Operationalizing Cybersecurity Research Ethics Review: From Principles and Guidelines to Practice

Dennis Reidsma*, Jeroen van der Ham, Andrea Continella

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

69 Downloads (Pure)

Abstract

Cybersecurity research involves ethics risks such as accidental privacy breaches, corruption of production services, and discovery of weaknesses in networked systems. Although literature describes these and other issues in some depth, re- flection on these issues is not yet well embedded in typical Ethics Review Board procedures. In this paper, we operationalize existing guidance on cybersecurity research ethics into a proposal that can be directly implemented in an Ethics Review Board. We provide a set of self-assessment questions to effectively and efficiently probe the ethics of proposed cybersecurity research, a Coordinated Vulnerability Disclosure procedure for discoveries made in the course of research, and an outline of a university policy to institutionally embed this procedure, which could be adapted and adopted by research institutes. With this paper, we hope to contribute to more Ethics Review Boards taking up the challenge of addressing cybersecurity research ethics in an adequate and productive manner.
Original languageEnglish
Title of host publicationProceedings EthiCS 2023
Subtitle of host publicationThe 2nd International Workshop on Ethics in Computer Security, February 27, 2022, San Diego, CA, USA
Place of PublicationReston, VA
PublisherInternet Society
Number of pages7
ISBN (Electronic)1-891562-85-1
DOIs
Publication statusPublished - 27 Feb 2023
Event2nd International Workshop on Ethics in Computer Security, EthiCS 2023 - San Diego, United States
Duration: 27 Feb 202327 Feb 2023
Conference number: 2

Conference

Conference2nd International Workshop on Ethics in Computer Security, EthiCS 2023
Abbreviated titleEthiCS 2023
Country/TerritoryUnited States
CitySan Diego
Period27/02/2327/02/23

Fingerprint

Dive into the research topics of 'Operationalizing Cybersecurity Research Ethics Review: From Principles and Guidelines to Practice'. Together they form a unique fingerprint.

Cite this