Article review - In Search of Ethical Code for Cybersecurity
Course:- Software Engineering
Reference No.:- EM132161074

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA references. Regarding if passive reconnaissance is ethical or not and requires written consent, would venture to say it's based on the details and circumstances involved with the actual client. It's certainly not against the law or unethical to gather or research information that's publicly available.

According to Walker, M. (2017), nothing happens before you have a signed, sealed agreement in place. Nothing. This agreement should spell out the limitations, constraints, and liabilities between the organization and the penetration test team, and is designed to maximize the effectiveness of the test itself while minimizing operational impact. From a hypothetical pen tester vantage point, we would want to gather as much publicly available information about my client in advance to advise them on what they should and shouldn't disseminate to the public as part of my assessment strategy.

Now understand the concept of getting "everything" sealed in a signed agreement before moving forward however, we don't consider passive reconnaissance apart of that agreement. According to Danny Bradbury (2017), Ethics plays a big part in many lines of work. Doctors can be struck down for violating codes of conduct, and lawyers can be disbarred. Journalism, too, has many ethical codes that overlap. Shouldn't those working in cybersecurity have a code of conduct too? The stakes are rising in this field, as attackers and defenders alike gain increasing power over our systems and data. For example, 40 years ago, most work was still manual and desktop computers were a hobbyist pursuit. Cybersecurity didn't matter as much.

Now, attackers can gain control of everything from our homes to our pacemakers electronically. Cybersecurity practitioners and researchers are working at the cutting edge of a highly adversarial industry, and dealing with a range of thorny problems. At the end of the day, my reputation and character mean more to me than anything with the exception of my family. So I'm not going to do anything that will jeopardize the aforementioned. With that said, I do believe there should be consequences if one deliberately decides to "cross the line" from ethical to unethical. Specifically, conducting actual pen testing on a system without written consent.

The following biblical reference lends itself very well to the topic of ethics: Matthew 5:9: Blessed are the peacemakers, for they shall be called sons of God. Regarding being a peacemaker as Jesus discussed in Matthew 5:9, Jesus used the word peacemaker in the context of solving a problem not ending a conflict such as a war. A peacemaker, in the context of solving a problem, is exactly what a security practitioner should not only be but epitomize. Proverbs 22:1 "A good name is to be chosen rather than great riches, and favor is better than silver or gold." Bottom line, as cybersecurity professionals, we should "always" operate in a glass house with a strict honor code and with an unwavering mindset that we'll "always" protect the users that we support and the profession even if we're place in those uncomfortable and unenviable positions.

Article - In Search of an Ethical Code for Cybersecurity.

Attachment:- Assignment File.rar


Verified Expert

The paper is related to the review of the penetration testing and the passive reconnaissance This paper also highlights the requirement of the new policies and procedures that works for the penetration testing and modules This paper has been prepared in Microsoft Word Document.

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
Software architecture plays a different role in different context. Select each one of these contexts, and describe software architecture's role in the context. Use an example
Discover the shining coyote experience in journey to ixtlan. Examine from Edinger's perspective. Explain the complete process of life cycle.
Security policy is based on choosing the appropriate controls to protect the organization. Choose an organization from industry, government, private business, or military that
Which manages rental properties and charges the owner a management fee - the For Realz Accountant has devised the following rules to calculate the monthly management fee payab
Briefly describe the TPM waterfall method. Briefly describe one or more Agile project management approaches. Compare and contrast TPM and Agile methods, emphasizing the streng
In software engineering, one can find various life cycle models. Some examples include the waterfall model, agile processes, and iterative and incremental models. Identify c
Assume one file has r =1000000 records. Each record takes R = 100 bytes, of which 10 bytes are for the key of the record. What is the least number of block accesses to fetc
Produce a state diagram to illustrate the expected behavior of the key domain object - Perform UCR for the normal flows of both use cases and produce summary analysis class d