menu close
  • Back

Cloud Security Architect - Canon Business Services ANZ

Anthony, affectionately known as Anto, hails from Perth, Western Australia. With over 15 years of IT experience, Anto has spent the last 5 years specialising in Microsoft cloud technologies. Currently, he serves as a Cloud Security Architect at Canon Business Services ANZ, where he leverages his expertise in Microsoft Intune and Defender XDR to enhance security and streamline operations.

Anto’s career journey began in Microsoft Cloud Managed Services helpdesk, progressing through various cloud infrastructure projects, and ultimately focusing on cloud security. He is a strong advocate of the “KISS” model – Keep It Simple Stupid – ensuring that solutions are secure and effective, while still being admin and user-friendly.

Outside of his professional life, Anto enjoys spending time with his family and tinkering with his Subaru. He is also a regular at the Perth-based Microsoft Security Meetup user group, where he shares his knowledge and insights with the community.



Understanding cybersecurity ethics

So, what exactly are cybersecurity ethics? Think of them as the ethical principles guiding our actions in the field, steering us through complex and often murky digital landscapes. Protecting digital assets is about ensuring trust, fairness, and accountability.

Key principles? Privacy, fairness, transparency, and accountability. These aren’t just buzzwords—they’re the cornerstones of ethical practice in cybersecurity.

  • Privacy ensures individuals’ personal information is protected and respected.
  • Fairness involves treating all stakeholders equitably and avoiding biases when implementing security measures.
  • Transparency means being open about our practices, policies, and any incidents that occur.
  • Accountability involves taking responsibility for our actions and decisions, especially when things go awry.

Why are these principles so crucial? Because they help us navigate ethical dilemmas that aren’t always black and white. In cybersecurity, we often face situations where the right course of action isn’t immediately clear. A solid ethical foundation helps us make decisions that protect assets and uphold the rights and trust of the people we serve.

Cybersecurity. It’s not just about firewalls and antivirus software anymore. In today’s interconnected world, where nearly every facet of our lives is touched by digital technology, protecting sensitive information is more critical than ever.

Data breaches and cyber-attacks aren’t just headlines—they’re daily occurrences that can devastate individuals and organisations alike in New Zealand. According to the Australian Signals Directorate’s (ASD) Cyber Threat Report 2022–23, over 33,000 calls were made to its Australian Cyber Security Hotline, an increase of 32 per cent from 2021-22. ASD's Australian Cyber Security Centre also received over 94,000 reports of cybercrime over the financial year, an increase of 23 per cent from 2021-22.

But here’s the kicker—it’s not just about the tech. There’s a whole ethical side to this that we can’t ignore. Think of cybersecurity as a high-stakes game of chess. While we’re busy strategising our next move to outsmart cyber adversaries, we should also be mindful of the rules of the game—the ethical considerations that govern our actions. So, let’s explore how cybersecurity and ethics intersect.

Why? Because ethical behaviour is just as important as technical know-how. Without ethics, we risk becoming the very thing we’re trying to protect against. We need to understand our responsibilities and promote ethical awareness in our industry.

Privacy and confidentiality


Protecting personal and sensitive information is a cornerstone of cybersecurity. Ethical data handling involves responsible practices in collecting, storing, and sharing information. Ensuring privacy and confidentiality is a legal requirement under laws like the Australian Privacy Act 1988 and an ethical obligation that builds trust with clients and the public.

High-profile cases, such as the Cambridge Analytica scandal, underscore the severe ethical implications of mishandling data and highlight the necessity for stringent privacy protections. Closer to home, the 2020 cyber-attack on Services Australia exposed vulnerabilities in government systems, raising concerns about how personal data is protected.

As cybersecurity professionals, implementing robust measures to safeguard data and upholding the highest standards of privacy and confidentiality is paramount. That means meeting the minimum legal requirements and going above and beyond to protect the sensitive information entrusted to us. For instance, adopting encryption standards for data at rest and in transit, regularly updating security protocols, and conducting privacy impact assessments can significantly enhance data protection.

We should also be transparent with users about how their data is collected, used, and stored. Providing clear privacy policies and giving individuals control over their information aren’t just regulatory checkboxes—they’re essential practices for maintaining ethical standards.

By prioritising privacy and confidentiality, we protect individuals from potential harm and reinforce the trust essential for our digital society's functioning.

Get in touch

Talk to us today to optimise your operations.

Contact Us

Fairness and non-discrimination

Fairness in cybersecurity is non-negotiable. We can’t afford to have biases in our algorithms or profiling—it leads to discrimination, plain and simple. When security measures inadvertently target or disadvantage certain groups, we undermine the very principles we’re supposed to uphold.

Promoting diversity and inclusion within our teams isn’t just nice to have; it’s crucial. Different perspectives help us spot and mitigate biases that homogeneous groups might overlook. By bringing together individuals from various backgrounds, we enhance our ability to create fair and effective security solutions.

Ethical practices that prioritise fairness and create an inclusive environment for everyone mean actively seeking out diverse talent, fostering a culture where all voices are heard, and continuously reviewing our systems for unintended biases. It’s like tending a garden—you need a variety of plants to create a balanced ecosystem.

Transparency and accountability

Transparency builds trust. It’s that simple. Being open about our practices and incidents is vital in a field where so much happens behind the scenes. We need to be upfront about vulnerabilities and breaches to affected parties and the public. When organisations hide breaches or delay notifications, they violate ethical standards and risk severe legal consequences.

Accountability means owning our actions and decisions and having measures in place to address any ethical lapses. It’s not just about saying “sorry” after something goes wrong—it’s about having proactive policies and a culture that emphasises responsibility at every level.

For instance, implementing clear incident response plans that include timely disclosure protocols ensures everyone knows what to do when a breach occurs. Regularly reporting on security practices and being open to external audits can further enhance transparency.

This transparency and accountability maintain the integrity of our cybersecurity efforts and foster public confidence. Think of it like a bank vault—you can have the strongest vault in the world, but if people don’t trust the bank, they’ll take their money elsewhere.

Balancing security and ethical considerations

Here’s where it gets tricky—balancing security needs with ethical principles. Sometimes, we face dilemmas that aren’t easy to navigate. For example, suppose you discover a vulnerability in widely used software that malicious actors could exploit. Do you disclose it publicly to alert users, potentially exposing them to immediate risk? Or do you inform the software vendor privately, hoping they’ll fix it quickly but risking that the vulnerability might be exploited in the meantime?

It’s a tough call. But we need to consider both the security and ethical implications. Responsible disclosure policies, also known as coordinated vulnerability disclosure, provide a framework for such situations. Under this approach, you report the vulnerability to the vendor and agree on a timeline for public disclosure, allowing them time to patch the issue while ultimately informing the public.

Strategies? Stick to ethical guidelines, seek advice from peers or ethics committees, and always prioritise the greater good. It’s like walking a tightrope—you need balance and a clear focus to get to the other side safely.

Your organisation's well-defined code of ethics can guide decision-making in these grey areas. Engaging in continuous ethical training and fostering an environment where ethical considerations are openly discussed can prepare teams to handle these challenges.

By carefully balancing security needs with ethical principles, we can make decisions that protect the digital infrastructure and the rights and trust of those who depend on it.

Ethical responsibilities of cybersecurity professionals

As cybersecurity professionals, we have a duty to uphold ethical standards. This means following guidelines and codes of conduct from organisations like the ISC, which outlines principles such as protecting society and infrastructure and acting honourably, honestly, justly, responsibly, and legally. The Australian Computer Society (ACS) also provides a Code of Professional Conduct emphasising honesty, competence, and professional development.

Continuous ethical education and training are essential. Cybersecurity is a rapidly evolving field, and with new technologies come new ethical challenges. For example, the rise of artificial intelligence and machine learning introduces complex data use, bias, and accountability issues.

We need to stay informed about emerging ethical issues and reinforce the importance of ethical behaviour in our work. Participating in professional development programs, attending ethics workshops, and engaging in discussions with peers can help keep us abreast of the latest developments.

Fostering a culture where ethical considerations are part of everyday conversations, not just annual training modules, should be a priority on all organisations’ agendas. This can include setting up ethics committees, providing channels for reporting unethical behaviour, and recognising employees who demonstrate ethical leadership.

By actively embracing our ethical responsibilities, we not only uphold the standards of our profession but also contribute to a more secure and trustworthy digital environment.

In the end, integrating ethics into our cybersecurity practices isn’t just a noble ideal—it’s essential for building a secure and trustworthy digital environment. By adhering to principles like privacy, fairness, transparency, and accountability, we can navigate the complex landscape of digital security with integrity.

The future of cybersecurity ethics depends on our commitment to these standards. As technology continues to evolve, so will our ethical challenges. Will we rise to meet them?

It’s a call to action for all of us to prioritise ethics in our work and contribute to a safer, more ethical digital world. By doing so, we protect systems and data and uphold the values that make our digital society worth defending.

Remember, in cybersecurity—as in life—it’s not just about what we do but how we do it.

Similar Articles

VIEW ALL

What is Security Automation?

Learn how automated security transforms cybersecurity, making it simpler and more efficient. Protect your business data with CBS New Zealand’s expert insights now!

What are the benefits of penetration testing?

Gain confidence in your digital security with the benefits of penetration testing. Enhance cybersecurity, identify vulnerabilities, and fortify your defences with CBS New Zealand's expert insights now!

Cybersecurity Threat Detection: Proactive strategies

Stay ahead in cybersecurity with our 2024 guide on threat detection. Learn advanced technologies & response plans to protect your business against threats with CBS New Zealand.

Digital transformation in different industries

Discover how digital transformation is driving innovation across industries like healthcare, finance, and retail in New Zealand. Learn more.

How do you prevent phishing attacks?

Prevent phishing attacks with MFA, anti-phishing tools, and employee training to safeguard sensitive information and stay secure with Cannon Business Services New Zealand!

Ultimate guide to internal penetration testing

This Internal Penetration Testing guide covers techniques, analysis, and best practices for identifying vulnerabilities & strengthening your cyber defense in New Zealand.

RMM Meaning and its significance in IT management

Evolving technology, key benefits, and its impact on efficiency and security. protect your business data with CBS New Zealand’s expert insights now!

The role of AI in cyber security

Discover how AI enhances cybersecurity with faster threat detection and automated, real-time protection with Canon Business Services New Zealand.

SaaS vs managed services

Explore the key differences between SaaS and Managed Services for businesses in New Zealand. Find out more with expert insights from Canon Business Services!

The Threat Intelligence Lifecycle explained

Discover how to navigate the Threat Intelligence Lifecycle in 2024. Our guide covers phases, analysis, and best practices for cybersecurity decision-making in New Zealand.

What are the latest cyber threats and defense strategies?

Enhance cybersecurity, identify vulnerabilities, and fortify your defences with CBS New Zealand's expert insights now!

Understanding Blue Teams in cybersecurity

Explore Blue Teams' pivotal role in cybersecurity: their defense strategies, Red Team collaboration, and trends with CBS New Zealand's expert insights now!