Ethics in Cybersecurity

First Part: https://www.garudax.id/pulse/ethically-secure-dan-mukendi/. Contains: “Introduction” and “Is it a problem”

As cyber security plays an important role in society, a set of principles to guide actors in the field can be proposed commensurate to the importance given to the topic. This research has been a survey of literature available on the topic of ethics as applied to cyber security within computer research. The result is presented as a framework that can be used in the education of concerned persons involved in the field.

How can cyber security activities and research be conducted in an ethical manner? Cyber security was listed as one top trending technology in the coming years (IEEE Computer Society, 2019) as well as in the job market including research and development (R&D) (Technology), 2019). Cyber security issues have made the headlines including the hack on the US government’s treasury department (Tidy, 2020). Each month, each day and each hour, a breach occurred somewhere in the world, when considering that some breaches are not reported or detected.

Can a framework for ethical cybersecurity research be developed based on existing research on the topic? The content of such a cyber security research framework would contain sections which can be determined by the analysis of issues that have surfaced in the community in recent time, during the last five years, possibly the last decade. We expect members of the cyber security research community to periodically review and revise such a framework.

Is the existence of a framework enough to improve the ethical performance of cyber security research? What activity will improve the level of awareness and understanding of the requirements related to ethical research?

The objective and deliverable

The objective of the research is to review the literature on the topic with the goal to arrive at a cyber security ethics framework. The framework is expected to collect “Good practices”, “values, principles and personal moral qualities”, and “professional standards”.

The intended deliverable for this research is a framework that describes an ethical framework for cyber security research. The research will pay attention to methods for the effective training attached to such a framework.

What has been written

Cyber security is a field of computing that focusses on the protection of information, systems and assets. Cyber security research may focus on the following areas of cyber security research: bug hunting, social engineering, hardware hacking, ethical hacking, forensic, protecting privacy, ransom-ware, malware, bug bounty and Encryption. The World Economic Forum (WEF) ranked cyber-attacks among the top ten global risks by impact, implying the need for cyber security. Noting in its report, the importance of a global framework for the governance of cyber security (World Economic Forum, 2020). Researching the topic exposes the researcher to the associated risks. It may also cause a researcher to exacerbate such risk (Oltramari, et al., 2015). In an attempt to research for offensive or defensive reasons, the research may face ethical dilemmas.

Computer research may extend to additional areas beyond cyber security. Those areas do not form part of this research paper and are not considered; for example, ethics in artificial intelligence research.

References

IEEE Computer Society, 2019. IEEE Computer Society's Top 12 Technology Trends for 2020. [Online]

Available at: https://www.prnewswire.com/news-releases/ieee-computer-societys-top-12-technology-trends-for-2020-300971863.html

[Accessed 11 Jan 2021].

Oltramari, A., Henshel, D., Cains, M. & Hoffman, B., 2015. Towards a Human Factors Ontology for Cyber Security. Semantic Technology for Intelligence, Defense, and Security, pp. 26-33.

Technology), O. o. t. D. A. S. o. t. A. (. &., 2019. Emerging Science and Technology Trends: A Synthesis of Leading Forecasts. [Online]

Available at: https://apps.dtic.mil/dtic/tr/fulltext/u2/1078879.pdf

[Accessed 11 Jan 2021].

Tidy, J., 2020. US Treasury and commerce department targeted in cyber-attack. [Online]

Available at: https://www.bbc.com/news/world-us-canada-55265442

[Accessed 11 Jan 2021].

World Economic Forum, 2020. The Global Risks Report 2020. [Online]

Available at: http://www3.weforum.org/docs/WEF_Global_Risk_Report_2020.pdf

[Accessed 27 Jun 2020].