Problem 5: Personal Cyber Ethics: Are You An Insider Threat?

Many security pros see themselves as white-hat hackers who are exempt from the policies everyone else must follow. Does this quote from an anonymous hacker hit home?

"Cyber ethics? Hello! Most hackers I know think that phrase is an oxymoron. Rules are for kids and other people we need to keep in a box. Policies? Are you kidding me? Those rules don't apply to us&. This is war, baby. Cyberwar never sleeps. All's fair in love and war."

This perspective puts you on a slippery slope. The reality is that the smarter you are, the more you advance as a cybersecurity expert, the farther you go as a hacker, the greater your temptation becomes. As you learn what the bad guys do and how they do it, the new ways to avoid detection, the secrets of the trade and the best ways to build and get around defenses, you will face a series of crossroads. Your ethics, values and beliefs will inevitably be tested. This is similar to a cop who arrests drug lords and finds a stash of cocaine or cash. Should he or she take a bit while no one is looking?

Key #5: Seek Accountability, Find a Good Mentor and Practice Virtual Integrity. We claim to be focused on risk management, and yet I never cease to be amazed at how security pros underestimate the online risks they are taking in their personal and professional lives. They risk their jobs, reputations, marriages, families--they're even at risk for jail time. Bottom line, they think they will never be caught doing whatever they're doing in cyberspace.