ISC2 Launches Global Code of Professional Conduct for Cybersecurity

News provided by

Feb 24, 2026, 06:00 ET

Developed by cyber professionals worldwide, guidance codifies obligations and responsibilities of the profession, reaffirming ethical behavior across a rapidly evolving digital landscape

ALEXANDRIA, Va., Feb. 24, 2026 /PRNewswire/ -- ISC2 – the world's leading nonprofit member organization for cybersecurity professionals – today launched the Code of Professional Conduct (Code), a global framework dedicated to principled and ethical practices across the cybersecurity profession. Building upon the ISC2 Code of Ethics, the Code establishes clear expectations for the responsibilities and obligations of cybersecurity leaders and practitioners around the world. It provides guidance for cybersecurity professionals to make sound decisions, foster trust and uphold the highest integrity of the cybersecurity workforce.

As the cybersecurity profession continues to navigate ethical challenges such as those posed by artificial intelligence (AI), disinformation and evolving digital threats, the Code will reinforce how professionals can navigate complex and other unprecedented situations with integrity and confidence.

The Code will be a living document that is amended and refined as the cybersecurity profession continues to evolve. Developed with input from nearly 1,400 cybersecurity professionals, endorsed by the ISC2 Professional Conduct (Ethics) Committee and approved by the ISC2 Board of Directors, the Code serves as a standard for all cybersecurity practitioners, regardless of their location, experience or certification, to enable principled decision-making and promote professional accountability. It is akin to codes of conduct across other professionalized disciplines, such as accounting, finance, healthcare and law.

"Cybersecurity professionals have a profound responsibility not only to protect and secure individuals, organizations and systems around the world but also to uphold the integrity, accountability and trust that the profession depends on," said ISC2 Chief Executive Officer Scott Beale, CC. "The Code provides a shared foundation for guiding ethical decision-making and professional conduct, especially as emerging technologies like AI reshape how organizations operate and how security decisions are made. Leveraging the collective input and decades of experience from more than 1,000 ISC2 volunteers, the Code provides comprehensive guidance for everyone working in the cybersecurity field."

https://www.isc2.org/certifications/cc https://www.isc2.org/certifications/cissp

The Development of the Code
ISC2 facilitated the development of the Code through a dedicated task force of diverse volunteers from across the globe who met regularly to discuss the challenges cybersecurity practitioners face in the course of their professional duties and the opportunities that this Code could present.

"As emerging technologies, particularly AI, become more integrated into cybersecurity and organizational workflows, we created guidelines on ethical implementation and integration," said ISC2 Member and Code Volunteer Panos Vlachos, CCSP. "Our goal with the global Code is to ensure that AI and other transformative innovations align with ethical best practices, fostering responsible adoption while mitigating potential risks."

Key stages included gathering feedback from ISC2's membership across the globe and additional sources in academia, industry and other guiding bodies. Input from volunteers and contributors ranged in varying levels of experience, from Certified in Cybersecurity (CC) holders to those with advanced credentials such as the Certified Information Systems Security Professional (CISSP), to ensure and validate that the materials are suitable for all professionals in the industry.

The Code is organized around two guiding principles, including Ethics and Professional Conduct. Within the Ethics section, the Code discusses topics such as integrity, confidentiality, respect for laws and regulations and public safety and societal impact. Whereas, the Professional Conduct section outlines topics such as responsibility and accountability, collaboration and teamwork, competence and continuous improvement, as well as reporting issues and concerns. Together, these principles offer clearer guidance and support for cybersecurity professionals.

"I hope ISC2 members and cybersecurity professionals will use the Code of Professional Conduct as both a guide and a mirror to inform their daily decisions and also reflect on their paramount role in shaping a safer cyber world," said ISC2 Member and Code Volunteer Srija Reddy Allam, CISSP, CCSP. "In a field like cybersecurity, where not every situation has a clear rulebook, the Code can serve to navigate gray areas with integrity. I also hope it becomes a shared foundation across the profession, encouraging accountability, fostering trust and reinforcing that how we work is just as important as what we do."

To explore the new ISC2 Cybersecurity Code of Professional Conduct, visit: http://www.isc2.org/about/Code-of-Professional-Conduct.

About ISC2

ISC2 is the world's leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 265,000 certified members, and associates, are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity's premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, the Center for Cyber Safety and Education, helps create more access to cyber careers and educates those most vulnerable. Learn more, get involved or become an ISC2 Candidate to build your cyber career at ISC2.org. Connect with us on X, Facebook and LinkedIn.

Media Contact:
Amanda Steinman
Senior Corporate Communications Manager
ISC2
[email protected]

SOURCE ISC2