Cybersecurity has become a pertinent concern, as novel technological innovations create opportunities for threat actors to exfiltrate sensitive data. To meet the demand for professionals in the workforce, universities have ramped up their academic offerings to provide a broad range of cyber-related programs (e.g., cybersecurity, informatics, information technology, digital forensics, computer science, & engineering). As the tactics, techniques, and procedures (TTPs) of hackers evolve, the knowledge and skillset required to be an effective cybersecurity professional have escalated accordingly. Therefore, it is critical to train cyber students both technically and theoretically to actively combat cyber criminals and protect the confidentiality, integrity, and availability of data and systems.

Relevant literature has analyzed the critical need for practical instruction along with theoretical knowledge but has not presented a solution-driven approach to combatting the ethical conundrum that surfaces from this. However, the technical instruction of students brings to light the ethical concern regarding hacking education, as an educator could be teaching a future black hat hacker and cyber professional at the same time. Consequently, the purpose of this paper is to examine the implementation of hacking as a learning tool within the college education system from an ethical standpoint. Meta-synthesis, a qualitative research methodology, was selected for this study because it allows for the review and integration of findings from an array of previously published research. Specific criteria relating to the source origin, publishing date, topic, and research type were strictly defined so the synthesized information could be amalgamated together to reach a novel result. The paper’s hypothesis states that by utilizing the current research regarding hacking and technical instruction of cyber-oriented students on the collegiate level, an implementation plan could be recommended to ensure that the education provided promotes and upholds ethical values within students.

The culmination of this research study provides an implementation plan that establishes guidelines for hacking-related training on both the departmental and college-wide levels. The five recommendations proposed are courses in ethics and law, university-wide computer policies, strict documentation and student conduct processes for policy violations, involvement of IT in the design and utilization of lab spaces, and strong emphasis on affiliation with peer-led initiatives. The plan considers a variety of social, technology-based, and ethical constructs that when implemented, will help mitigate student abuse of learned technical knowledge while also supporting the proper formation of their ethical beliefs during collegiate studies.