The Code of Honor: Embracing Ethics in Cybersecurity

Many professions―including medicine, law, and engineering―have long required their practitioners to embrace and abide by an overarching code of ethics and conduct. Cybersecurity, possibly due to its more fragmented and distributed nature, has never had such a code. The gap left by the absence of an ethical standard is a significant threat to the safety of consumers and businesses around the world.

In The Code of Honor: Embracing Ethics in Cybersecurity, Ed Skoudis, president of SANS.edu and Paul Maurer, president of Montreat College, deliver a comprehensive discussion of the ethical challenges facing contemporary workers, managers, and executives. This book explains and establishes ethical best practices for the tech industry. The need is so compelling that security practitioners and leaders around the world are currently incorporating this code into the fabric of their corporate culture and hiring policies.

You’ll take a deep dive into many of the high-stakes situations commonly encountered. Compelling case studies―called Critical Applications in the book―included at the end of each chapter demonstrate how to use the hands-on skills being explored within.

You’ll discover a complete system of cybersecurity ethics relevant to everyone from C-suite leaders and executives to ground-level cybersecurity pros. This carefully crafted framework of ethical decision-making in cybersecurity is rooted in timeless principles of ethics.

An essential resource for security analysts, incident responders, threat hunters, forensics experts, penetration testers, red teamers, security researchers, security architects, CISOs, and any other cybersecurity professional, The Code of Honor is timely and practical for the ever-increasing challenges that are rampant in the modern world of cybersecurity.

A blueprint for a comprehensive system of cybersecurity ethics

The Code of Honor: Embracing Ethics in Cybersecurity tackles the pressing need for an ethical framework in the rapidly evolving field of cybersecurity. As authors Ed Skoudis, a renowned cybersecurity instructor for SANS, and Dr. Paul Maurer, president of Montreat College, point out, cybersecurity has long been a domain without a unified code of conduct. This absence poses significant risks to both consumers and businesses worldwide.

This book is an absolute “must-have” for cybersecurity workers, managers, and executives who are in the tech world, but also for all those who work and run companies who serve the public, especially those kinds of essential services that we all engage in like healthcare, government, and commerce (including banks, airlines, grocery stores, etc.). An inescapable web of digital connections undergirds our lives. This creates enormous vulnerabilities and opportunities for corruption, which only highlights the need for a moral compass, a code of honor. Ethics is not something you just wake up one day and do, but rather it is a way of thinking that must be taught, practiced, and understood over time so that it can be fully developed within an individual, a team, and a company. This book provides a way forward through engaging discussions, best practice guidelines, and real-world case studies.

Rapid advancement and evolution in the cyber world have caused it to lag behind in the creation of an overarching ethical standard for the people who secure the underlying technologies. Without this, ultimately cyber cannot be trusted, chaos will be the norm, and the maturing of an industry will be stymied not to mention the loss of benefits that naturally grow out of a thriving field that is grounded in integrity.

Perfect for managers and executives who seek to sharpen knowledge of cyber ethics and security, The Code of Honor is also an indispensable guide for security analysts, incident responders, threat hunters, forensic experts, and penetration testers. It offers a sophisticated and hands-on framework for the integration of ethical standards from across the cyber world that takes into account the unique characteristics of this complex industry. This is a call to action for everyone in cyber to adopt a new code of honor to safeguard the digital world.