Vulnerabilities and responsibilities: dealing with monsters in computer security

Wolter Pieters, L. Consoli

    Research output: Contribution to journalArticleAcademicpeer-review

    6 Citations (Scopus)
    149 Downloads (Pure)


    Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities. Design/methodology/approach – Vulnerabilities in information security are compared to the concept of “monster��? introduced by Martijntje Smits in philosophy of technology. The applicability of different strategies for dealing with monsters to information security is discussed, and the strategies are linked to attitudes in virtue ethics. Findings – It is concluded that the present approach can form the basis for dealing proactively with unknown future vulnerabilities in information security. Research limitations/implications – The research presented here does not define a stepwise approach for implementation of the recommended strategy in practice. This is future work. Practical implications – The results of this paper enable computer experts to rethink their attitude towards security threats, thereby reshaping their practices. Originality/value – This paper provides an alternative anthropological framework for descriptive and normative analysis of information security problems, which does not rely on the objectivity of risk.
    Original languageUndefined
    Article number10.1108/14779960911004499
    Pages (from-to)243-257
    Number of pages15
    JournalJournal of information, communication and ethics in society
    Issue number4
    Publication statusPublished - 2009


    • SCS-Cybersecurity
    • EWI-16399
    • Culture
    • Data Security
    • Ethics
    • METIS-265760
    • IR-68258

    Cite this