Are we glorifying the attackers and prosecuting the victims?

Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

With all the media noise about Stuxnet, cyber war and cyber terror, I proposed taking a closer look at how we relate to the players. Whether  uber hackers or PLO terrorists;  are we glorifying  the attackers at the expense of  prosecuting the victims?

In data security  I don’t subscribe to utilitarian ethics  (which attempts to balance the benefit versus the damage of an act) and can lead to the ends justifying the means.

For data security and compliance – I recommend  the “Ten commandments” approach – if it’s not ethical to steal data then it’s never acceptable to steal data  – neither as an employee, contractor, consultant or hacker.

I  read a short article by the Chazon Ish (who passed away in 1953 and is well known for both his saintliness and extreme breadth of knowledge). He speaks about the importance of distinguishing between the attacker and the victim.   He explains how we must carefully tread the line of understanding who is the attacker and who is the victim.  Basic morality dictates showing compassion to the victim and and harshness to the attacker.   Therefore – how terrible it is when we mistakenly reverse the roles and show compassion to the attackers and penalize the victims!

Translated to the world of security and compliance – we can understand that a basic component of data security in the workplace, is an ethical approach where we maintain a clear identification of who is the malicious attacker and deal with him in an uncompromising and harsh way.  The vast majority of employees are not malicious attackers and there is no reason to penalize them as long as they comply with the company’s acceptable usage policy. On the other hand, there is no ethical basis to treat an attacker with compassion.

Like Sun Tzu wrote in “The Art of War” – “When you lay down a law, make sure it is not disobeyed”.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply