The Code of Honor - Paul J. Maurer, Ed Skoudis

The Code of Honor

Embracing Ethics in Cybersecurity
Buch | Hardcover
224 Seiten
2024
John Wiley & Sons Inc (Verlag)
978-1-394-27586-1 (ISBN)
38,65 inkl. MwSt
A comprehensive and practical framework for ethical practices in contemporary cybersecurity

While some professions – including medicine, law, and engineering – have wholeheartedly embraced wide-ranging codes of ethics and conduct, the field of cybersecurity continues to lack an overarching ethical standard. This vacuum constitutes a significant threat to the safety of consumers and businesses around the world, slows commerce, and delays innovation.

The Code of Honor: Embracing Ethics in Cybersecurity delivers a first of its kind comprehensive discussion of the ethical challenges that face contemporary information security workers, managers, and executives. Authors Ed Skoudis, President of the SANS Technology Institute College and founder of the Counter Hack team, and Dr. Paul Maurer, President of Montreat College, explain how timeless ethical wisdom gives birth to the Cybersecurity Code which is currently being adopted by security practitioners and leaders around the world.

This practical book tells numerous engaging stories that highlight ethically complex situations many cybersecurity and tech professionals commonly encounter. It also contains compelling real-world case studies – called Critical Applications – at the end of each chapter that help the reader determine how to apply the hands-on skills described in the book.

You'll also find:



A complete system of cybersecurity ethics relevant to C-suite leaders and executives, front-line cybersecurity practitioners, and students preparing for careers in cybersecurity.
Carefully crafted frameworks for ethical decision-making in cybersecurity.
Timeless principles based on those adopted in countless professions, creeds, and civilizations.

Perfect for security leaders, operations center analysts, incident responders, threat hunters, forensics personnel, and penetration testers, The Code of Honor is an up-to-date and engaging read about the ethically challenging world of modern cybersecurity that will earn a place in the libraries of aspiring and practicing professionals and leaders who deal with tech every day.

PAUL J. MAURER, PhD, is the president of Montreat College, a national leader in cybersecurity education and workforce development. After being approached by the NSA to create a curriculum on cybersecurity ethics for our nation’s students preparing for cybersecurity careers, Paul was convinced this book needed to be written. He speaks and writes frequently on a wide range of topics, but regularly does so on cybersecurity across the country. ED SKOUDIS serves as president of the SANS Technology Institute College, the country’s leading provider of cybersecurity professional development. Ed began teaching at the SANS Institute in 1999 and has trained over 30,000 cybersecurity professionals in incident response and ethical hacking, codifying many of the practices used throughout the industry today. He is the recipient of the Order of Thor medal from the Military Cyber Professionals Association and is the author of Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses.

Introduction: “Like Your Hair Is On Fire” ix

Chapter 1 One Code to Rule Them All? 1

In Case You Are Wondering Why You Should Care 3

Do We Need Ethics in Cybersecurity? 6

Long-Standing Models for the Code 9

Why the Need for the Code Is Urgent 11

Chapter 2 This Is a Human Business 15

Cybersecurity Is a Human Business 18

Humans Have Inherent Value 20

Humans Over Technology 21

The Solution to the Problem of Cybersecurity Is Principally a Human Solution 24

Character Costs and Character Pays 25

Case Study: When Security Is on the Chopping Block 27

Chapter 3 To Serve and Protect 33

We Need You on That Wall 35

Know Your Why— Purpose and People 37

Service Means Sharing: Sharing Starts with Good Communication 42

Sharing with the Broader Cyber Community: We Are All on the Same Wall 44

Checking In 46

A Final Example 47

Case Study: Responsible Disclosure of a Security Flaw 48

Chapter 4 “Zero-Day” Humanity and Accountability 51

Bad Decisions and Multiplication 52

Humans Are Flawed 55

Turning Vulnerability into Strength: It Begins with Humility 56

Being a Lifelong Learner 60

Handling the Mistakes of Others 62

Let’s Try to Avoid “Breaking Bad” 63

How to Develop a Reflective Practice 67

Case Study: To Pay or Not to Pay— A Ransomware Quandary 69

Chapter 5 It Begins and Ends with Trust 75

The Secret of Success 77

Trust Is the Currency of Cybersecurity 80

How Trust Is Built 82

When Things Go Bad 83

Building Trust Requires Courage 84

The Role of Leadership in Building a Culture of Trust 87

A Checklist for Building Trust 90

Case Study: A Matter of Trust and Data Breaches 93

Chapter 6 There Is Strength in the Pack 99

No Room for Know-it-Alls 103

Making Informed Ethical Decisions with Input 105

Why Teamwork Really Does Make the Dream Work 106

When Collaboration Breaks Down— Seeking Allies in Your Organization 110

The Power of Mentors 111

Beware of Rattlesnakes 115

Case Study: Graded on a Curve? The Security Audit Checkmark 117

Chapter 7 Practicing Cyber Kung Fu 123

Essential to Success: Patience, Wisdom, and Self-Control 128

Remember the Titanic 129

A Few Principles for Emergency Planning 131

Stay Calm, Cool, and Collected 132

Our Job Is Not Revenge 136

Develop Your Cyber Kung Fu 138

Case Study: An Open Door: Vigilante Justice 139

Chapter 8 No Sticky Fingers Allowed 143

If It’s Free, It’s for Me? 146

Avoid a “Robin Hood” Narrative 148

A Tragedy of “Free Information” 150

Intellectual Property Is Property 151

To Catch a Thief, We Must Train Like One 154

Choices Have Consequences 154

All I Really Need to Know I Learned in Kindergarten 156

Case Study: Something Borrowed and Something New 157

Chapter 9 It’s None of Your Business 163

Curiosity Can Kill the Cat 167

The Golden Rule Applied to Cybersecurity 169

Stay in Your Lane 170

Four Questions to Help Avoid Impropriety 172

Each Time You Cross the Line, It Becomes Easier 173

We Hurt Real Human Beings 175

An Outrageous Example of the Problem 177

Remember: We Are the Shield 179

Case Study: To Share or Not to Share? Investigating the CFO’s System 181

Appendix A: The Cybersecurity Code of Honor 185

Appendix B: Where Do We Go from Here? 189

Notes 191

Acknowledgments 193

About the Authors 197

Index 199

Erscheinungsdatum
Verlagsort New York
Sprache englisch
Maße 147 x 218 mm
Gewicht 340 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 1-394-27586-2 / 1394275862
ISBN-13 978-1-394-27586-1 / 9781394275861
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00