Article review - In Search of Ethical Code for Cybersecurity
Course:- Software Engineering
Reference No.:- EM132161074

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Software Engineering

Assignment -

Write a review on this article with 2 APA references. Regarding if passive reconnaissance is ethical or not and requires written consent, would venture to say it's based on the details and circumstances involved with the actual client. It's certainly not against the law or unethical to gather or research information that's publicly available.

According to Walker, M. (2017), nothing happens before you have a signed, sealed agreement in place. Nothing. This agreement should spell out the limitations, constraints, and liabilities between the organization and the penetration test team, and is designed to maximize the effectiveness of the test itself while minimizing operational impact. From a hypothetical pen tester vantage point, we would want to gather as much publicly available information about my client in advance to advise them on what they should and shouldn't disseminate to the public as part of my assessment strategy.

Now understand the concept of getting "everything" sealed in a signed agreement before moving forward however, we don't consider passive reconnaissance apart of that agreement. According to Danny Bradbury (2017), Ethics plays a big part in many lines of work. Doctors can be struck down for violating codes of conduct, and lawyers can be disbarred. Journalism, too, has many ethical codes that overlap. Shouldn't those working in cybersecurity have a code of conduct too? The stakes are rising in this field, as attackers and defenders alike gain increasing power over our systems and data. For example, 40 years ago, most work was still manual and desktop computers were a hobbyist pursuit. Cybersecurity didn't matter as much.

Now, attackers can gain control of everything from our homes to our pacemakers electronically. Cybersecurity practitioners and researchers are working at the cutting edge of a highly adversarial industry, and dealing with a range of thorny problems. At the end of the day, my reputation and character mean more to me than anything with the exception of my family. So I'm not going to do anything that will jeopardize the aforementioned. With that said, I do believe there should be consequences if one deliberately decides to "cross the line" from ethical to unethical. Specifically, conducting actual pen testing on a system without written consent.

The following biblical reference lends itself very well to the topic of ethics: Matthew 5:9: Blessed are the peacemakers, for they shall be called sons of God. Regarding being a peacemaker as Jesus discussed in Matthew 5:9, Jesus used the word peacemaker in the context of solving a problem not ending a conflict such as a war. A peacemaker, in the context of solving a problem, is exactly what a security practitioner should not only be but epitomize. Proverbs 22:1 "A good name is to be chosen rather than great riches, and favor is better than silver or gold." Bottom line, as cybersecurity professionals, we should "always" operate in a glass house with a strict honor code and with an unwavering mindset that we'll "always" protect the users that we support and the profession even if we're place in those uncomfortable and unenviable positions.

Article - In Search of an Ethical Code for Cybersecurity.

Attachment:- Assignment File.rar


Verified Expert

The paper is related to the review of the penetration testing and the passive reconnaissance This paper also highlights the requirement of the new policies and procedures that works for the penetration testing and modules This paper has been prepared in Microsoft Word Document.

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Software Engineering) Materials
Choose any real world scenario like enrollment system; draw ERD of selected case using two different notions (UML notion is mandatory).
Document about weaknesses of  Putnam's Software Life-cycle Model (SLIM). Need citations for every paragraph. Need citations from Peer reviewed articles , preferably from googl
Define how each software development methodology's history is affected by technology -  Describe the application and how it would meet its goals. What methodology is best sui
List, and briefly describe the purpose of, the three primitive control or logic structures. (Hint: These structures are given in the Programming Methodologies section of thi
Draw the UML class diagram using PPT or any other graphical editing tool, then, implement the code in Java. Be sure your code compiles and runs as expected. Name your Java f
Sketch the flowchart or write pseudocode for the application which permits user to enter credit card balance. suppose the interest rate is 1 percent per month
The PVault will accept and respond to specific written questions regarding this request for proposals -  PVault (Personal Vault) written in the form of High Level Requirements
For the company assigned, draw a systems flowchart.- If any exception routines are described in the narrative, they should be shown on a separate page, so that the exceptio