Blog Posts Tagged with "Ethics"


Ethical or Unethical Hacker?

May 01, 2012 Added by:Marc Quibell

Right there as top IT News was an article on how to pwn a Hotmail account. It was a 0-day exploit, which meant no one at Microsoft was notified. It was written by a self-described ethical hacker. Naturally my first reaction was, "Ya right"...

Comments  (11)


An Enterprise Compliance Dialogue

April 17, 2012 Added by:Thomas Fox

Management must “walk the talk” through both discipline and a system of rewards. The discipline must be clear and delivered decisively. The rewards must be not only direct financial remuneration but also the internal promotion of persons who do business in an ethical manner...

Comments  (0)


Just One of the Reasons Why I Love Anonymous

March 28, 2012 Added by:Quintius Walker

In the world of cyber-security things transform at the speed of light. From exploits to methods, what worked yesterday is not the solution tomorrow. Ethical problem solving students should do themselves a favor and study the ways of the infamous idea known to us as Anonymous...

Comments  (0)


A Scanning Tool or a Tool Scanning?

March 26, 2012 Added by:Infosec Island Admin

What is worrying is that the scanner online at has no restrictions on it as to who it may scan, just put in an IP or domain name and click to hit some systems using this site. That’s right Mark Zuckerberg, you now can see if is easily pwn-able...

Comments  (0)


Eating the Security Dog Food

March 23, 2012 Added by:Wendy Nather

It's harder to be accused of nefarious activities if you are completely above-board, show you're willing to be subject to appropriate limits, and make a point of relinquishing any powers you might have. Call it CYA, call it leading by example, whatever. It's ethically important...

Comments  (0)


Abandon FUD, Scare Tactics and Marketing Hype

February 25, 2012 Added by:Rafal Los

Perhaps it is security professionals' diminished tolerance for FUD, or perhaps there is a collective awakening to the bigger picture, or it was just time for the chickens to come to roost. No matter, this drastic anti-FUD backlash is strong and I for one say it's about time...

Comments  (2)


Difference Between Spreading Information and Enabling Crime

February 14, 2012 Added by:Rafal Los

Most people don't get prosecuted or charged for distributing or re-tweeting a link to an Anonymous pastebin dump. Where is the line drawn then, and why are some incidents bigger than others? The question ultimately goes to the contents of the cache of information...

Comments  (2)


Why Data Leaks

February 13, 2012 Added by:Danny Lieberman

The main reason is people. People handle electronic data and make mistakes or do not follow policies. People are increasing conscious that information has value – all information has some value to someone and that someone may be willing to pay...

Comments  (0)


Enterprise Ethics: Anticipating Ripples in the Pond

February 04, 2012 Added by:Thomas Fox

It is better to consider the ripple effects of your decision making before throwing that rock into your company’s ethics pond. If you do not do so you can easily run the risk of consequences for which you may have no response for, yet be held accountable for in your company...

Comments  (0)


Hacking, Children, and Ethics

January 31, 2012 Added by:Infosec Island Admin

Anarchists who want nothing more than to just sow chaos for their own nihilistic animus produced what I call the “Monkeys with guns effect”: Scattershot and useless hacks and pranks that further no other agenda than the Lulz or to sow chaos anywhere they strike...

Comments  (19)


Aaron Barr Terminated for Obsession with Anonymous

January 23, 2012 Added by:Headlines

"When I hired Aaron about eight months ago, it was under the perception that we were going to be able to help the NSA with some things relating to national security, not with Anonymous and social groups," John Sayres, the company's founder said...

Comments  (2)


How To Choose A Security Vendor

January 16, 2012 Added by:Brent Huston

Variations exist in depth, skill level, scope, reporting capability, experience, etc. Selecting security testing vendors based upon price is a bad idea. Matching specific experience, reporting styles and technical capabilities to your environment is a better solution...

Comments  (0)


Plagiarism in IT Security - Walking a Fine Line

December 09, 2011 Added by:Rafal Los

At the end of the day, shouldn't we all be professionals? I know it's nice to think that everyone is honest - but as the infosec world expands and there is a massive influx of people trying to make a name for themselves - there will be dishonesty. This is where the community comes in...

Comments  (2)


Seven Deadly Sins for a Compliance Program

November 11, 2011 Added by:Thomas Fox

Feldman’s seven deadly mistakes provide an excellent framework for any company to assess their overall compliance program from a high level. While perhaps not rising to the level of “sins”, the answers will allow the compliance practitioner to be ready to respond if the DoJ comes a calling...

Comments  (0)


Utilizing the Corporate Secretary in Compliance Efforts

October 10, 2011 Added by:Thomas Fox

The Corporate Secretary sits at the intersection of the company where they can change the marketplace, and has to be informed about sustainability ethics and provide updates to the board, including CEOs, which provides an opportunity to shape an ethics and compliance program...

Comments  (0)


Using HR to Change your Company’s Compliance DNA

September 17, 2011 Added by:Thomas Fox

What type of training should HR utilize in the compliance and ethics arena? The consensus seems to be that there are three general approaches which have been used successfully. The first is the most traditional and that is classroom training. A key role for HR in any company is training...

Comments  (1)

Page « < 1 - 2 - 3 > »