Summary:
1. The cybersecurity industry is facing a dilemma of balancing rapid threat response with real-world consequences, leading to the rise of ethical cybersecurity practices.
2. ManageEngine, under the leadership of Romanus Prabhu Raymond, is championing an “ethical by design” approach to cybersecurity, focusing on transparency, fairness, and accountability.
3. The article discusses the integration of AI into cybersecurity operations, the importance of human oversight, and the challenges of navigating privacy-security trade-offs in the modern era.
Article:
As ransomware attacks like Akira and Ryuk continue to wreak havoc on organisations worldwide, the cybersecurity industry has been forced to rethink its approach. The knee-jerk reaction of building bigger walls and deploying aggressive automated responses is no longer sufficient. Romanus Prabhu Raymond, Director of Technology at ManageEngine, has shed light on a different problem emerging in the industry – the need to balance rapid threat response with real-world consequences. This has led to the rise of ethical cybersecurity practices, which are now considered one of the defining challenges of 2025.
In an exclusive interview before his presentation at Amsterdam’s Cyber Security Expo, Raymond shared insights on how leading organisations are breaking free from the traditional security-versus-privacy trade-off. ManageEngine, under Raymond’s leadership, has embraced an “ethical by design” approach to cybersecurity. This approach focuses on embedding fairness, transparency, and accountability into every product, ensuring that customer data remains solely with the customer and is neither monetized nor monitored by the company.
The integration of AI into cybersecurity operations has brought about new challenges, particularly in terms of accountability, transparency, and fairness. ManageEngine has adopted the “SHE AI principles” – Secure AI, Human AI, and Ethical AI – to ensure that AI-driven security solutions operate ethically. Human oversight remains integral to security actions, especially in sensitive environments like hospitals and banks where automatically blocking systems could have severe consequences.
Navigating the delicate balance between necessary security monitoring and privacy invasion is another key aspect of ethical cybersecurity practices. ManageEngine emphasizes data minimization, purpose-driven monitoring, anonymization, and clear governance structures to ensure that security and privacy are not mutually exclusive. The company collects only necessary information for security purposes, uses anonymized data for pattern analysis, and defines data access privileges and retention periods.
Raymond believes that technology vendors must act as custodians of digital ethics, earning trust through thought leadership, advocacy, and embedding compliance standards into products from the start. As the industry faces challenges like AI-driven autonomous security and quantum computing, ethical cybersecurity practices will play a crucial role in shaping the future of enterprise security. For organisations looking to integrate ethical considerations into their cybersecurity strategies, Raymond recommends adopting a cybersecurity ethics charter, embedding privacy and ethics in technology decisions, and operationalizing ethics through comprehensive training and controls.
In conclusion, the future of cybersecurity lies in responsible innovation, human oversight, and adherence to ethical principles. By embracing ethical cybersecurity practices, organisations can build trust, maintain security, and drive sustainable technological advancement in the digital age.
