Thursday, December 12, 2019
Ethics - Ethical Issues and Ethical Dilemma
Question: Discuss about theEthics, Ethical Issues and Ethical Dilemma. Answer: Introduction: There are three prime entities involved in the discussion which includes Mike Lynn, a member of X-Force, a company named Internet Security Systems (ISS) and Internet operating Systems (ISO) used by Cisco Routers. Lynn detected a major flaw in ISO that allowed the propagation of a network worm that could attacks and acquire all the routers across the Internet [1]. Lynn with the permission of ISS and Cisco decided to put forward the issue in the Black Hat conference but both ISS and Cisco pulled the plug at the last moment. Lynn decided to call it quits and later went on with the same presentation. Cisco filed legal suit against Lynn for the violation of copyrights [2]. Mike Lynn Act: In order to answer this question, it is important to understand the professional Code of Ethics that applies to the Information and Communications technology. The Code that is described belongs to the principles of IEEE. The public interest should always come ahead of the selfish or personal benefit for each and every single resource It is essential to include the interest and requirements of the client along with the public interest Professional excellence must be showcased with the use and involvement of best practices across every single stage in a project Integrity and independence must be the elements that must always be present while making any of the professional judgment Managers and leaders of a project must always follow and adhere to the ethical approach in all of the management activities Integrity along with the reputation of the business must go hand in hand with the public interest There should always be supreme level of transparency and fairness among all the team members [3]. The act of Lynn largely conforms to the above set of principles. However, there are a few deviations from some of the points that are covered above. Public interest was one of the major reasons for Lynn to bring the issue in front of the public so that the users and organizations may adapt the mechanism to stay secure from the network worm present in the ISO operated by Cisco. Also, there was always a level of transparency that was maintained by Lynn during the entire set of activities. Lynn decided to inform the concerned parties prior to the revelation of the same directly in front of the public. The integrity of the organizations was also maintained through such an act. However, after ISS and Cisco decided not to support Lynn and tore off the 10 pages from the presentation along with making an attempt to change the topic of presentation, Lynn could have followed the better set of professional standards and practices instead of resigning from his position and going ahead with the presentation. Lynn could have reported the matter to the Ethics and Compliance team along with a repeated discussion with the concerned parties and stakeholders before instantly coming on to the situation. Also, after resignation, the piece of information that was torn out of Lynns presentation was the copyrighted property of Cisco. The act has been judged on three different theories of ethics. The first theory is the Virtue Ethics that terms a particular act as morally and ethically correct or incorrect on the basis of the intention and character of the person behind the execution of the same [4]. In this case, the basic intention of Lynn was to resolve the issue and protect other users and organizations from a critical network threat. Thus, the act is ethically correct on the basis of the principles of Virtue Ethics. The next theory of ethics that evaluates the act performed by Lynn is the theory of Consequentialism. This theory evaluates a particular act on the basis of the consequences or the implications caused by the same. If the consequences are largely positive then the act is termed as ethically correct. However, if the same act causes negative implications then it is termed as ethically incorrect [5]. In this case the major consequences of the act would be the protection provided to all the users from the sever security threat. It will also lead to safe and secure practices and operations. There will be loss to the reputation of Cisco and ISS which may bring down their customer engagement and cause severe losses to both the firms. Out of all the consequences of the act performed by Lynn, the majorities of them are positive in nature and will benefit the concerned parties. Hence, the act is termed as ethically and morally correct as per the theory of Consequentialism. The third theory that evaluates the act is the theory of Deontology. This particular theory of ethics determines the morality of a particular activity on the basis of its level of adherence to the rule or duty that is associated with the same. This theory does not consider the outcomes, consequences or virtues behind an act and solely considers the adherence to the guarding rule [6]. The act performed by Lynn is ethically correct as hiding of the same from the public would have resulted in non adherence to the duty of Cisco and ISS to provide safe and secure environment and services to all of its users. CISCO and ISS The act of Cisco and ISS will be evaluated on the basis of the three ethical theories that have been discussed in the previous question. As per the theory of Virtue Ethics, the act can be termed as ethically correct only when it is based on the correct intentions. The basic intention of Cisco and ISS was to protect their name and reputation in the market which was somewhere malicious in nature as they were well aware of the potential damage that the threat could have caused. Thus, the act is termed as ethically incorrect on the basis of this theory. The second theory that evaluates the act is the theory of Consequentialism. The consequences that will result out of this act were the maintained reputation of the two firms among the customers and in the market. However, it will cause the serious damage to the associated users and organizations as the network worm was capable of capturing all of the routers across the internet. It may also cause to the loss of secure and private information along with the violation of confidentiality, integrity and availability of the information. The consequences are mainly negative in nature as they may result in damage and adverse impact on the users and organizations. Thus, the act is termed as ethically incorrect as per the theory of Consequentialism [7]. The third theory is the theory of Deontology that evaluates an act on the level of adherence to the rules and duty. The primary duty of Cisco and ISS is to provide services, platforms and applications to the customers as per their requirements and the ones that are safe and secure in nature. The same is violated by this act as the attempt to hide the same will cause the critical damages to the customers. Thus, the theory terms the act as ethically incorrect. Approach Toward Communicating the Flaws in the Cisco Routers The following steps should have been followed to address the problem in a better manner. As soon as Lynn detected the issues, all the involved parties such as Cisco and ISS should have been informed. The process should have involved the presence of a senior board member from X-Force along with the regulatory representative as well. This should have followed a discussion with the Network heads of all the parties to understand the likelihood, impact and nature of the risk. The strategy to mitigate or remove the same would also be discussed to make sure that the same is implemented on an urgent basis. If there was a mitigation strategy suggested by the networking team, the same should have been implemented and the discussion in the black Hat Conference should have covered the risk along with its mitigation which would not have affected the reputation of Cisco and ISS in any manner. If there was no strategy suggested by the Networking team, the same upon legal and regulatory consent from all the parties involved should have been revealed to the public to adopt security mechanisms to stay safe. Lynn should have also copyrighted all of the findings associated with the network worm to make sure that the same would not be misused or misinterpreted by any of the parties. The same would allow Lynn to present the information to the public with complete authority and would also have kept him safe from any legal obligations. Conclusion The incident that took place between Lynn, ISS and Cisco raises a number of ethical issues and ethical dilemma that emerges in such situations. The act that is considered to be professionally and ethically correct by one party is termed as incorrect by the other party. Also, there are a number of different ethical theories apart from the ones discussed in this report that may term the same act as ethically correct which has been evaluated as incorrect by the theories that are covered. In order to overcome such a problem it is essential to set up strict professional Code of Ethics in all the organizations that would be a standard process to follow. The violation of the same should lead to some severe legal obligations and penalties so that the occurrence is not repeated in future. The entire incident is also a case of non-adherence to the standards and best practices. There could have been better communication and approach followed in the entire process that would have led to smoother operations rather than such a great degree of fuss around the entire activity. Ethics and compliance to the same should be one of the basic and prime aims for all the organizations. References [1]R. Lemos, "Cisco, ISS file suit against rogue researcher", Securityfocus.com, 2005. [Online]. Available: https://www.securityfocus.com/news/11259. [Accessed: 20- Aug- 2016]. [2]R. McMillan, "Black Hat: ISS researcher quits job to detail Cisco flaws", InfoWorld, 2005. [Online]. Available: https://www.infoworld.com/article/2671541/security/black-hat--iss-researcher-quits-job-to-detail-cisco-flaws.html. [Accessed: 20- Aug- 2016]. [3]D. Gotterbarn, "Computer Society and ACM Approve Software Engineering Code of Ethics", 2016. [Online]. Available: https://www.computer.org/cms/Publications/code-of-ethics.pdf. [Accessed: 20- Aug- 2016]. [4] www.philosophybasics.com, "Virtue Ethics - By Branch / Doctrine - The Basics of Philosophy", Philosophybasics.com, 2016. [Online]. Available: https://www.philosophybasics.com/branch_virtue_ethics.html. [Accessed: 20- Aug- 2016]. [5] faculty.washington.edu, "Consequentialist Ethical Theories",Faculty.washington.edu,2016. [Online]. Available: https://faculty.washington.edu/wtalbott/phil240/trconseq.htm. [Accessed: 20- Aug- 2016]. [6] sevenpillarsinstitute.org, "Deontology - Kantian Duty-Based Ethics - Seven Pillars Institute", Seven Pillars Institute, 2016. [Online]. Available: https://sevenpillarsinstitute.org/morality-101/kantian-duty-based-deontological-ethics. [Accessed: 20- Aug- 2016]. [7] www.bbc.co.uk, "BBC - Ethics - Introduction to ethics: Consequentialism", Bbc.co.uk, 2016. [Online]. Available: https://www.bbc.co.uk/ethics/introduction/consequentialism_1.shtml. [Accessed: 20- Aug- 2016].
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.