The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws.

Keywords: Penetration Testing, Ethics, Privacy legislation, Data Misuse, privacy

Abstract

Across the globe, there has been a noticeable increase in the adoption of breach disclosure laws that are designed to protect the privacy of individuals. To validate the security controls implemented by an organisation to protect sensitive data, penetration testers are often engaged to test the security of information systems and to report any vulnerabilities. Using an interpretivist, constructivist approach, this article reports on a pilot study that compares USA and Australian approaches to ethical hacking. The need for regulation of ethical hacking to help protect organisations from unethical conduct was a recurring theme. With the changes in privacy regulations across the world, unauthorised disclosure of personal and privileged information could result in significant consequences. This paper explores the importance of ethical conduct by penetration testers based on empirical research and the potential for misuse of information.
Published
2019-05-06
How to Cite
Thomas, G., Burmeister, O., & Low, G. (2019). The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws. Australasian Journal of Information Systems, 23. https://doi.org/10.3127/ajis.v23i0.1867
Section
Research on Applied Ethics

Most read articles by the same author(s)