Reference no: EM132058909
Write review about the article with references.
In the world of cyber security and operating as a white or grey that will always bring in the role of ethics. Ethics can help us decide between operating with the best intentions or worst.
We may want to run a vulnerability scan at our place of work to see what we can do to help, although this is done with the best intentions it could also break something. We are in the ethical right but in the real wrong. Ethical behavior in gathering information should be strictly outlined before any work is done. This is imperative for the engineer's success and the company's success.
Each scanning and enumerating item can cause damage or raise red flags to any production network. If the network is being monitored, it may drive the network engineer crazy if they think something happened, or it might disable a port that is currently in use or cause a switch to go into catastrophic failure.
There are plenty of risks to be had without consent. Consent is the easiest way to ensure that you have integrity in your work. Before a vulnerability assessment can be done, it would be advantageous have the user sign an agreement removing all penalty from the assessment in the event something goes wrong. In the course text book Walker explicity outlines that scenario and how it protects the firm and engineer.
Ethical behavior is doing something with good intentions and unethical is doing something with malicious intentions. With permissions a normally malicious action can lead to the greater good, while a normally malicious action with good intentions without permission is bad. That is the grey area. Perceived intention to a action driven by good could create issues.
That is why it is always imperative to have permission before doing anything. There can always be consequences to unethical behavior. Being unethical means you are breaking some sort of code. Depending on scenario, consequences could be your name being tarnished, your business being tarnished, people losing their jobs, you losing your job or your job losing clients.
For example, if you work for a managed service provider and you decide it would be good to run a vulnerability assessment on a client server without permission, it could hurt the reputation of your employer and cause the client to lose trust in the operation.
This impacts people other than just yourself. You should always think of the consequences of your actions prior to making any major decision. We can learn from Eve in the garden of Eden.
When the devil offered her the fruit in the garden she did not think it through. She did not think of the consequences that were on-hand and what impact it could have on those around her (Adam). She was able to be manipulated into making those poor decisions.
Everyday we as humans live with the original sin, I know that as humans we make mistakes but we can mitigate some of those Walker, M. (2017). CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition, 3rd Edition. McGraw-Hill/Osborne.