As cyber attacks continue at a record pace around the world, the need for skilled, ethically-minded cybersecurity experts cannot be underestimated.
“Ethics are very important in the cybersecurity field,” says Dr. Allen Harper, Executive Director of Liberty University’s Center for Cyber Excellence. “Wherever a law ends, that’s where ethics must step in. There are some things in the cybersecurity field that are clearly illegal; but there are others that no law applies to, and that’s when ethics steps in.”
Cyber attacks, defined as an attempt by hackers to damage or destroy a computer network or system with the intention of causing harm, are the fastest- growing crime in the U.S. and cost companies millions of dollars in damages. The economic impact shows no signs of slowing down; a recent report found that the global cost of cybercrime rose to more than $600 billion in 2017.
To combat this, banking and finance firms, political organizations, and healthcare companies around the world are hiring cybersecurity professionals to ensure their networks are protected. “A company will hire a security professional like myself to break into their network, and then show them how we did it so it can be fixed before the bad guys come and do the same thing,” Dr. Harper said. “It’s not hard to get into an organization; the question is, what are you going to do once you get in? You had better understand what is right and what is wrong once you break into an organization — otherwise, you’re going to get in trouble, and your company’s going to get in trouble.”
In his classes at Liberty University, Dr. Harper, who served in the IT and cybersecurity industry for more than 30 years and is the lead author of the Gray Hat Hacking series of books, teaches from a distinctly Christian point of view. Students learn how the biblical principles of justice honesty and integrity apply to the field of cybersecurity. One practical way to apply one’s faith at work, he said, is through a method called “ethical hacking.”
“Ethical hacking is simply beating the bad guys to the punch,” he said. “What many companies will do is hire cyber security professionals to ethically break into their network and determine what those soft spots are. A report is prepared and sent back to the client so they can take that information and get it fixed before the bad guys come and do the same thing. We call that penetration testing, but also ethical hacking.”
Ethical hacking, he explained, teaches students to wisely handle sensitive information while navigating complex systems. “Sometimes, companies will hire security researchers to conduct research about a product or a piece of software to find weaknesses or vulnerabilities, in that software,” he said. “Once they find a vulnerability in software, it’s critically important that they ethically handle that sensitive information. An example of handling that properly would be to disclose that to the company who developed the software and allow them an opportunity to get it fixed before they release that information to the public. An example of not doing that ethically would be to disclose that information to the public prematurely before giving the developer of the software an opportunity to fix it.”
He added, “We’re dealing with people’s livelihoods; the information that we come in contact with as cybersecurity professionals has the ability to ruin people’s lives if not handled properly and ethically.”
Cybersecurity professionals with the right skills are highly sought after; the U.S. Bureau of Labor Statistics (BLS) projects cybersecurity jobs to increase 18 percent through 2024. Yet, the current demand for cybersecurity experts is outpacing the supply.
At Liberty University, students are taught how to how ethically address the wide variety of moral dilemmas that may present themselves in such a critical and information-sensitive industry. They're also given the hands-on technical experience needed for a successful career in the field of cybersecurity; Liberty University has been designated a National Security Agency and Department of Homeland Security Center of Academic Excellence for Cyber Defense Education (NSA/DHS CAE-CDE).
As in any career field related to security, excelling in integrity is just as important as excelling in the practical demands of the job.
“What I find is that companies large and small, public and private, all are yearning for ethics and integrity and morals, in particular in the cybersecurity field. They expect that, they demand that , of their cybersecurity professionals,” Dr. Harper said. “To that I say, who better than Christians to secure these networks?”