Jeroen van der Ham
[FIRST and University of Twente]
Jeroen van der Ham is a researcher at the National Cyber Security Centre in the Netherlands (NCSC-NL), he also holds guest appointments at both TU Delft as well as the University of Amsterdam. His research interests are in the (developing) ethics of cyber security.

Jeroen has a mostly technical background, studying Cognitive Artificial Intelligence at Utrecht University, followed by System and Network Engineering. In 2013 he obtained his PhD on semantic descriptions of complex computer networks.

Since 2014 he has become interested in computer ethics after realising that there may be ethical issues with a research on measuring PirateBay website users. This lead to a coauthored paper with Aimee van Wynsberghe: “Ethical considerations of using information obtained from online file sharing sites – the case of the Piratebay”, as well as participation in the Dagstuhl Seminar on Ethics in Data Sharing.

EthicsFIRST: Considering Ethics for Incident Response and Security Teams

Have you ever been asked to do something at work that made you uncomfortable or went against your values; things that were considered part of your legitimate job? As technology continues to evolve at a rapid pace, incident response and security teams are having to act and react to more challenging situations: vulnerability disclosures across industries, complexity introduced by third party components, increasing number of security breaches, and continued resourcing issues.

Where are the lines? Who decides? What if you don’t agree?

The FIRST Ethics SIG has created a code of ethics (EthicsfIRST) that incident response and security teams can adopt or use as a template to create their own. It can be used as a framework to think about how situations "should" be handled in responding to incidents. The 12 principles are formulated as statements of responsibility, based on the understanding that the public good and trust are always the primary considerations.

Each principle is supplemented by guidelines, which provide explanations to assist computing professionals in understanding and applying the principle.

This talk will discuss the 12 duties of the EthicsfIRST code and the guidelines to understanding and applying each to your organization.

Spaces Selling Fast!