By Cherie Oyier
Yes, cybersecurity is gendered, just like so many other aspects of life! While the gender aspect has been dismissed and ignored in cybersecurity discussions for a long time, it has become apparent that structural and social norms affect the place of women in the cybersecurity field.
During the Octopus Conference 2023 held in Bucharest, Romania, under the theme “Cooperation on Cybercrime and Electronic Evidence,” KICTANet, in association with APC, was represented by Cherie Oyier, who delivered a lightning talk providing an afro-feminist perspective on cybersecurity.
Cherie highlighted that systematic challenges such as low school attendance and restricted education opportunities continue to widen the gender gap in the cybersecurity workforce in Africa. The perception of women as intellectually inferior to men also contributes to women being discouraged from taking up technical courses such as cybersecurity.
The few women who join the cybersecurity workforce often don’t make it to leadership positions due to the leaky pipeline in the workforce. Factors contributing to this include harsh and toxic working conditions such as incidents of sexual harassment, pregnancy discrimination, and working conditions not suitable for childbearers and homemakers—tasks predominantly assumed by women.
More women must be not only absorbed into the cybersecurity workforce but also represented in leadership positions for diversity of ideas. More women should be involved in policymaking at the national level, meaning that the two-third gender rule should be applied to cybersecurity committees and working groups.
The report by KICTANet titled “Unmasking Trolls: Research on Online Gender-Based Violence in Kenya” speaks to the differential vulnerabilities and impact of cyberattacks from a gender lens. Lack of access to information and skills on how to use security features, as highlighted in the report, exposes women to online gender-based violence, privacy violations, and online financial scams, among other vices.
Resources such as the “Digital Inquirer Kit on Tackling Online Gender-Based Violence” by KICTANet aim to equip women with the necessary skills, including cybersecurity, to build digital resilience.
While the cybersecurity field faces various gender-related challenges, none are unsurmountable. Our recommendations at the Octopus Conference 2023 include hiring women for aptitude and attitude and training for technical skills; establishing mentorship programs for women in cybersecurity; providing well-defined trajectories for promotions in the field; and providing flexible working conditions. These recommendations aim to inject and retain more women in cybersecurity.
To address the differential vulnerabilities and impact of cyber incidents, it is imperative to advocate for policies that specifically address these vulnerabilities and provide adequate mitigation measures for the adverse impact of cyber incidents disproportionately affecting women.
Cherie Oyier is KICTANet’s Programs Officer for the Women’s Digital Rights Program.