Abstract
This thesis explores issues of professionalism and ethical considerations relating to performing ethical hacking engagements for law firms. Cybersecurity has become a focus area for many organisations, due to the vast volume of information in the world and the ease of connectivity and sharing made possible by technologies such as the internet.
Law firms possess vast amounts of confidential and sensitive information; law firm clients expect that this information is privileged and will remain confidential. To maintain an appropriate level of confidentiality, law firms must ensure that their cybersecurity controls are adequate to protect the information they hold.
One aspect of a strong cybersecurity program is ensuring compliance and effectiveness of the controls that are implemented. The role of an ethical hacker is often used to test compliance and effectiveness by identifying vulnerabilities and validating an organisation’s security controls.
Previous research has explored issues around ethical hacking and the implications of teaching this subject within an academic curriculum. Much literature has discussed the exact nature of ethical hacking and what is involved in typical ethical hacking engagements. Due to the role played by an ethical hacker within an organisation, potential access to confidential information held by the law firms and the obligations of legal professionals to protect clients’ information, issues relating to ethics and professionalism require further research.
Law firms possess vast amounts of confidential and sensitive information; law firm clients expect that this information is privileged and will remain confidential. To maintain an appropriate level of confidentiality, law firms must ensure that their cybersecurity controls are adequate to protect the information they hold.
One aspect of a strong cybersecurity program is ensuring compliance and effectiveness of the controls that are implemented. The role of an ethical hacker is often used to test compliance and effectiveness by identifying vulnerabilities and validating an organisation’s security controls.
Previous research has explored issues around ethical hacking and the implications of teaching this subject within an academic curriculum. Much literature has discussed the exact nature of ethical hacking and what is involved in typical ethical hacking engagements. Due to the role played by an ethical hacker within an organisation, potential access to confidential information held by the law firms and the obligations of legal professionals to protect clients’ information, issues relating to ethics and professionalism require further research.
Original language | English |
---|---|
Qualification | Doctor of Information Technology |
Awarding Institution |
|
Supervisors/Advisors |
|
Place of Publication | Australia |
Publisher | |
Publication status | Published - 2020 |