IDEAS home Printed from https://ideas.repec.org/a/eee/teinso/v63y2020ics0160791x19306840.html
   My bibliography  Save this article

Ethics in cybersecurity research and practice

Author

Listed:
  • Macnish, Kevin
  • van der Ham, Jeroen

Abstract

This paper critiques existing governance in cyber-security ethics through providing an overview of some of the ethical issues facing researchers in the cybersecurity community and highlighting shortfalls in governance practice. We separate these issues into those facing the academic research community and those facing the (corporate) practitioner community, drawing on two case studies. While there is overlap between these communities, there are also stark differences. Academic researchers can often rely on research ethics boards (REBs) to provide ethical oversight and governance which are typically unavailable to the practitioner community. However, we argue that even within the academic community the constitution of REBs is such that they may be (and in some cases at least are) unable to offer sound advice. Our recommendations are that ethics should be taught in far greater depth on computer science courses than is currently the case, and that codes of conduct should be developed and deployed provided they can be seen to be effective. In tandem with these, an active discussion regarding the ethics of cybersecurity and cybersecurity research is urgently needed.

Suggested Citation

  • Macnish, Kevin & van der Ham, Jeroen, 2020. "Ethics in cybersecurity research and practice," Technology in Society, Elsevier, vol. 63(C).
    • Handle: RePEc:eee:teinso:v:63:y:2020:i:c:s0160791x19306840
    DOI: 10.1016/j.techsoc.2020.101382
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0160791X19306840
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.techsoc.2020.101382?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Hélène Hermansson, 2010. "Towards a fair procedure for risk management," Journal of Risk Research, Taylor & Francis Journals, vol. 13(4), pages 501-515, June.
    2. Ashish Arora & Rahul Telang & Hao Xu, 2008. "Optimal Policy for Software Vulnerability Disclosure," Management Science, INFORMS, vol. 54(4), pages 642-656, April.
    3. Kshetri, Nir, 2017. "Blockchain's roles in strengthening cybersecurity and protecting privacy," Telecommunications Policy, Elsevier, vol. 41(10), pages 1027-1038.
    4. Fershtman, Chaim & Gandal, Neil & Choi, Jay Pil, 2005. "Internet Security, Vulnerability Disclosure and Software Provision," CEPR Discussion Papers 5269, C.E.P.R. Discussion Papers.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Foecking, Nico & Wang, Mei & Huynh, Toan Luu Duc, 2021. "How do investors react to the data breaches news? Empirical evidence from Facebook Inc. during the years 2016–2019," Technology in Society, Elsevier, vol. 67(C).
    2. Straub, Jeremy, 2021. "Defining, evaluating, preparing for and responding to a cyber Pearl Harbor," Technology in Society, Elsevier, vol. 65(C).
    3. Raza, Syed Arshad, 2021. "Managing ethical requirements elicitation of complex socio-technical systems with critical systems thinking: A case of course-timetabling project," Technology in Society, Elsevier, vol. 66(C).
    4. Dong, Xuefan & Lian, Ying, 2021. "A review of social media-based public opinion analyses: Challenges and recommendations," Technology in Society, Elsevier, vol. 67(C).
    5. Khan Babar, Abdul Haseeb & Ali, Yousaf, 2022. "Framework construction for augmentation of resilience in critical infrastructure: Developing countries a case in point," Technology in Society, Elsevier, vol. 68(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Arora, Ashish & Forman, Chris & Nandkumar, Anand & Telang, Rahul, 2010. "Competition and patching of security vulnerabilities: An empirical analysis," Information Economics and Policy, Elsevier, vol. 22(2), pages 164-177, May.
    2. Ashish Arora & Ramayya Krishnan & Rahul Telang & Yubao Yang, 2010. "An Empirical Analysis of Software Vendors' Patch Release Behavior: Impact of Vulnerability Disclosure," Information Systems Research, INFORMS, vol. 21(1), pages 115-132, March.
    3. Mahmoona Khalil & Kausar Fiaz Khawaja & Muddassar Sarfraz, 2022. "The adoption of blockchain technology in the financial sector during the era of fourth industrial revolution: a moderated mediated model," Quality & Quantity: International Journal of Methodology, Springer, vol. 56(4), pages 2435-2452, August.
    4. Erhan Baran & Tulay Korkusuz Polat, 2022. "Classification of Industry 4.0 for Total Quality Management: A Review," Sustainability, MDPI, vol. 14(6), pages 1-20, March.
    5. Debabrata Dey & Atanu Lahiri & Guoying Zhang, 2015. "Optimal Policies for Security Patch Management," INFORMS Journal on Computing, INFORMS, vol. 27(3), pages 462-477, August.
    6. Queiroz, Maciel M. & Fosso Wamba, Samuel, 2019. "Blockchain adoption challenges in supply chain: An empirical investigation of the main drivers in India and the USA," International Journal of Information Management, Elsevier, vol. 46(C), pages 70-82.
    7. Xiaobao Zhu & Jing Shi & Fengjie Xie & Rouqi Song, 2020. "Pricing strategy and system performance in a cloud-based manufacturing system built on blockchain technology," Journal of Intelligent Manufacturing, Springer, vol. 31(8), pages 1985-2002, December.
    8. Kirimhan, Destan, 2023. "Importance of anti-money laundering regulations among prosumers for a cybersecure decentralized finance," Journal of Business Research, Elsevier, vol. 157(C).
    9. Terrence August & Duy Dao & Marius Florin Niculescu, 2022. "Economics of Ransomware: Risk Interdependence and Large-Scale Attacks," Management Science, INFORMS, vol. 68(12), pages 8979-9002, December.
    10. Terrence August & Duy Dao & Kihoon Kim, 2019. "Market Segmentation and Software Security: Pricing Patching Rights," Management Science, INFORMS, vol. 65(10), pages 4575-4597, October.
    11. Niloofar Etemadi & Pieter Van Gelder & Fernanda Strozzi, 2021. "An ISM Modeling of Barriers for Blockchain/Distributed Ledger Technology Adoption in Supply Chains towards Cybersecurity," Sustainability, MDPI, vol. 13(9), pages 1-28, April.
    12. Leny Vinceslas & Safak Dogan & Srikumar Sundareshwar & Ahmet M. Kondoz, 2023. "Abstracting Data in Distributed Ledger Systems for Higher Level Analytics and Visualizations," Future Internet, MDPI, vol. 15(1), pages 1-15, January.
    13. Terrence August & Tunay I. Tunca, 2006. "Network Software Security and User Incentives," Management Science, INFORMS, vol. 52(11), pages 1703-1720, November.
    14. Priti Jagwani & V. B. Singh & Noopur Agrawal & Aditya P. Tripathi, 2023. "Blockchain technology and software engineering practices: a systematic review of literature using topic modelling approach," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 14(1), pages 1-17, March.
    15. Konstantinos Siassiakos & Stamatia Ilioudi & Tsaktsira Effrosyni & Vasiliki Mitsiou & Dimitris Nanouris, 2020. "Utilization of Blockchain Technology in Greek Public Administration," Advances in Management and Applied Economics, SCIENPRESS Ltd, vol. 10(4), pages 1-12.
    16. Serrano-Calle, Silvia & Robles, Tomás & Martín, Diego & Mateos, Raquel, 2018. "Digitalization of Operations Management with Emotional and Intelligence Tools. Blockchain and IoT integration, the last disruption?," 29th European Regional ITS Conference, Trento 2018 184967, International Telecommunications Society (ITS).
    17. Catarina Lemos & Ricardo F. Ramos & Sérgio Moro & Pedro Miguel Oliveira, 2022. "Stick or Twist—The Rise of Blockchain Applications in Marketing Management," Sustainability, MDPI, vol. 14(7), pages 1-16, March.
    18. Thiago Poleto & Thyago Celso Cavalcante Nepomuceno & Victor Diogho Heuer de Carvalho & Ligiane Cristina Braga de Oliveira Friaes & Rodrigo Cleiton Paiva de Oliveira & Ciro José Jardim Figueiredo, 2023. "Information Security Applications in Smart Cities: A Bibliometric Analysis of Emerging Research," Future Internet, MDPI, vol. 15(12), pages 1-36, December.
    19. James R. Barth & Hemantha S. B. Herath & Tejaswini C. Herath & Pei Xu, 2020. "Cryptocurrency valuation and ethics: a text analytic approach," Journal of Management Analytics, Taylor & Francis Journals, vol. 7(3), pages 367-388, July.
    20. Dutta, Pankaj & Choi, Tsan-Ming & Somani, Surabhi & Butala, Richa, 2020. "Blockchain technology in supply chain operations: Applications, challenges and research opportunities," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 142(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:teinso:v:63:y:2020:i:c:s0160791x19306840. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/technology-in-society .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.