The Internal and External Struggles of Ethics and the CISSP Credential
As Old As Mythology
All students of information security have heard of the Caesar cipher and the Spartan Scytale. These early encryption methods demonstrate the craftiness of the human mind. Encryption has evolved and become more sophisticated. Encryption has been instrumental in the advancement of society. Can you think of another ancient mental construct of humanity that has remained static, yet is no less important to the functioning of society? Let’s consider the topic of ethics.
The concept of ethics has existed since ancient times, and the subject is still applicable today, in all areas of life, and is codified as a requirement in many professions, such as the medical, legal, and financial professions. Information security also has a code of ethics, and adhering to that code can be as difficult as in any other area of life.
A simple definition of ethics can be stated as: Doing what is right even when no one is watching.
It is easy to think that ethics only applies to interpersonal interactions. After all, ethics usually involves how a person treats others. In the context of information security, ethics is just as important without direct human-to-human interaction.
Security is Hard, Ethical Behavior is Harder
Information security has often been compared to the old game of watching
