By merely setting foot upon the path for a Cyber Security certification you have elevated yourself towards a higher level of responsibility. Individuals participating in any of our Cyber Security programs or self-study processes are given access to cutting edge technologies and high level training. The responsibilities of this knowledge must not only be respected and adhered to, but your imperative duty from this point forward will be the ethical implementation of this knowledge and protection of it from malicious and illegal uses. Based within this fundamental precept, all certified and uncertified individuals that participate in any type of security testing should uphold a Code of Ethics.
The following suggested Code of Ethics is not meant to replace the already existing and well meaning ethical behavior and judgment of the individual. It is intended to provide guidance and a moral compass in order to give the individual a direction in which to proceed through difficult decision making processes.
Code of Ethics Preamble:
- Honor ethical guiding principals, the protection and safety of the society, and our fellows mandates that we continually strive, and be seen to strive at all times, towards the highest standards of ethical behavior.
- Failure to adhere to the codes could undermine the value of the knowledge and certification, thereby corrupting and devaluing the entire process.
- Certification is therefore conditional upon austere devotion to the code.
Code of Ethics:
- Act legally, with honor, responsibility, and honesty as we implement the knowledge we have gained and continue to gain.
- Protect the integrity of the profession and advance its knowledge.
- Protect society and its security.
- Demonstrate unwavering commitment to the principles of ethical behavior.
The following contains further clarification of the Code of Ethics for guidance:
Act legally, with honor, responsibility, and honesty as we implement the knowledge we have gained and continue to gain.
- Tell the truth, and provide all involved with the necessary information in a timely manner.
- When presented with laws from different jurisdictions, the laws of the jurisdiction in which your services are being provided should receive preference.
- Recognize the degree of responsibility that you have been charged with, through your training and knowledge.
- Observe and respect all contracts and agreements, either expressed or implied.
- Treat everyone fairly and with respect.
- Any actions taken should first protect the safety of society, and then adhere to the principals of the code, the safety of the individual, and the furthering of the profession in that order.
Protect the integrity of the profession and advance its knowledge.
- Keep the advancement of the profession in knowledge and reputation in mind at all times.
- In professional regards, sponsor those that exemplify best the qualities of the code and encourage their growth and training.
- Maintain professional practices that support the codes and nurture relationships between those that also demonstrate the highest regards and practices of the codes.
- Professional relationships that are with individuals that have reputations or have demonstrated practices that are in violation of the codes, or detract from the good standing of the community, should be avoided.
- Keep your skills sharp and your knowledge current.
- Donate, when possible and however much, of your time and knowledge to those whom also demonstrate a desire to grow and embrace the codes.
Protect society and its security.
- At all times, the preservation of the public trust in all aspects of information security must be promoted and assured.
- The continued preservation of society and its structures must not only be continued, they must be strengthened and their integrity maintained. Knowledge of acts and methodology that undermine the public trust and violate the code must be reported to the authorities. Failure to do so degrades the standing in the society of the information security profession.
Demonstrate unwavering commitment to the principles of the code.
- We are only as strong as our weakest link.
- Our integrity as a profession is only as sound as our last truth spoken, or last promise kept.
- Each of us individually represents the greater whole of the profession. When one of us fails in upholding the code, we are all represented as failing to uphold the code.
- It is through our actions that we will be judged as a professional. By remaining faithful to the code and the ideals it represents, we can maintain a self regulating community. In doing this, we also demonstrate to society, as a whole, that we have its protection and best interests in mind, while also displaying the responsibility and concern for the protection and maintenance of society as well.
The intent of this section, and the clarification of the Code of Ethics, is to provide further guidance to the members of the security professional community. This is so that when members are confronted with situations that present uncertainty about proper behavior to the forefront, they will have at least a basic code as a guide for their actions and how they should conduct themselves in an ethically sound manner.
I, the undersigned, agree to act legally, with honor, responsibility, and honesty as I implement the knowledge I have gained and continue to gain. I agree to abide by the code of ethics as described with this document.