Term Paper

As cybersecurity continues its rapid development in the modern era, I have the incredible
opportunity to jump in and get my hands dirty. In that, I have the ability to take classes and get a
degree that some people never dreamed would be possible. In our everyday lives, we see and
hear ads everywhere about protecting our privacy and our data. We read the news, and almost
every week, there is an article about some breach or hack that happened, costing so-and-so
companies hundreds of thousands or millions of dollars. After someone has been hacked, you
can’t change the fact. The only thing we can change and develop in ourselves is our code of
ethics and how we might respond in that situation.

As I reflect back on this course, I realize the different ways I have grown to become a
better person. I remember back to one of our first papers regarding the reasons I first wanted to
study cybersecurity. Some of my reasons are selfish. I am drawn to the “hacker” title and enjoy
the necessary evil of a Red Teamer. That aside, I have always wanted to help people. I
genuinely get joy from seeing other people’s faces light up, and I want people to become
successful. As I have worked my way through this course in writing these papers and
participating in lectures, I have seen another side to cybersecurity. I have seen a great many
decisions that people constantly rely on you to make in sometimes short time spans or stressful
situations. Some of those decisions can lead to heavy consequences, and some can lead to
incredible embarrassment. No matter the consequences or gains, though, my ethics and soft
skills have to be substantial and ready for anything. I have to know that I will be able to make
the right decision at the right moment.

Before this class, I had never really thought of just how important the role of ethics would
and could be in this career path. I feel like I knew what ethics were and have been raised to
apply them to my life. I hadn’t connected ethics and their importance in cybersecurity and how
they can escalate or de-escalate certain situations that can arise in the infosec world. I like this
quote regarding ethics and the involvement in cybersecurity: “Ethical issues are at the core of
cybersecurity practices because these practices are increasingly required to secure and shield
the ability of human individuals and groups to live well.” It’s basically saying that without the act
of honesty, the ability to perform legally, or the desire to perform responsibly, you can’t protect
people from harm. As professionals in cybersecurity, we need to be constantly looking out for
the people around us, and the ethics that we hold to ourselves are not for our gain, but for the
people who trust us and need us to help them when they themselves cannot. I like it because it
reminds me of what I hold true to myself and the ethics that I will hold throughout my future
professional career in cybersecurity. In CPRE 234 lecture slides taught and presented by Dr.
Benjamin Blakley, it reads, “What if doing the “right thing” is a career-limiting move or puts your
job at risk? Your freedom? What if you have a family?” This really made me think of different
situations that might challenge me in my career and drove home this idea that ethics and
cybersecurity are extremely tight-knit, and without ethics, you can’t do the right things.
The ethic(s) that I would like to focus on first is the ethic of integrity and truthfulness. I believe
that although they are slightly different, they can be assumed to be the same regarding trust.
Integrity generally reflects the trustworthiness of information resources. Integrity can be divided
into two aspects, the personality "of being honest and having strong moral principles," and for
data resources, it means "the state of being whole and undivided." I believe this is an incredibly
valuable ethic to hold onto because if you were to tell someone that something was hacked or
that their product/service was vulnerable and they didn’t believe you, you couldn’t do your job.
This is another example of where your integrity and doing what is right can tie into honesty in
the fact that when you do what you have been told to do, and you try your hardest to fulfill that
requirement, you inherently gain trust through your honest, hard work. You wouldn’t be
protecting them. They need to understand that when you are telling them something, you mean
it and you are trying to help. So, when I do try to help, I must tell the whole truth so there is
never any question about whether anything is going on or that anyone is being deceived. I
would like to be the first one to stand up and say I messed up if ever in that situation. I think this
ethic allows people to look up to you and trust that they can come to you with the good, the bad,
and the ugly news and know that you are going to tell them exactly what can be done or what
has already happened.

The next ethic I would like to integrate into my professional career in cybersecurity would
be Courage. Ronald Reagan once said, “There are no easy answers, but there are simple
answers. We must have the courage to do what we know is morally right.” Doing the right thing
is not always easy, and as we discussed in CPRE 234 taught by Dr. Benjamin Blakley,
cybersecurity can challenge you with anything every day. In the Professional and Business
Ethics lecture slides, things we don’t know what is going to happen, and one day when you walk
into work, you could be faced with an extreme ethical dilemma that you need the courage to
stand up against. For example, during one of our earlier lectures in the semester, Dr. Benjamin
Blakley and our class discussed the scenario of a runaway trolley. It goes, “There is a runaway
trolley barreling down the railway tracks. Ahead, on the tracks, there are five people tied up and
unable to move. The trolley is headed straight for them. You are standing some distance off in
the train yard, next to a lever. If you pull this lever, the trolley will switch to a different set of
tracks. However, you notice that there is one person on the sidetrack. You have two options:
One, do nothing, and allow the trolley to kill the five people on the main track. And two, pull the
lever, diverting the trolley onto the sidetrack where it will kill one person. You may be asking
yourself, “Wait, how does this have anything to do with courage? Choose option one or two!”
and you would be right to do so, but one thing that really resonated with me is the fact that there
were people that didn’t make any decision. They didn’t state what option they would choose.
You may think they chose option one, and maybe they did, but they did not tell anyone else that
is what they were thinking. If one does not have the courage to write a message in the Google
chat at the minimum, in a private call with our professor, how can one expect themselves to
stand up to the full-blown news of a data breach that you have to find the courage to tell your
company? It was probably a dumb moment to come to that conclusion, but I feel like it really
clicked and I got just how important ethics and the ability to be strong and effective through my
courage, integrity, and honesty really is in the realm of a cybersecurity professional.
 Coming into this class, I had a good understanding of what ethics were and how I have
applied them to my everyday life. I always strive to be a better person every day and look at
myself first when something goes wrong. I have always valued honesty and the ability to trust in
other people, and I believe that courage and hard work will benefit everyone around you. I know
that I cannot change the fact that bad things will happen. I didn’t, however, think about and fully
grasp the importance of ethics in cybersecurity. I didn’t quite understand some of the various
issues that come up that challenge your integrity, honesty, and courage. When I took this class, I
thought we would just memorize some terms, write a few papers, and be done. Dr. Blakley did
give us plenty of writing experience, and I think through it, we got to get a deep look at our
personalities and morals and what we truly value and look to get out of life. He didn’t lecture
thrice a week about how we should be living our lives or how we might mess up. He gave us the
opportunity to think freely and decide for ourselves what we value most and really let us see
how we might respond to certain topics to scenarios that are common struggles in cybersecurity.
I have learned to follow what I have always believed to be ethical and moral and to not waver
when hard times and situations may sway you. There will be situations that take more than what
your ethics can throw at it, and in those situations, you have to make the best decisions with the
information you have and know that you have done your best.

I think one of the most vital soft skills is communication. It is imperative that you have the
ability to communicate around you to better grasp what is going on and to get others' opinions or
knowledge. It is used daily to communicate with other teams in a company to organize ways to
prevent certain vulnerabilities or to become more effective with your time. A second soft skill I
value is the ability to problem-solve. When your communication fails you, and there is no one to
ask a question to get their advice, you need to rely on yourself and your unique skill set to be
able to establish and follow the correct procedure in certain situations. For example, if a
company has a data breach, I, as a valuable member of the cybersecurity team at that
company, need my problem-solving skills to mitigate data loss in the moment and in the future
as well. Everyone struggles with something, whether it be telling the truth, sticking to promises,
or working hard. Personally, I think I struggle with Prudence. Prudence is the quality of being
cautious. I like to dive head-on into problems and not think about a possible option. I always
analyze the situation and choose what I think to be the most logical solution for both the
situation in the past, present, and future. I don’t have time to ponder something for hours on end
and crave a quick, but not reckless solution. I think that some things need to be looked at
carefully and cannot be taken at face value, or things will be missed. I think there are times
when I don’t look out far enough and am missing out on a possible “better” solution that may
have been available if I had just taken the time to sit and think. This is an important skill/trait that
I need to work on, as cybersecurity is full of problems, and most of the time, you don’t get a
do-over if you make the wrong decision. Prudence in cybersecurity requires far-sighted planning
as well as short-term, goal-directed planning to get the best results and the least number of
mistakes.

In conclusion, I have learned so much in this class about myself and about the incredible
opportunity I have to go into the field of cybersecurity. It has taught me to look at myself and see
what my strengths and weaknesses are and how I can strengthen them to be a better person
not only in my life in cybersecurity but in my regular outside-of-work life. I see now some of the
extremely challenging questions cybersecurity professionals have to face consistently and why
they can be responded to through our adoption of certain ethics and traits and the collaboration
of soft skills that shape us into the person we want to see. If I were to come across a
vulnerability in a website after taking this class, I would report it immediately to protect others
and make the internet a safe place. Cybersecurity is a passion of mine, and I always look for
ways to help others and keep people safe. I think more people need to take this class to really
get a good look into themselves to better understand what they are capable of and how they
can grow as they continue their journey in cybersecurity. It's dark enough in the world without a
few more lights going out.