Overview
This lecture covers the (ISC)² Code of Ethics, outlining the foundational canons that all ISC2 certified security professionals must follow, and emphasizes their importance for exam preparation and professional conduct.
Codes of Ethics in Information Security
- Professional ethics require information security professionals to act honorably and responsibly in their roles.
- Many organizations, like AT&T, maintain internal codes of ethics with rules on honesty, ethical conduct, and avoidance of conflicts of interest.
- The (ISC)² Code of Ethics applies to all ISC2 certified security professionals.
The Four Canons of the (ISC)² Code of Ethics
- The Code of Ethics consists of four simple canons that define the expectations for certified professionals.
- Familiarity with these canons is crucial for ISC2 exam candidates; understanding the general idea suffices for the exam.
- The first canon is to protect society, the infrastructure, and the common good.
Key Terms & Definitions
- Code of Ethics — A set of guidelines outlining acceptable behaviors and ethical expectations for professionals.
- Canon — A fundamental principle or rule in the (ISC)² Code of Ethics.
- Conflict of Interest — A situation where personal interests could improperly influence professional judgment.
Action Items / Next Steps
- Memorize and understand the four canons of the (ISC)² Code of Ethics for exam success.
- Review the ethical guidelines required by your own organization.
- Reflect on how these canons impact professional practice in cybersecurity.