Abstract
Ethics is probably the last topic that anybody thinks about when planning a cybersecurity response. Still, the organization’s honest commitment to the confidentiality, integrity and availability of its data depends entirely on how it views its ethical responsibilities. So, in many respects ethics underlies everything. To this point there has been no commonly accepted basis for establishing an ethical stance regarding cybersecurity. The CSEC2017 model provides that basis now. This article will outline the ethical factors related to cybersecurity as recommended by the model and discuss how they apply in the creation of a practical response.
Additional information
Notes on contributors
Dan Shoemaker
Dan Shoemaker, Ph.D., is principal investigator and senior research scientist at the University of Detroit Mercy’s Center for Cyber Security and Intelligence Studies. Dan has served 30 years as a professor at UDM with 25 of those years as department chair. He served as a co-chair for both the Workforce Training and Education and the Software and Supply Chain Assurance Initiatives for the Department of Homeland Security, and was a subject matter expert for the NICE Workforce Framework 2.0. Dan has coauthored six books in the field of cybersecurity and has authored over one hundred journal publications. Dan earned his PhD from the University of Michigan.
Anne Kohnke
Anne Kohnke, Ph.D., is an Associate Professor of Cybersecurity in the Cybersecurity & Information Systems Department at the University of Detroit Mercy. Anne’s research is focused in the area of cybersecurity, risk management, threat modeling, and mitigating attack vectors. Anne has recently coauthored five books in this field of study with a sixth book due out in print in March 2020. Anne earned her PhD from Benedictine University, an MBA from Lawrence Technological University, and is currently pursuing a Master of Science in Information Systems and Technology at the University of Michigan Dearborn.
Greg Laidlaw
Greg Laidlaw, DMIT, CISSP, C|EH, serves as the Chair and is a Lecturer in the Cybersecurity & Information Systems Department at the University of Detroit Mercy. Greg’s research focuses on secure systems, human factors in security, and design usability. Prior to transitioning into full-time academia in 2011, Greg developed an extensive range of technical and managerial experience from 25 years of IT consulting in small enterprise and local government organizations. Greg utilizes his expertise in programming, network infrastructure and database design, system security, and data integration in the classroom and was instrumental in the formation and leadership of the student-led Detroit Mercy Cybersecurity Club. Greg earned his Doctorate of Management Information Technology from Lawrence Technological University and Master of Science in Finance from Walsh College.