Cybersecurity Management Discussion Questions: Ethics Module Week of 7/15/19

we discussed a variety of ethical issues on cyber.  The following are some of those issues, plus a few more.  For paper #3, please provide a thoughtful response to one or more of the discussion questions below.  (You absolutely may, and should, include ideas  from our in-class discussion.)  You do not need to answer every question, just choose from amongst these and discuss your ethical thoughts regarding them.  Remember, we discussed that ethics are standards, more than morals.  The paper should be around 2 pages double spaced, or between one and two pages single spaced.  Please submit via BlackBoard.

1. The “Chatham House” rule says that you would not divulge what you were told in a private conversation. A guest, speaking under that rule, mentions details about his country having used a cyberweapon against another country.  Would you tell anybody?
2. Are “cyber ethics”, “ethical hacking” or “offensive cyber” oxymoronic to you? Explain.
3. The US Government announced in September 2018 that it would “defend forward”, meaning that it would “conduct cyber operations on non-U.S. networks to stop threats before they reach their targets in US.” Would you “defend forward”? Why or why not?
4. Your customers provide you with their personally identifiable information (PII) in order to navigate your website. Companies will pay for that PII.  Would you sell it to them?  Are there any circumstances in which you would sell it?
5. You discover a “zero day” exploit (we have discussed these). What would you do with it and why?
6. A flaw in BlackBoard lets you look at everyone else’s homework before the due date. Would you look?  Why / why not?
7. You find out that a computer general utility program that you wrote was used by someone to hack into a computer network. Would you keep writing programs? Why / why not?
8. You find out that a cyberweapon program that you wrote was used by your employer to attack and breach another country’s computer network. Would you keep writing cyberweapon programs?  Would the effects of the cyberweapon matter in your decision?
9. You find out that a cyberweapon program that you wrote was stole from your employer by another country and used against your own country. How do you feel about that?
10. You were cyber attacked and breached today. You traced back exactly where that come from.  What do you do?  Why?
11. Do you have your own cyber ethics question to share? Why is it important to you?