A Care-Based Stakeholder Approach to Ethics of Cybersecurity in Business

Morgan, Gwenyth; Gordijn, Bert

doi:10.1007/978-3-030-29053-5_6

Cited by 12 publications

(10 citation statements)

References 12 publications

(20 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The methodology follows the privacy framework of Nissenbaum [68] that views privacy as contextual integrity and extends it with "social norms and expectations affecting all human interactions that are constitutive of an established social practice" [50]. When discussing ethical issues in the context of business, the book focuses more on specific domains, such as healthcare, or on ensuring cybersecurity for businesses (see [59,80]).…”

Section: Related Workmentioning

confidence: 99%

A Discussion on Ethical Cybersecurity Issues in Digital Service Chains

Tronnier

Pape

Löbner

et al. 2022

Cybersecurity of Digital Service Chains

View full text Add to dashboard Cite

Enabling cybersecurity and protecting personal data are crucial challenges in the development and provision of digital service chains. Data and information are the key ingredients in the creation process of new digital services and products. While legal and technical problems are frequently discussed in academia, ethical issues of digital service chains and the commercialization of data are seldom investigated. Thus, based on outcomes of the Horizon2020 PANELFIT project, this work discusses current ethical issues related to cybersecurity. Utilizing expert workshops and encounters as well as a scientific literature review, ethical issues are mapped on individual steps of digital service chains. Not surprisingly, the results demonstrate that ethical challenges cannot be resolved in a general way, but need to be discussed individually and with respect to the ethical principles that are violated in the specific step of the service chain. Nevertheless, our results support practitioners by providing and discussing a list of ethical challenges to enable legally compliant as well as ethically acceptable solutions in the future.

show abstract

Section: Related Workmentioning

confidence: 99%

A Discussion on Ethical Cybersecurity Issues in Digital Service Chains

Tronnier

Pape

Löbner

et al. 2022

Cybersecurity of Digital Service Chains

View full text Add to dashboard Cite

show abstract

“…The Menlo Report (2012) 1) respect for persons, 2) beneficence, and 3) justice Loi and Christen (2020) 1) privacy, 2) data protection, 3) non-discrimination, 4) due process and free speech, and 5) physical integrity Weber and Kleine (2020) 1) efficiency and quality of service, 2) privacy of information and confidentiality of communication, 3) usability of services, and 4) safety. Morgan and Gordijn (2020) 1) privacy, 2) protection of data, 3) trust, 4) control, 5) accountability, 6) confidentiality, 7) responsibility on business to use ethical codes of conduct, 8) data integrity, 9) consent, 10) transparency, 11) availability, 12) accountability, 13) autonomy, 14) ownership, and 15) usability.…”

Section: Source Ethical Principlesmentioning

confidence: 99%

“…An alternative approach to incorporating privacy is to include it as a separate ethical principle that attempts to incorporate the diversity of definitions noted above (e.g., Van de Poel, 2020 ;Loi and Christen, 2020 ;Morgan and Gordijn, 2020 ). While such an approach might more accurately reflect the multifaceted character of privacy, it perpetuates principle proliferation by ignoring the conceptual relationships between privacy and existing principles as summarised within Table 2 .…”

Section: Source Ethical Principlesmentioning

confidence: 99%

“…Ransomware attacks are becoming more common, with one study claiming that they had tripled between 2017 and 2018 ( Morgan and Gordijn, 2020 ). WannaCry and Petya are two prominent recent ransomware attacks, with the former hitting the British NHS which resulted in cancelled medical appointments and diverted ambulances ( Hern, 2017 ).…”

Section: Ethical Issues In Ransomware Attacksmentioning

confidence: 99%

“…WannaCry and Petya are two prominent recent ransomware attacks, with the former hitting the British NHS which resulted in cancelled medical appointments and diverted ambulances ( Hern, 2017 ). Ransomware works by either encrypting data (cryptors) or blocking access to data (blockers) with the intention of extracting financial gains ( Morgan and Gordijn, 2020 ). Typically, this outcome is achieved by offering to unencrypt or provide access to the data in exchange for the payment of a ransom.…”

Section: Ethical Issues In Ransomware Attacksmentioning

confidence: 99%

See 2 more Smart Citations

A principlist framework for cybersecurity ethics

Formosa

Wilson

Richards

2021

Computers & Security

View full text Add to dashboard Cite

Is Cybersecurity Risk Factor Disclosure Informative? Evidence from Disclosures Following a Data Breach

Chen

Henry

2022

J Bus Ethics

View full text Add to dashboard Cite

By examining managers’ decisions about disclosing updated assessments of firms’ risks, we present evidence that the risk factor disclosures are informative. We use the setting of cybersecurity risk factor disclosures after a data breach because data breaches, especially severe breaches, serve as a natural experiment where an exogenous shock to managers’ assessment of their firm’s cybersecurity risks occurs. We analyze the topic from the perspective of two different theoretical lenses: the economic lens of optimal risk exposure and the ethical lens of stakeholder theory. Using a sample of firms experiencing data breaches, we find that firms experiencing a data breach increase the amount of cybersecurity risk factor disclosures compared to matched firms with no data breach. Further investigation reveals that the severity of data breaches affects the results; cybersecurity risk factor disclosures increase only after severe data breaches. While there is no significant market reaction if breached firms’ subsequent annual reports include increased cybersecurity risk factor disclosures, a significant negative market reaction occurs if breached firms decrease cybersecurity risk factor disclosures, regardless of the severity of the breach, implying that the market anticipates increased disclosures after data breaches.

show abstract

A Care-Based Stakeholder Approach to Ethics of Cybersecurity in Business

Cited by 12 publications

References 12 publications

A Discussion on Ethical Cybersecurity Issues in Digital Service Chains

A Discussion on Ethical Cybersecurity Issues in Digital Service Chains

A principlist framework for cybersecurity ethics

Is Cybersecurity Risk Factor Disclosure Informative? Evidence from Disclosures Following a Data Breach

Contact Info

Product

Resources

About