Undefeated Hacking Expert Reveals Why Ethics Are Important to Cybersecurity Career

As cyber attacks continue at a record pace around the world, the need for skilled, ethically-minded cybersecurity experts cannot be underestimated.

“Ethics are very important in the cybersecurity field,” says Dr. Allen Harper, Executive Director of Liberty University’s Center for Cyber Excellence. “Wherever a law ends, that’s where ethics must step in. There are some things in the cybersecurity field that are clearly illegal; but there are others that no law applies to, and that’s when ethics steps in.”

Cyber attacks, defined as an attempt by hackers to damage or destroy a computer network or system with the intention of causing harm, are the fastest- growing crime in the U.S. and cost companies millions of dollars in damages. The economic impact shows no signs of slowing down; a recent report found that the global cost of cybercrime rose to more than $600 billion in 2017.

To combat this, banking and finance firms, political organizations, and healthcare companies around the world are hiring cybersecurity professionals to ensure their networks are protected. “A company will hire a security professional like myself to break into their network, and then show them how we did it so it can be fixed before the bad guys come and do the same thing,” Dr. Harper said. “It’s not hard to get into an organization; the question is, what are you going to do once you get in? You had better understand what is right and what is wrong once you break into an organization — otherwise, you’re going to get in trouble, and your company’s going to get in trouble.”

In his classes at Liberty University, Dr. Harper, who served in the IT and cybersecurity industry for more than 30 years and is the lead author of the Gray Hat Hacking series of books, teaches from a distinctly Christian point of view. Students learn how the biblical principles of justice honesty and integrity apply to the field of cybersecurity. One practical way to apply one’s faith at work, he said, is through a method called “ethical hacking.”

“Ethical hacking is simply beating the bad guys to the punch,” he said. “What many companies will do is hire cyber security professionals to ethically break into their network and determine what those soft spots are. A report is prepared and sent back to the client so they can take that information and get it fixed before the bad guys come and do the same thing. We call that penetration testing, but also ethical hacking.”

Ethical hacking, he explained, teaches students to wisely handle sensitive information while navigating complex systems. “Sometimes, companies will hire security researchers to conduct research about a product or a piece of software to find weaknesses or vulnerabilities, in that software,” he said. “Once they find a vulnerability in software, it’s critically important that they ethically handle that sensitive information. An example of handling that properly would be to disclose that to the company who developed the software and allow them an opportunity to get it fixed before they release that information to the public. An example of not doing that ethically would be to disclose that information to the public prematurely before giving the developer of the software an opportunity to fix it.”

Click here to read more.
Source: Christian Post