So what you say. Happens everyday. Well there is this little thing called professionalism followed by ethics that binds most of us to a upstanding level of service during our careers. Not everyone can hack it. Most of us can. Certifications today require, no demand, we live up to a certain level of ethics. If you work in IT and especially if you work as an Information Security professional you fall under public trust. The public expects custodians of their data and the companies that collect it to be held to a higher standard than the average person. International Informations Systems Security Certification Consortium (ISC2) manages the Certified Information Systems Security Professional (CISSP) program that ensures its recipients have the years of experience and pass the test to hold this prestigious certification. It's one of the top ten best certifications you can have today. ISC2 was also very wise to make the certification conditional upon the recipient agreeing to follow a code of ethics. But why is it so important? Isn't it more important to be a GREAT security professional than it is to hold high ethical standards? I look at it this way. You need to be both. You need to be GREAT at your profession AND you need to be a GOOD person. The world is full of slackers looking for a way to cheat their way ahead of others. We see the greed in the news on a daily basis. Thanks to the Madoff's and the Enron executives we have plenty of BAD people to beware of. ISC2 put's it this way:
"The Pursuit of Integrity, Honor and Trust in Information Security
All information security professionals who are certified by (ISC)2® recognize that such certification
is a privilege that must be both earned and maintained. In support of this principle, all members are
required to commit to fully support the (ISC)2 Code of Ethics (the “Code”). Members who violate
any provision of the Code will be subject to action by a peer review panel, which may result in the
revocation of certification.The Code gives assured reliance on the character, ability, strength, or truth
of a fellow (ISC)2 member, and it provides a high level of confidence when dealing with a peer member."
So what makes it necessary for us to follow a code of ethics? Who's going to catch me if I violate or break an ethics code or two? More importantly who is going to turn me in? We're all too busy. Who wants to bother with that mess? And what happens if we don't hold others accountable? Would it be like the wild west all over again?
For me it comes down to doing a job so well that I'm a hard act to follow. I want a legacy that lasts well beyond my working years. Knowing that I hold myself to a certain standard and code of ethics reassures me that I'm on the right track. Because it's NOT ok to act anything but honorably, honestly, justly, responsibly, and legally. It's NOT ok to create a hostile work environment like the individual in the opening paragraph did. And it IS our responsibility to hold people accountable for the bad choices they make. Especially when those choices hurt others and break the public trust of the positions they hold.
Yes, we do need a solid code of ethics to follow no matter what we do as professionals. It's important to be GREAT at what you do AND a good person while you do it.
So what ever happened to that so-called director with the fancy title? Well, he DID get to keep his CISSP. However, he ended up with a BIG dose of the same medicine he was dolling out all those years. For all the people he laid off, mistreated, abused and showed such blatant disregard for he was repaid with disgrace, shame and some might say - justice. What goes around comes around.
So what makes it necessary for us to follow a code of ethics? Who's going to catch me if I violate or break an ethics code or two? More importantly who is going to turn me in? We're all too busy. Who wants to bother with that mess? And what happens if we don't hold others accountable? Would it be like the wild west all over again?
For me it comes down to doing a job so well that I'm a hard act to follow. I want a legacy that lasts well beyond my working years. Knowing that I hold myself to a certain standard and code of ethics reassures me that I'm on the right track. Because it's NOT ok to act anything but honorably, honestly, justly, responsibly, and legally. It's NOT ok to create a hostile work environment like the individual in the opening paragraph did. And it IS our responsibility to hold people accountable for the bad choices they make. Especially when those choices hurt others and break the public trust of the positions they hold.
Yes, we do need a solid code of ethics to follow no matter what we do as professionals. It's important to be GREAT at what you do AND a good person while you do it.
So what ever happened to that so-called director with the fancy title? Well, he DID get to keep his CISSP. However, he ended up with a BIG dose of the same medicine he was dolling out all those years. For all the people he laid off, mistreated, abused and showed such blatant disregard for he was repaid with disgrace, shame and some might say - justice. What goes around comes around.
No comments:
Post a Comment