Skip to main content
Search
MENU
What are you looking for?
Close

Ethical Principles for Individuals

The UK Cyber Security Council Ethical Principles for Individuals are written for practitioners in Member Organisations, but are equally applicable to practitioners from non-member organisations. They help individuals working in the cyber security profession both to conduct themselves in an ethical manner and to balance often conflicting interests and demands, enabling individuals to meet the highest standards of professional conduct.

Member Organisations should make the Ethical Principles for Individuals accessible both to their employees and to contractors or subcontractors. 

Member Organisations may have their own ethical requirements for their individual members. The Council’s guidance is intended to ensure that such requirements include the Council’s Ethical Principles, not to replace them. 

Member Organisations that are also Licensed Bodies with the UK Cyber Security Council must have in place a process to meet the principles of the Council’s ethics and standards that their Council registrants adhere to. 

UK Cyber Security Council – Ethical Principles for Individuals 

Competition | Honesty | Inclusion | Integrity | Lawful behaviour | Professionalism | Reporting |Competence 

Fair Competition 

  • I will not make unjustified comparisons or competitions with other providers when carrying out my business
  • I will not misrepresent the functionality of their products nor the abilities of their staff
  • I will not enter into arrangements or agreements with competitors that will facilitate anticompetitive practices 

Honesty 

  • I will be honest in the conduct of my activities and services
  • I will neither make nor endorse false or unjustified statements
  • I will not withhold important information 

Inclusion 

  • I will always act in a non-discriminatory manner, showing respect for others

Integrity 

  • I will always act with integrity and not in any way as to cause malicious detriment to others

Lawful behaviour 

  • I will demonstrate ethical behaviour and comply with applicable laws, legislation, and regulations
  • I will act morally as well as lawfully in my practices

Professionalism 

  • I will conduct myself in a professional manner, taking time to consider my actions and language
  • I will maintain high professional standards
  • I will assist others when they need help, guidance, or advice

Reporting 

  • I will practice responsible reporting when cyber security risks, vulnerabilities and threats are identified
  • I will practice responsible reporting of unlawful activity that is witnessed or suspected
  • I will not retaliate against someone who reports on violations

Competence 

  • I will acquire and maintain the professional knowledge and the skills required to perform my business function as the cyber security sector evolves, seeking support and guidance when needed

Resources

View the Council's list of example Ethics scenarios and responses for both Organisations and individual practitioners

Professional ethics for organisations

The Council has published a Code of Ethics for organisations.

Read more

Related News

Update on UK CSC Professional Registration and Re-Validation Requirements - Security Testing

05 June 2025

Infosecurity Europe 2025 Show Preview

29 May 2025

Cyber Overwatch to Exhibit at InfoSec 2025

28 May 2025
See All News

Contact us

We welcome questions, comments and feedback.

Get in touch