identification and determine some of the advantages and disadvantages of each approach?
you will identify the requirements for the project you selected in the first week. You will also perform a requirements analysis to help solidify the requirements and prepar
Create a vision to summary your project. Choose three to four use Cases (each use case should include one success and one failure scenarios), provide full-dressed description
Describe the scope and analyze how to control the scope. Speculate and give justifications for how to control scope. Identify possible risks, constraints, and a
Perform a feasibility analysis on the purchase of a new car. Although a full feasibility analysis for an IT system will include organizational, economic, and technical compo
You have been tasked with developing the software for the next generation vending machine for use at universities. The vending machine has a number of unique features that
Create a paper explaining what office automation and group collaboration software is used in your company. Include an review of the drawbacks and benefits of each software use
A restaurant is not doing well. It is doing poorly as customer patronage is low. Use Ishikawa diagram to investigate the causes of the problem.