In 1982, a science fiction writer by the name William Gibson coined the term ‘Cyberspace’ [2]. Cyberspace may be defined as the national environment in which communication over computer networks occurs. It is a computer network that integrates and incorporates a worldwide network of computer networks. These networks use the TCP/IP (transmission control protocol/ internet protocol) network protocols for facilitating data transmission and exchange.

While cyberspace takes into account the overall functioning of all these components, it also commands safety and reliability due to the huge amount of data traveling across cyberspace. This data may be highly sensitive. Data protection and integrity of computing assets that are a part of an organization’s network are critical. Hence, there is a need to defend the assets from any kind of cyber-attacks. Cybersecurity may be defined as the process of preventing any damage, followed by protecting, and restorating the computers, electronic communications services, wire communication, electronic communications systems, and electronic communication [3].

Cybersecurity refers to the body of technologies, processes, and practices designed for the protection of networks, devices, programs, and data from attack, damage, or unauthorized access. It incorporates securing the networks, applications, information, and operations that take place over cyberspace.

These components may incorporate within themselves some information, and for securing these components and the data within it, it is mandatory to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation which are basically the pillars of cybersecurity [14].

Figure 1.1 describes the pillars of cybersecurity which are essential for securing cyberspace. They are as follows:

Over the last few decades, cyberspace has expanded tremendously and has influenced several other fields like healthcare, finance, technology, business, etc. As cyberspace got associated with these fields, the underlying risks of cybersecurity also made their way into these fields. The interaction of humans with cyberspace has also increased with the advancement of technology. This has also contributed a lot to the cybersecurity risks [15]. As people are connected to each other using such a substantial platform, a lot of activities take place over cyberspace that are morally wrong. Internet crimes have shown an upward trend in graphs over the last decade, indicating the number of crimes that have been increasing day by day [16]. A large chunk of crimes committed in cyberspace may be traced down to employees working within an organization. Sometimes these employees target their previous work places. Spam and phishing emails for ransomware infection are another form of cyber-attacks that are common. Much of these cybersecurity crimes can be attributed to a lack of end user cybersecurity training. The lack of end-user cybersecurity training can be traced down to few observation points:

Thus, there is a need to highlight the importance of cyberethics.

Cyberethics presents certain situations in the form of behavior as good or bad, and right or wrong. Cyberspace may be influenced by both people as well as technology. Cyberethics gives an overview of the situations and challenges that arise in the cyberspace due to people and technology. Cybersecurity ethics is a part of cyberethics. While cyberethics deals with computers and networks and programs and the people and organizations that use them, cybersecurity ethics is more concerned about the ethics associated with the practice of cybersecurity, usually what is done by the cyber professionals.

As we know, neither cybersecurity issues know any bound, nor does cyberspace. Thus, there are no physical borders when it comes to cyberspace. Although national and international laws exist, cyberspace is global. Therefore, ethics in cyberspace is also global as well as interconnected.

Cyberethics may be defined as the code of responsible behavior over cyberspace. Laws are the outcomes of Ethics. Ethics are principles that are responsible for guiding a person or society. They are created to decide what is good or bad, and what is right or wrong in a given situation. It is used for regulating a person’s conduct and also assists individuals in living better lives by considering basic moral rules and guidelines.

Thus, ethics promotes a sense of fairness and promotes acceptable behaviors. Ethical practices are useful for identifying what unacceptable behavior looks and feels like. Ethical behavior requires courage, i.e., say something if you see something that is morally wrong, and to stand up against what is morally wrong. Ethical behavior also requires humility, i.e., if you are ethically wrong, accept it because wrong decisions can be made by anyone.

The concept of Cyberethics is not confined, rather varies across many definitions. Wikipedia defines ‘cyberethics’ as the philosophic study of ethics for computers. It also highlights user behavior, what computers are programmed to do, and the effect of this on individuals and the society [4]. Further, Pusey and Sadera defined cyberethics as a set of “moral choices made by individuals using Internet-capable technologies and digital media [5]. Cyberethics is also referred to as a branch of applied ethics that explores the issues related to computer/information and communication technologies morally, legally, and socially. Sometimes it is also mentioned as Internet ethics, computer ethics, and information ethics. The expression “Internet ethics” is quite narrow as it is not enough to investigate the expanse of cyber-related ethical issues that are due to independent internet and networked computers. Therefore, there is a need to explore a new type of ethics which has emerged over the last few decades as a result of the creation of the Code of Computer Ethics. This new kind of ethics may have a binding effect on the professional, especially if the code is incorporated into work ethic and procedure. The Centre for Internet Security has its own definition of cyberethics which is, “the code of responsible behavior on the internet [6]. Thus, in general, cyber-ethics encourage the use of appropriate ethical behavior and acknowledge rights and responsibilities that are associated with online environments and digital media.

Ethics in cyberspace may be described in the following ways:

Security is essentially about protection against the unauthorized access of data. It is specifically conducted by deploying security controls to limit who can access the information. Security is primarily concerned with the protection of data while stored, in transit, and during processing, and the related informational assets like servers and mobile devices

Privacy deals with an individual’s right to own the data that is originally triggered by his or her life and activities, and for restricting the outward flow of that data. personally identifiable information (PII), personal health information (PHI), Personal Financial Information (PFI), etc., are some private information related to a person.

Figure 1.4 describes privacy and security. Privacy deals with information collection, using, and disclosing personal information in an authorized manner, data quality and access to personal information. Security is primarily concerned with confidentiality, integrity, and availability.