Cybersecurity ethics is a new and under-researched field. With increasing attention being paid to cybersecurity, from hacking attacks on major corporations to attacks on critical national infrastructure, liberal democratic governments and corporations are looking to academia for guidance on how to respond ethically. For example, should software vulnerabilities be disclosed to vendors, or is it ok to keep them secret to support hacking operations by intelligence agencies? Who should burden the cost of corporate cybersecurity in the face of government-backed threats from foreign powers? How far can the pursuit of cybersecurity invade the privacy of citizens in a liberal democracy?
The 4TU community is in a strong position to respond to these concerns and spearhead research in this area. The universities of Delft and Twente co-run a MSc in Cybersecurity, of which one course is dedicated to ethical issues. Wolter Pieters at Delft is a prolific author in cybersecurity ethics, while Jeroen van der Ham (National Cyber Security Centre) and Kevin Macnish (formerly employed at the UK’s GCHQ) at Twente both have first-hand experience of government cybersecurity as well as publishing in related fields. Philip Nickel at Eindhoven is a leading philosopher in trust and technology, with trust being a central theme in the ethics of cybersecurity.
Together, these four researcher are looking to build a extended network of academics interested in cybersecurity ethics. The workshop, sponsored by 4TU.Ethics and 4TU.Nirict, will look at the state of the art in cybersecurity ethics and develop strategies with regards to funding for future research, collaborations in teaching and policy advice.