CANVAS Book

The Ethics of Cybersecurity

This book aims to extensively discuss the full plethora of ethical aspects of cybersecurity and will have a strong practical focus, including case studies that outline ethical dilemmas in cybersecurity and will present guidelines and other measures to tackle those dilemmas.

Coming August 2019

The increasing use of information and communication technology (ICT) in all spheres of modern life makes the world a richer, more efficient and interactive place. However, it also increases its fragility as it reinforces our dependence on ICT systems that can never be completely safe or secure. Therefore, cybersecurity has become a matter of global interest and importance. Accordingly, one can observe in today’s cybersecurity discourse an almost constant emphasis on an ever-increasing and diverse set of threat forms, ranging from basic computer viruses to sophisticated kinds of cybercrime and cyberespionage activities, as well as cyber-terror and cyberwar. This growing complexity of the digital ecosystem in combination with increasing global risks has created the following dilemma. Overemphasizing cybersecurity may violate fundamental values like equality, fairness, freedom, or privacy. On the other hand, neglecting cybersecurity could undermine citizens’ trust and confidence in the digital infrastructure, policy makers and state authorities and thus supports the protection of those values. Cybersecurity thus imposes a complex relationship among values, some may be supportive, others conflicting, depending on context.

Cybersecurity thus imposes a complex relationship among values, some may be supportive, others conflicting, depending on context.

Understanding this dilemma has become imperative. Yet it is still an under-developed topic in technology ethics. Whilst there are lots of papers discussing issues such as “big data” and privacy, cybersecurity is – if at all – only instrumentally discussed as a tool to protect (or undermine) privacy. Nevertheless, cybersecurity raises a plethora of ethical issues such as “ethical hacking”, dilemmas of holding back “zero day” exploits, weighting data access and data privacy in sensitive health data, or value conflicts in law enforcement raised by encryption algorithms. Those issues are usually discussed in an isolated manner, whereas a coherent and integrative view on the ethics of cybersecurity is missing. This book aims to extensively discuss the full plethora of ethical aspects of cybersecurity and it will thus complement two recently published monographs on the ethics of cybersecurity.

This book will not only be relevant for the philosophy and ethics of technology community. Many practitioners in cybersecurity – providers of security software, CERTs or Chief Security Officers in companies are increasingly aware of the ethical dimensions of their work. This book will therefore have a strong practical focus, including case studies that outline ethical dilemmas in cybersecurity and presenting guidelines and other measures to tackle those dilemmas. The market for this book therefore goes beyond academia.

Foundations

Basic concepts and models of cybersecurity
Core values in cybersecurity
Ethical frameworks for cybersecurity
Legislative framework for cybersecurity

Problems

Cybersecurity in health
Cybersecurity in business
Cybersecurity of critical infrastructures
Cybersecurity and cyberwar
Cybersecurity and the state
Cybersecurity and democracy
Ethical and unethical hacking
Ethical dilemmas for cybersecurity service providers
Cyberpeace and resilience – from state actors to the individual

Recommendations

Norms of Responsible State Behaviour in Cyberspace
Policies for data sharing and data protection for security software providers
A framework for ethical cyber-defence for companies
Privacy-protecting cybersecurity technologies
Guidelines for medical professionals to ensure cybersecurity in digital healthcare