The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws.

Authors

DOI:

https://doi.org/10.3127/ajis.v23i0.1867

Keywords:

Penetration Testing, Ethics, Privacy legislation, Data Misuse, privacy

Abstract

 Across the globe, there has been a noticeable increase in the adoption of breach disclosure laws that are designed to protect the privacy of individuals. To validate the security controls implemented by an organisation to protect sensitive data, penetration testers are often engaged to test the security of information systems and to report any vulnerabilities. Using an interpretivist, constructivist approach, this article reports on a pilot study that compares USA and Australian approaches to ethical hacking. The need for regulation of ethical hacking to help protect organisations from unethical conduct was a recurring theme. With the changes in privacy regulations across the world, unauthorised disclosure of personal and privileged information could result in significant consequences. This paper explores the importance of ethical conduct by penetration testers based on empirical research and the potential for misuse of information.

Downloads

Published

2019-05-06

How to Cite

Thomas, G., Burmeister, O., & Low, G. (2019). The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws. Australasian Journal of Information Systems, 23. https://doi.org/10.3127/ajis.v23i0.1867

Issue

Section

Research on Applied Ethics