Organizing cybersecurity in action : a Pragmatic Ethical Reasoning approach

Abstract

This paper contributes to the literature on cybersecurity governance by suggesting an approach based on pragmatism. As Jeffrey Sachs in his The Age of Sustainable Development, 2015, reminds us: “The essence of sustainable development in practice is scientifically and morally based problem solving”. Cybersecurity deals with problem solving in complex socio-technical settings where ethics and organizational learning are tightly related. The paper draws on pragmatism because from its earliest formulation, pragmatist thought was anchored to a dual interest in ethics and science. Under this lens, pragmatic ethics cannot exist as a set of rules or principles, but rather requires a cyclical, empirical process whereby ethical principles and context interact to promote justice among stakeholders in the research of reliable solutions during the unravel of critical events. As a result, an Ethically oriented Cybersecurity Approach (ECA) based on Pragmatic Ethical Reasoning (PER) is proposed for managing unexpected critical events when organizations must learn on-the-fly and improve their security profiles.