Ethics can be considered as the center stage of all businesses. When it comes to the IT industry, there is plenty of scope for growth and new developments (Durkheim, 2011). With the advent of malware programs, IT organizations have become worried and extremely afraid. They are unable to handle huge infrastructures without the help of IT security professionals. However, the question if IT security professionals work with ethics is a big one!
Ethics is a collection of solid principles that can shape the decisions and organization or person makes. It is up to the IT security personal to decide if a price is just for the organization’s protection. The final decision depends on the security professional (Goldman, 1981). And, asking for several thousands of dollars for IT security is questionable. It opens space for many ethical concerns.
Identification of two Ethical Issues
As an IT security professional increases his/her hourly charges, it would question on their fundamental responsibility as a standalone agent for the common good for all organizations. A just price has to be defined for the services offered. The price should guarantee a reward and a profit, preventing economic exploitation of IT companies. In this contemporary IT society, the final cost of security professionals is set by demand and supply (Postema, 1980). There is very little consideration of the medieval concept called “Just Pricing”. Without the presence of “Just Pricing”, it is very difficult to decide if the exorbitant pricing of IT security professionals is ethical or not. Though the current IT scenario presents a series of opportunities for professionals, it is at the cost of vulnerable organizations and workspaces. This brings into light questions of “respect of freedom” and “maximization of welfare”.
When IT security professionals take into consideration an organization’s current technical requirements and increases their rates, they would fail to serve the common society. That is because, consumer needs differ from one socioeconomic class to another (Weiss, 2017). However, the services offered could be the same. If a professional charges more from small companies and less from big companies (for a given reason), it results in many ethical problems. Due to the presence of serious network attacks and malware programs, the small organizations will be forced to make an investment. They will not be able to benefit from the fair price based demand and supply concept. According to critics, high price quotes during the time of need can be demonstrated as “greed”. This is something the society strongly disapproves.
Analysis of Professional Codes
According to any Professional codes of ethics, employees and organizations should adhere to the following:
- Professionals in the IT sector must assure integrity. They must be honest and straightforward in all forms of business and professional relationships. That means, IT security professionals should be honest with their quotes and services. Their services should be based on fixed prices. The organizations should be able to judge the cost of a service without consulting the IT professional himself (CFA Institute, 2014). This is the level of honesty and transparency a professional should exhibit.
- The professional IT security consultant should stress on objectivity. There should be no conflict of interest or overridden business judgements. The IT security professionals must not make judgements based on the organization’s wealth or current environment. The decisions must be made with respect to their technological needs.
- When an IT security professional makes a quote, the final figure should be based on current development techniques, practice and legislation. The Security professional should charge based on professional standards when certain professional services are provided. There must be due care and professional competence in the process ("Code of ethics for professional accountants", 2005).
- The IT security professional must take into account confidentiality of information. They should not misuse the organization’s current security status to determine quotes. Information must be used with positive motives and a clear workflow.
Evaluation of Ethical Issues
Unfortunately, many IT security professionals fail to follow the above mentioned code of ethics. With the freedom to quote high price figures, many professional codes of ethics are violated.
When the IT security professional doesn’t offer “Just Pricing”, they are no longer serving integrity or confidentiality. Information is misused to quote a better figure. According to professional codes of ethics, the current business state of an organization must not be used to decide a price. The final price should be based on the technical factors involved. IT Security professionals who change prices based on the organization’s stature and abilities are unethical. They are not doing justice to their role, job or the society. This can introduce lots of uncertainty in the industry. Businesses will be forced to spend several thousand dollars on their security measures. Unfortunately, the actual price of security could be lower (Zwolinksi, 2008).
The IT security professional breaks the norms of objectivity and professional competence by charging more from different companies. When it comes to making a quote, the price should be the same for a specific task from all levels of the organization. The decisions should be based only on technical parameters. When an IT security professional shows the signs of greed, it breaks most of the codes of ethics. Anti-price-gouging laws claim that IT professionals who alleviate organizational needs and prices would harm the very people they are meant to help. This makes the entire situation unethical.
On the whole, price gouging by IT security professionals is an unethical move. IT security is a critical component of any business. With an ever rising number of network attacks, malware programs and threats, IT security professionals have bigger responsibilities. They break several professional codes of ethics by charging more. It is necessary for IT professionals to think before they quote a bigger figure. In the long run, it would have an impact on the entire society. For example, if IT professionals charge more to handle malware programs like the ransomware, they are likely to risk the entire society. That is because a single turned on machine can spread the infection to other devices. And, a high price quote, would stop organizations from working against such malware.
CFA Institute (2014). Code of ethics and standards of professional conduct. Retrieved from
Code of ethics for professional accountants (2005, June). Retrieved from
Durkheim, E. (2011). Professional Ethics and Civic Morals. South Carolina, U.S.A: Nabu Press
Goldman, A.H. (1981). The moral foundations of professional ethics. Ethics, 92(1)
Postema, G. (1980). Moral responsibility in professional ethics. Retrieved from
Snyder, J. (2009). Efficiency, equity, and price gouging: A response to Zwolinski. Retrieved from
Weiss, S. (2017). The ethics of price gouging. Retrieved from
Zwolinksi, M. (2008). The ethics of price gouging. Retrieved from