IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Online Checkup: Why Cyberethics Matter More Than You Think

When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. Perhaps its time for instituting a regular cyber check-up?

  When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. After a few moments of small talk about the weather and traffic, my dental hygienist (abbreviated hereafter in this blog as DH) always jumps straight to the point:

DH – “Been brushing?”

Dan – “Yes!” (with confidence)

DH – “Flossing?”

Dan – (This time softer, with a sheepish frown and a bit of fear) “More often than before…”

DH – “How often?”

Dan – “Well… two or three times a week?” (I’m asking myself: why I’m afraid of these questions…)

DH – “Uh huh, I’d say that’s slightly exaggerated …” (As she looks at my teeth…)

Dan – “I know. I’ll do better next time…”

DH – (After a painful long pause, she continues with a smile and a bit of concern in her voice.) “You’ve come a long way from where you were, but stick with it. And don’t forget to use mouthwash.”

Dan – “Got it. Thanks.” (I offer a brief smile. I’m glad that she really does care and hold me accountable. After all, it’s my teeth we’re talking about.)

 A Cyber Check-up?

Does the scenario at the dentist’s office sound familiar? (Hopefully, you floss more than I do.)

If not, perhaps you can relate better to a regular physical at your doctor’s office. After the nurse gets your weight, pulse, blood pressure, temperature, etc, the doctor typically asks a series of questions about your diet and whether you’re getting enough exercise. Of course, good doctors are trying to go deeper than just today’s numbers on the chart and look at overall health trends. Adjustments are required when the pattern is leading in troublesome directions.

Perhaps it’s time for instituting a regular cyber check-up? No, I’m not talking about running diagnostics on your car or placing chips in your brain.

I’m talking about a regularly-scheduled, honest, open discussion about online life at home and work.

You may be thinking: Sure, I get the significance of the dentist’s and the doctor’s office check-up, but why is this online-life check-up so important? What issues need to be discussed? How does this impact business and government security? What’s at stake for my family and career?

This is the first in a series of three blogs on the personal and professional impacts of cyberethics. I'm starting with the scope of the challenges we face at home and work. Next, I'll be describing some current difficult “staff-oriented” security situations that government and business enterprises must address. Finally, I will conclude with a blog offering some potential solutions and hurdles to overcome moving forward.

Along the way, I will use a few excerpts from my book Virtual Integrity: Faithfully Navigating the Brave New Web. While the book was published in 2008, most of the online problems, trends and ethical challenges described have only increased in the past four years with the explosion in use of social media sites and mobile computing. The majority of Internet predictions made have already taken place (faster than I thought), and many blog readers are now always-connected to the Net.  I believe that children and adults need regularly refreshed cyberethics educational lessons, motivating challenges and even occasional reminders. In short, our shortage of online trust will only get worse unless these trends are reversed. 

Topics in Cyberethics: Almost Everything Online Is Included

Back in 2008, The Carnegie Institute held a forum entitled: Cyberethics: The Emerging Codes of Online Conduct. The expert speakers included Michael Getler, Rita J. King, Alex Koppelman and Steve Clemons. The cyberethics discussion mainly focused on online news and ethical issues in media, and yet the   topics ranged from our identity to using anonymity, from online news to the future of newspapers, from citizen journalism to “unaccountable” blogs, from information overload to policing truth and from Second Life (virtual worlds) to political campaigns.

Other interesting background articles on this cyberethics topic include an assortment of information systems pieces at Mississippi State University’s website and the Effect of Legal Ethics in a Business World. You can access the official office of government ethics website, and there are also plenty of private watchdog websites that oversee potential government ethics violations. Furthermore, almost everyone is aware of the major ethics violations stemming from news stories like Bernie Madoff, Libor-manipulation or the Enron scandal.

And yet, cyberethics factor into almost every policy and rule that government enterprises implement at the local, state and federal levels. Sure, improved awareness training is vital, but as I have repeated in several interviews, "Darth Vader was well trained."

The intentions of employees may be good, but what is actually happening on the ground (on the networks?) How are staff truly behaving and how are policies being enforced? For a partial range of potential issues at home and in the office, see this table entitled: "Cyber Conduct - Personal Consequences lead to Societal and Criminal Impact." This table was first published on page 86 of Virtual Integrity.

Cyber Activity

Step 1: Personal or Family Impact

 Integrity Compromised

Effects: moral, spiritual, relationships, career 

Step 2: Business or Societal Impact

Legal Consequences

Effects: work rules, Internet trends, crime

 Clicking on a phishing scam, infected e-mail or e-card trick

Lost information, Inconvenience & Credibility, False Sense of Security, later mistrust.

Identity theft, cyber crime exploding into multi-billion problem affecting law enforcement, government, and business.   

Plagiarism – Illegal copying material

Steal, Lack of learning, inflated grade, guilty conscience, discipline, expulsion. 

Academic integrity questioned, unfair grading, More cheating leads to mistrust of schools.

Download Copyright songs, movies, DVDs, etc

Redefines stealing, personal lawsuits, home viruses and worms, opens Christians to charge of hypocrisy.

Corporate lawsuits, hurting music and movie industries, billions lost in sales, theft overwhelming, viruses, worms into enterprise.

Porn at work, Visiting inappropriate websites that violate professed values (anytime)

Violate trust & vows, lead to addictions, lust, adultery, harms marriage, divorce, hurt organization and reputation.

Violates work rules, hurts productivity, leads to escalation of violence & child porn, societal degradation, degrades women, hurts families.

Providing false name, age, location

Lying, reduced trust in online transactions & chat, loss of protections provided to minors, easy deception, loss of key relationships.

Internet protections fail, easier to commit crimes, lack of identity controls, more complexity, sexual predators attack. 

Falsifying qualifications & credentials on resumes, stretch the truth on skills

Reputation damaged, loss of job, guilt, career impacted.

Human resource decisions undermined, professionals lack qualifications, jail time.

Misrepresenting the facts on products we sell, value of items

Lying, Buying the wrong items, hurts trust.   

Hurts growth of online sales and overall economy, limits online possibilities, FTC crimes for false advertising.

Inappropriate relationships, saying things that are unkind, bullying, lack of etiquette, online manors

Helpful chat rooms become a emotional and spiritual problem, relationship issues, marital mistrust or divorce.

Relationships weakened, online predators.

 

The truth is that the cyberethics and online activities of the workforce is a pivotal, foundational issue for every business and government organization. The often discussed “insider threat issue” pertains to not only internal “expert hackers” or professional bad guys trying to steal money and/or intellectual property, but all employees need to take notice. Each of us plays a role in defending the enterprise from cyber attacks, stopping malware (not clicking on bad links) as well as avoiding potential costly legal issues such as e-discovery wild goose chases, plagiarism claims and copyright violations.

Your Future Is At Stake

In addition, what I think most people miss is that their own family and career is at stake. In a worst-case scenario, I have seen staff lose their jobs, families divided, marriages torn apart or even people go to jail over ethical violations online. More often, online actions of personnel can cause problems for security teams, weaken the enterprise, cause a security breach or hurt someone’s reputation or their chances for promotion.

 But just as important as avoiding these negative consequences and staying out of newspaper headlines, I am starting to see online behaviors and the need for a regular cyber check-up as more and more like our dental or doctor’s office check-up. Yes, the wrong diet or lack of exercise or not flossing my teeth has negative ramifications in life. And the right diet and exercise and flossing can also strengthen overall health and enable positive things in the future.  

Just as my friends who run marathons tell me that they “feel it” later when they miss training days, I think we each feel it if/when we are engaged in ethical violations online – no matter how small. The individual and the enterprise will eventually suffer in some way. If the behavior continues, the eventual impact will only grow.

In the same way, balancing online and offline life, behaving in appropriate ways online at home and work, “surfing your values” and forming intentional good habits in cyberspace will lead to personal and professional success and enable the many good possibilities in our careers.

Next time, I’ll provide more specific online examples and explore the concept of online accountability further.

What are your thoughts on cyberethics? How does your business balance the people, process and technology aspects of cybersecurity?

 

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.