If a person were to open up an LLM’s ‘brain’, the massive, high-dimensional vector space where these models live, they wouldn’t find a moral compass. They would find math.

Yet, as these systems navigate 2026 alongside humanity, it becomes clear that they are essentially mirrors reflecting the oldest philosophical battles. To understand the world of AI, one must understand the four lenses through which humans view it.

Descriptive Ethics: Microsoft Tay and the Cost of Learning from the Crowd

Descriptive ethics asks how people actually behave, not how they claim they behave. A defining case is Microsoft Tay, the Twitter chatbot released in 2016. Tay was designed to learn language patterns directly from public interaction. Within hours, coordinated users manipulated it into producing racist and extremist content. Microsoft shut the system down the same day.

From a descriptive standpoint, Tay did exactly what it was designed to do. It observed behavior and reproduced it. The system learned that provocation and hate generated engagement because that is what the data reflected. There was no internal concept of harm or social consequence.

From a cybersecurity perspective, this incident exposed a fundamental truth. Unfiltered learning is an attack surface. When a system is allowed to ingest live human behavior without strong constraints, it becomes vulnerable to manipulation. The lesson for practitioners is not moral outrage but architectural clarity. If users can shape model behavior directly, then the system must be treated as exposed infrastructure.

Normative Ethics: Google Gemini and the Risks of Encoding Values

Normative ethics concerns what should be allowed. This lens became visible during the Google Gemini image generation controversy in 2024. In an effort to mitigate bias, Gemini generated historically inaccurate images. These included depictions that altered well documented historical realities. Public backlash followed and Google paused the feature.

This was not a failure of data ingestion. It was a failure of value encoding. Normative constraints intended to promote fairness overrode factual accuracy. The system did not reason about history. It enforced rules that reflected contemporary values without sufficient contextual boundaries.

For security and governance teams, this incident illustrates that normative controls are powerful and dangerous. Rules that shape outputs must be carefully scoped and tested. Encoding values without clear constraints can distort reality and erode trust. Ethics implemented as policy logic must be auditable and reversible just like any other control mechanism.

Applied Ethics: Autonomous Vehicles and Irreversible Decisions

Applied ethics emerges when systems act in the physical world. A widely cited example involves autonomous vehicle failures, including the fatal pedestrian incident investigated during the Uber Advanced Technologies Group program. Investigations showed that the system detected the pedestrian but failed to classify the threat in time to stop.

This was not a philosophical dilemma. It was a timing and threshold failure. Sensor fusion, classification confidence, and decision latency combined into a lethal outcome. The ethical impact emerged from engineering choices.

In applied contexts, ethics is inseparable from system design. Decisions about acceptable error rates, override mechanisms, and escalation logic directly affect human safety. For practitioners, the lesson is stark. Ethics does not live in mission statements. It lives in parameters, defaults, and failure handling routines.

Meta Ethics: ChatGPT Hallucinations and the Illusion of Knowing

Meta ethics asks what moral concepts even mean when applied to machines. This question became operationally relevant in 2023 when a lawyer used OpenAI ChatGPT to generate legal citations. The model fabricated cases that appeared legitimate. The citations were submitted in court. Sanctions followed.

The system did not lie. It produced statistically plausible language that matched the pattern of legal writing. There was no internal distinction between verified truth and fluent fabrication.

This incident highlights why intent and sincerity are meaningless concepts for artificial systems. Models optimize for likelihood, not truth. Treating confident output as reliable knowledge creates systemic risk. From a governance standpoint, this reinforces the need for human verification and explicit boundaries around authoritative use cases.

What These Cases Teach Cybersecurity Practitioners

Each ethical lens exposes a different failure mode, but the conclusion is consistent.

• Descriptive ethics shows that models absorb human behavior as attack surface.
• Normative ethics reveals that values encoded as rules can distort reality.
• Applied ethics demonstrates that design choices produce real world harm.
• Meta ethics reminds us that machines do not understand meaning, only patterns.

Artificial intelligence may be built on math, but it operates inside moral and institutional systems. The task ahead is not to give machines a conscience. It is to design systems where failures are predictable, constrained, and survivable. That is what ethics looks like from the server rack.

From a CISO perspective, AI is exposing several truths that the security community can no longer ignore. The attack surface is expanding faster than traditional controls can cope. AI systems introduce new risks: model poisoning, prompt injection, data leakage, model theft, and unintended behaviours. These are not covered by classic security frameworks.

Data is the new crown jewel. AI security is fundamentally data security. If training data is compromised, the model is compromised. If prompts leak, sensitive information leaks.

AI behaves like a “black box”. Traditional assurance methods struggle because AI systems are probabilistic, not deterministic. This forces a shift toward continuous monitoring, not one‑off testing.

Humans remain the weakest link and this is amplified by AI. AI can supercharge social engineering, misinformation, and psychological manipulation. The human‑factor risk is now multiplied.

Governance is lagging behind innovation. Most organisations deploy AI before establishing governance, risk frameworks, or ethical boundaries. This creates unmanaged systemic risk.

The advice for CISOs is to secure AI responsibly. Treat AI as a new class of critical infrastructure. Create an AI Security Framework that includes model lifecycle security, data provenance, access controls and monitoring for drift, bias, and anomalies.

Build a joint governance model with Legal, Data, and Risk. AI cannot be secured by security teams alone. CISOs should co‑own AI risk registers, model approval processes, vendor assessments and ethical guidelines.

Secure the data pipeline end‑to‑end. Focus on data classification, secure ingestion, encryption, data minimisation and synthetic data where possible.

If the data is compromised, the model is compromised. Implement “Red Teaming for AI”

This includes prompt injection testing, model extraction attempts, adversarial input testing, bias and hallucination stress tests. AI must be tested like an adversary would test it.

Control access to models and prompts. Use role‑based access, prompt logging, guardrails, output filtering and embed zero‑trust principles. AI should never be a free‑text, free‑for‑all interface.

Demand transparency from AI vendors. CISOs should require model lineage, training data sources, security controls, incident response commitments and compliance mapping. If a vendor cannot explain how their model is secured, it should not be deployed.

Prepare for regulatory convergence. Expect alignment across UK AI Safety Institute, EU AI Act, NIST AI Risk Management Framework and ISO/IEC 42001.

Conclusion

CISOs should build compliance into the architecture now, not later. Train your workforce on AI‑specific threats. People need to understand deepfake risks, AI‑enhanced phishing, data leakage through prompts and shadow AI usage. Security culture must evolve with the technology.

Applied ethics ultimately plays out at deployment, where systems act under real constraints and real consequences. Ethical failure in AI rarely stems from a lack of philosophical theory. Instead, it arises when observed behavior is misunderstood, rules are poorly enforced, interpretations are overtrusted, or actions are insufficiently monitored.

From a cybersecurity and governance perspective, ethics becomes a system level concern grounded not in moral intention, but in design choices, enforcement mechanisms, and accountability structures.