Although information security policies have been adopted, many industries still experience the negative effects of non-compliance. These harms include unauthorized exposure of private customer information, trade secret leaks, and different cyber attacks. Such injury can have a huge effect. Monitoring the adherence of information security policies, also known as use policies, has been used as a way to improve security policy adherence in order to prevent this. Enhancing security policy compliance to stop harm is one of the key goals of usage policy monitoring. Ironically, usage policy monitoring might have negative effects. While defenders of use policy tilt to deontological ethics to argue against the monitoring of security policy, utilitarianism ethicists contend that use policy monitoring is improving security policy compliance. According to deontological ethics, monitoring security policies intrudes on employees' privacy and has a negative impact on their ability to execute their jobs. There had not been any apparent solution to this discourse. To determine the extent of security policy monitoring, a poll was undertaken. Therefore, the vulnerability principle was investigated as the magic bullet for improving the monitoring of usage policy to satisfy all involved parties.

Information security; vulnerability concept; ethics; security policy monitoring