Introduction
As the threats posed by government surveillance and cyber-criminals has reached its highest peak in contemporary history, the obligation to engage in effective cybersecurity practices is no longer optional, especially among modern businesses. Businesses today have an ethical obligation to protect their customers’ data, just as they have an obligation to safeguard their own from malicious actors. In terms of implementation, businesses have numerous options, all of which should be guided by “strong moral leadership, sound policies and effective communication” (Richardson, 2017). A company’s ethical code should indeed be reflected within its cybersecurity, particularly as a means of inspiring customer confidence in the company’s integrity and dedication to keeping sensitive data secure.
Use your promo and get a custom paper on
"Examining Corporate Cybersecurity as an Ethical Obligation".
Ethical Considerations
The primary ethical considerations in regards to cybersecurity involve the prospect of a security breach. Instances wherein malicious actors such as criminal hackers are able to access a company’s sensitive data—and especially when said data includes sensitive information belonging to the company’s customers—highlight the significance of ethics in cybersecurity. A company therefore has an ethical responsibility not only to safeguarding this data, but also to have an incident response plan in place to minimize the damage to the company and especially to its customers (Steen, 2013). A business’ customers willingly provide their personal information to the business as a result of an establishment of trust. Maintaining this trust requires that a company acts ethically and responsibly by consistently searching for vulnerabilities and weaknesses in its data protection methods and addressing those vulnerabilities in a timely manner (Richardson, 2017). While this ultimately requires significant investment of financial and often human resources, operating a successful and ethical business in the 21st century inherently demands such an investment.
Recommendations
Best-practice investment into cybersecurity must emphasize the role of people, practice, and technologies. The company should employ a dedicated team of IT and cybersecurity professionals, whose sole job responsibility is to ensure the effective operation of cybersecurity processes and to detect and address vulnerabilities and weaknesses in the technology employed. These employees should also be in charge of related responsibilities such as the development of an incident response plan. Additionally, the company should invest in the hiring of third-party “white-hat” (ethical) hackers, to attempt cybersecurity breaches and assist IT staff with vulnerability discovery and the development of working solutions (Hellard, 2018). These ethical hackers can represent a tremendously valuable asset in a company’s cybersecurity practices, as the entirety of their profession is dedicated to the discovery of weaknesses in hardware and software (Hellard, 2018). Lastly, the company should ensure that technologies—primarily software—used for data protection and general cybersecurity purposes utilize the best protection available, such as military-grade encryption. The company should spare no expense in this regard, as cybersecurity must consistently remain a top priority.
Summary
As the company joins the vast majority of those operating around the world today in hosting many of its operations online, the company holds an ethical responsibility to cybersecurity. As such, that responsibility mandates cybersecurity practices that reflect its broader ethical code and demonstrates respect for its customers and their privacy. To adequately meet this responsibility, the company must employ the use of people, processes and technologies in a way that most demonstrably prevents unauthorized access of sensitive data by malicious actors. Utilizing a dedicated team of IT specialists and other dedicated cybersecurity professionals, hiring third-party white-hat hackers, developing an incident response plan, and ensuring the use of software that adheres to or preferably surpasses modern-day cybersecurity standards are the primary recommendations of best practices that the company should follow. The company should furthermore ensure that its dedication to cybersecurity is maintained throughout the course of its operations, and that cybersecurity practices are monitored and improved as needed.
- Hellard, B. (2018, May 29). What is ethical hacking? White hat hackers explained. Retrieved
June 23, 2018, from http://www.itpro.co.uk/hacking/30282/what-is-ethical-hacking-white-hat-hackers-explained - Richardson, V. T. (2017, January 15). The power of information and business of ethical
responsibility. Retrieved June 23, 2018, from https://insights.ethisphere.com/the-power-of-information-and-business-of-ethical-responsibility/ - Steen, M. (2013, February 01). Cyber security and the obligations of companies. Retrieved June
23, 2018, from https://www.scu.edu/ethics/focus-areas/business-ethics/resources/cyber-security-and-the-obligations-of-companies/
