REVIEW: "IT Ethics Handbook", Stephen Northcutt

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Dec 13, 2004.

  1. BKITETHB.RVW 20041010

    "IT Ethics Handbook", Stephen Northcutt, 2004, 1-931836-14-0,
    %A Stephen Northcutt
    %C 800 Hingham Street, Rockland, MA 02370
    %D 2004
    %G 1-931836-14-0
    %I Syngress Media, Inc.
    %O U$49.95/C$69.95 781-681-5151 fax: 781-681-3585
    %P 604 p.
    %T "IT Ethics Handbook"

    This isn't a very good book about ethics, but it is a useful book.
    It's just got the wrong title.

    The introduction doesn't provide any proper background to the study of
    ethics. The brief review of related terms doesn't give much in the
    way of help: ethics are defined as personal principles, and
    differentiated from morals only in that the latter are assumed to be
    accepted from some outside source. (This distinction makes ethics
    appear to be the base, uneducated, conscience.) Most of the anecdotes
    listed deal with cultural, rather than ethical, issues.

    The work contains hundreds of questions or scenarios. These are
    divided into twenty topical chapters, although the categorization
    isn't particularly solid. Chapter one, "System Administration and
    Operations," starts off with a series of items more directly related
    to development, even though there is a "Programmers and Systems
    Analysts" chapter later on. Each item is presented with a
    "conservative" view, a "liberal" perspective, and a summary. (There
    are also "soapboxes" and anecdotes, bringing personal views and real
    experiences to the discussion. I'd forgotten that I'd actually
    submitted one, until I came across it on page 500.) Interesting
    points are raised, but these are seldom based in ethics, tending to
    deal more with standards of formal policy as opposed to the messy
    practicalities of life.

    It is, in fact, in the field of policy creation and review that this
    volume should be used. Over and over again it challenges commonly
    accepted policies and practices in the security field. Is your usage
    policy flexible enough to cover all cases? Does your monitoring
    policy run counter to the law? Does your disclosure policy help or
    hinder the development of secure products?

    The book raises lots of questions, although it provides few answers.
    (What advice exists is occasionally contradictory, such as the
    recommendations regarding email monitoring on page 33 versus 107.) At
    times the material doesn't even deal with policy issues: chapter
    five's content on email scams is more relevant to personal security
    matters such as phishing.

    Some, although relatively few, of the items can be used for scenarios
    when discussing ethics. Almost all of the questions can be used
    during an assessment of the coverage of a corporate security policy.
    So, yes, the book is useful for those in the security field. (It
    would have been even more useful if an index had been included.)

    copyright Robert M. Slade, 2004 BKITETHB.RVW 20041010


    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Book reviews: [Base URL]mnbk.htm
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Dec 13, 2004
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Father Joeseph Murphy O'Brian

    Re: Stephen Hawking Not So Smart After All

    Father Joeseph Murphy O'Brian, Oct 11, 2003, in forum: Computer Support
    Father Joeseph Murphy O'Brian
    Oct 11, 2003
  2. Edward Holub
    Jan 28, 2004
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Intrusion Signatures and Analysis", Stephen Northcutt et al

    Rob Slade, doting grandpa of Ryan and Trevor, Oct 1, 2003, in forum: Computer Security
    Rob Slade, doting grandpa of Ryan and Trevor
    Oct 1, 2003
  4. Doug MacLean
    Jun 22, 2006
  5. Steve
    Paul Furman
    Nov 26, 2008