Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Cyber Camp Ethics

No description

Chad Korosec

on 15 March 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Cyber Camp Ethics

Security Policy
Cyber Camp 2013
Ethics and Policy; A Good Starting Point for Security
Breaking down
two separate
but related
Why Talk about Ethics?
The NSA providing training for kids in the area of Cyber Security.

They view Cyber Ethics as "a code of safe and responsible behavior for the Internet Community."
Back up;
who is the NSA?
The NSA collects and analyzes information and data (Intelligence)

Responsible for the protection of U.S. government communications and information systems, which involves information security and cryptanalysis/cryptography.

Due to the organization's SECRECY, NSA's famous acronym is at times explained to stand for "No Such Agency" or "Never Say Anything".
And why agencies like the NSA care about Ethics?
But, its not just the Government looking for ethical employees!
Yes, all of these companies are looking for ETHICAL people to work and keep sector or trade secrets!
But Ethics is more that this
We all exist in different communities, each with ...
Different Rules
Different Members
Different standards and goals
Can Change
Different things we share
in different groups
Think about what a mess this can create
What do we have to consider to stay safe, private, secure
We have to understand our own responsibilities
and use Common Sense
Because it could end up ...
or, better yet!
and it ended up...
I need to
post this!
So, how do we make the hard decisions!
How about where we work?
Many work elements guide our decisionmaking!
Just look around
What is
Most things are!
What elements make up Security Policy?
Cyber Camp 2013
Ethics and Policy; A Good Starting Point for Security

Does it really look like that?
No, it looks like this ...
Virtually everyone is
the audience?
Support Staff
A Team is formed ...
They will analyze the business, risks, needs and start a road map
The team must determine ...
What is the
What is the
What elements belong in
policy versus standards, guidelines, etc
How do we raise policy
Policy must be...
Easy to understand
State why it is needed
Define responsibilities
Policy Should be...
Address violations
But there must be details that should be addressed!
Structure depends on
size and goals of
the organization
Do you need one
large document or
several small ones?
Some policies can be
appropriate for many sites,
others are specific to
certain environments
Smaller ones are easier to manage
Cyber Camp Policy
There should always be
consequences for actions!!
What are the basics
What else should
everyone know?
C:\Users\Cyber Camp> Security should
always start with Policy, Ethical Behavior
and Common Sense

C:\Users\Cyber Camp> .

Sounds like his home policy
is not enough against
an unknown threat!
Perhaps we rely
on lessons from
other we trust
Perhaps this
is policy as well?
and even a little boring!
Yes it's hard work!
... or the lack of good security practices
by his friends!
Careful what you
post here!
Is Policy Complex!
A principle or rule ...
guides decisions ...
to achieve rational outcomes
A statement of intent ...
implemented as a procedure or protocol
but they don't need to be
Who needs
to read
all of that!
.. a branch of philosophy that involves systematizing, defending and recommending concepts of right and wrong conduct.

ethics studies the moral behavior in humans and how one should act
Recall, Ethics is a branch of philosophy that involves "systematizing"
of, pertaining to, or concerned with the principles or rules
of right conduct
the distinction between right and wrong;
unauthorized communication of national defense information
willful communication of classified communications intelligence information to an unauthorized person
Full transcript