Difference between revisions of "Journal:Smart information systems in cybersecurity: An ethical analysis"

From LIMSWiki
Jump to navigationJump to search
(Created stub. Saving and adding more.)
 
(Saving and adding more.)
Line 33: Line 33:


In the private sphere, companies are struggling to keep up with the required need for security in the face of increasingly sophisticated attacks from a variety of sources. In 2017, there were “over 130 large-scale, targeted breaches [by hackers of computer networks] in the U.S.,” and “between January 1, 2005 and April 18, 2018 there have been 8,854 recorded breaches.”<ref name="Sobers60Must18Arch">{{cite web |url=https://www.varonis.com/blog/cybersecurity-statistics/ |archiveurl=https://web.archive.org/web/20181108122758/https://www.varonis.com/blog/cybersecurity-statistics/ |title=60 Must-Know Cybersecurity Statistics for 2018 |author=Sobers, R. |work=Varonis Blog |date=18 May 2018 |archivedate=08 November 2018 |accessdate=17 December 2018}}</ref> Furthermore, cyberattacks affect not only the online world, but also lead to vulnerabilities in the physical world, particularly when an attack threatens industries such as healthcare, communications, energy, or military networks, putting large swathes of society at risk. Indeed, it has been argued that some cyberattacks could constitute legitimate grounds for declarations of (physical) war.<ref name="SmithCyber15">{{cite journal |title=Cyberattacks as Casus Belli: A Sovereignty‐Based Account |journal=Journal of Applied Philosophy |author=Smith, P.T. |volume=35 |issue=2 |pages=222–41 |year=2015 |doi=10.1111/japp.12169}}</ref>
In the private sphere, companies are struggling to keep up with the required need for security in the face of increasingly sophisticated attacks from a variety of sources. In 2017, there were “over 130 large-scale, targeted breaches [by hackers of computer networks] in the U.S.,” and “between January 1, 2005 and April 18, 2018 there have been 8,854 recorded breaches.”<ref name="Sobers60Must18Arch">{{cite web |url=https://www.varonis.com/blog/cybersecurity-statistics/ |archiveurl=https://web.archive.org/web/20181108122758/https://www.varonis.com/blog/cybersecurity-statistics/ |title=60 Must-Know Cybersecurity Statistics for 2018 |author=Sobers, R. |work=Varonis Blog |date=18 May 2018 |archivedate=08 November 2018 |accessdate=17 December 2018}}</ref> Furthermore, cyberattacks affect not only the online world, but also lead to vulnerabilities in the physical world, particularly when an attack threatens industries such as healthcare, communications, energy, or military networks, putting large swathes of society at risk. Indeed, it has been argued that some cyberattacks could constitute legitimate grounds for declarations of (physical) war.<ref name="SmithCyber15">{{cite journal |title=Cyberattacks as Casus Belli: A Sovereignty‐Based Account |journal=Journal of Applied Philosophy |author=Smith, P.T. |volume=35 |issue=2 |pages=222–41 |year=2015 |doi=10.1111/japp.12169}}</ref>
Cybersecurity is therefore a complex and multi-disciplinary issue. Security has been defined in the international relations and security studies spheres both as “the absence of threats to acquired values”<ref name="WolfersNational52">{{cite journal |title="National Security" as an Ambiguous Symbol |journal=Political Science Quarterly |author=Wolters, A. |volume=67 |issue=4 |pages=481–502 |year=1952 |doi=10.2307/2145138}}</ref> and “the “absence of harm to acquired values.”<ref name="BaldwinTheCon97">{{cite journal |title=The Concept of Security |journal=Review of International Studies |author=Baldwin, D.A. |volume=23 |issue=1 |pages=5–26 |year=1997 |url=https://www.cambridge.org/core/journals/review-of-international-studies/article/concept-of-security/67188B6038200A97C0B0A370FDC9D6B8}}</ref> Within the profession, cybersecurity is more commonly defined in terms of confidentiality, integrity, and availability of [[information]].<ref name="LundgrenDefin19">{{cite journal |title=Defining Information Security |journal=Science and Engineering Ethics |author=Lundgren, B.; Möller, N. |volume=25 |issue=2 |pages=419–41 |year=2019 |doi=10.1007/s11948-017-9992-1}}</ref> A 2014 literature review on the meanings attributed to cybersecurity has led to the broader definition of cybersecurity as "the organization and collection of resources, processes, and structures used to protect cyberspace and cyberspace-enabled systems.”<ref name="CraigenDefining14">{{cite journal |title=Defining Cybersecurity |journal=Technology Innovation Management Review |author=Craigen, D.; Diakun—Thibault, N.; Purse, R. |volume=4 |issue=10 |pages=13–21 |year=2014 |doi=10.22215/timreview/835}}</ref>


==References==
==References==
Line 38: Line 40:


==Notes==
==Notes==
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. The 2018 article by Sobers on 60 must-know cybersecurity facts has been updated in 2019; an archived version from 2018 is used in this version.
This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. The 2018 article by Sobers on 60 must-know cybersecurity facts has been updated in 2019; an archived version from 2018 is used in this version. The Lundgren and Möller citation has changed since the original article published online; this version represents the new information.


<!--Place all category tags here-->
<!--Place all category tags here-->

Revision as of 18:43, 3 June 2019

Full article title Smart information systems in cybersecurity: An ethical analysis
Journal ORBIT Journal
Author(s) Macnish, Kevin; Fernandez-Inguanzo, Ana; Kirichenko, Alexey
Author affiliation(s) University of Twente, F-Secure
Primary contact Email: k dot macnish at utwente dot nl
Year published 2019
Volume and issue 2(2)
Page(s) 105
DOI 10.29297/orbit.v2i2.105
ISSN 2515-8562
Distribution license Creative Commons Attribution 4.0 International
Website https://www.orbit-rri.org/ojs/index.php/orbit/article/view/105
Download https://www.orbit-rri.org/ojs/index.php/orbit/article/view/105/117 (PDF)

Abstract

This report provides an overview of the current implementation of smart information systems (SIS) in the field of cybersecurity. It also identifies the positive and negative aspects of using SIS in cybersecurity, including ethical issues which could arise while using SIS in this area. One company working in the industry of telecommunications (Company A) is analysed in this report. Further specific ethical issues that arise when using SIS technologies in Company A are critically evaluated. Finally, conclusions are drawn on the case study, and areas for improvement are suggested.

Keywords: cybersecurity, ethics, smart information systems, big data

Introduction

Increasing numbers of items are becoming connected to the internet. Cisco—a global leader in information technology, networking, and cybersecurity—estimates that more than 8.7 billion devices were connected to the internet by the end of 2012, a number that will likely rise to over 40 billion in 2020.[1] Cybersecurity has therefore become an important concern both publicly and privately. In the public sector, governments have created and enlarged cybersecurity divisions such as the U.S. Cyber Command and the Chinese “Information Security Base,” whose mission is to provide security to critical national security assets.[1]

In the private sphere, companies are struggling to keep up with the required need for security in the face of increasingly sophisticated attacks from a variety of sources. In 2017, there were “over 130 large-scale, targeted breaches [by hackers of computer networks] in the U.S.,” and “between January 1, 2005 and April 18, 2018 there have been 8,854 recorded breaches.”[2] Furthermore, cyberattacks affect not only the online world, but also lead to vulnerabilities in the physical world, particularly when an attack threatens industries such as healthcare, communications, energy, or military networks, putting large swathes of society at risk. Indeed, it has been argued that some cyberattacks could constitute legitimate grounds for declarations of (physical) war.[3]

Cybersecurity is therefore a complex and multi-disciplinary issue. Security has been defined in the international relations and security studies spheres both as “the absence of threats to acquired values”[4] and “the “absence of harm to acquired values.”[5] Within the profession, cybersecurity is more commonly defined in terms of confidentiality, integrity, and availability of information.[6] A 2014 literature review on the meanings attributed to cybersecurity has led to the broader definition of cybersecurity as "the organization and collection of resources, processes, and structures used to protect cyberspace and cyberspace-enabled systems.”[7]

References

  1. 1.0 1.1 Singer, P.W.; Friedman, A. (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know (1st ed.). Oxford University Press. ISBN 9780199918119. https://books.google.com/books?id=9VDSAQAAQBAJ. 
  2. Sobers, R. (18 May 2018). "60 Must-Know Cybersecurity Statistics for 2018". Varonis Blog. Archived from the original on 08 November 2018. https://web.archive.org/web/20181108122758/https://www.varonis.com/blog/cybersecurity-statistics/. Retrieved 17 December 2018. 
  3. Smith, P.T. (2015). "Cyberattacks as Casus Belli: A Sovereignty‐Based Account". Journal of Applied Philosophy 35 (2): 222–41. doi:10.1111/japp.12169. 
  4. Wolters, A. (1952). ""National Security" as an Ambiguous Symbol". Political Science Quarterly 67 (4): 481–502. doi:10.2307/2145138. 
  5. Baldwin, D.A. (1997). "The Concept of Security". Review of International Studies 23 (1): 5–26. https://www.cambridge.org/core/journals/review-of-international-studies/article/concept-of-security/67188B6038200A97C0B0A370FDC9D6B8. 
  6. Lundgren, B.; Möller, N. (2019). "Defining Information Security". Science and Engineering Ethics 25 (2): 419–41. doi:10.1007/s11948-017-9992-1. 
  7. Craigen, D.; Diakun—Thibault, N.; Purse, R. (2014). "Defining Cybersecurity". Technology Innovation Management Review 4 (10): 13–21. doi:10.22215/timreview/835. 

Notes

This presentation is faithful to the original, with only a few minor changes to presentation, grammar, and punctuation. In some cases important information was missing from the references, and that information was added. The 2018 article by Sobers on 60 must-know cybersecurity facts has been updated in 2019; an archived version from 2018 is used in this version. The Lundgren and Möller citation has changed since the original article published online; this version represents the new information.