Check-in and access this session from the IGF Schedule.

IGF 2024 Day 0 Event #165 From Policy to Practice: Gender, Diversity and Cybersecurity

Subtheme

Advancing human rights and inclusion in the digital age

Theme
Advancing human rights and inclusion in the digital age

UNIDIR
Ms. Shimona Mohan, Associate Researcher with Gender & Disarmament and Security & Technology programmes, UNIDIR, Intergovernmental Organization, Asia-Pacific States Mr. David Fairchild, First Secretary for Digital Policy and Cybersecurity, Permanent Mission of Canada to UNOG, Global Affairs Canada, Government, Western European and other States Ms. Yasmine Idrissi Azzouzi, Cybersecurity Project Officer, International Telecommunications Union, Intergovernmental Organization, African States Ms. Allison Pytlak, Program Lead of the Cyber Programme, Stimson Center, Civil Society, Western European and other States Mr. Pavel Mraz, Cybersecurity Researcher in Security & Technology programme, UNIDIR, Intergovernmental Organization, Eastern European States

Organization's Website
https://unidir.org
Speakers

Ms. Hoda Al Khzaimi, Director of Centre for Cybersecurity, New York University Abu Dhabi, Founder and Director of Emerging Advanced Research Acceleration for Technologies, Security and Cryptology research lab and center, civil society, Middle East (Asia-Pacific States) Mr. David Fairchild (onsite), First Secretary for Digital Policy and Cybersecurity, Permanent Mission of Canada to UNOG, Global Affairs Canada, Government, Western European and other States Ms. Shimona Mohan (onsite), Associate Researcher with Gender & Disarmament and Security & Technology programmes, UNIDIR, Intergovernmental Organization, Asia-Pacific States Mr. Orhan Osmani, Senior Cybersecurity Coordinator, Cybersecurity Division, Telecommunication Development Bureau at the International Telecommunication Union, Intergovernmental Organization, Eastern European and other States Ms. Catalina Vera Toro, Alternative Representative, Permanent Mission of Chile to the OAS, Government, Latin American and Caribbean States

Onsite Moderator

Ms. Allison Pytlak, Program Lead of the Cyber Programme, Stimson Center, Civil Society, Western European and other States

Online Moderator

Mr. Pavel Mraz, Cybersecurity Researcher in Security & Technology programme, UNIDIR, Intergovernmental Organization, Eastern European States

Rapporteur

Shimona Mohan, Associate Researcher with Gender & Disarmament and Security & Technology programmes, UNIDIR, Intergovernmental Organization, Asia-Pacific States

SDGs

5.1
5.5
5.b
9.1
9.5
16.10
16.a

Targets: This workshop is designed to directly support the attainment of SDG 5 by addressing gender disparities in cybersecurity and promoting gender equality in digital spaces. By identifying gender-based vulnerabilities and harms in cyberattacks, it contributes to ending discrimination against women and girls in the digital realm (SDG 5.1). Furthermore, by discussing strategies to increase women's participation in cybersecurity discussions and workforce, it supports their full and effective participation and equal opportunities for leadership (SDG 5.5). Finally, it also contributes to empowering women through information and communications technology, by not only seeing them as passive victims of malicious online activities, but also as active agents of positive change in the cyberspace (SDG 5.8). This workshop also contributes to SDG 9 by aspiring to create a more inclusive and robustly staffed cybersecurity workforce, which is fundamental to building resilient digital infrastructure to support economic development and human well-being (SDG 9.1). It also aims to foster discussions on innovative approaches and good practices to promote inclusivity and address the existing global shortfall in the cybersecurity workforce by increasing the number of research, cybersecurity and development workers (SDG 9.5). Finally, this workshop aligns with SDG 16 by addressing cybersecurity to protect fundamental human rights and freedoms and ensure public access to information on gender-disaggregated data (SDG 16.10). By promoting gender-responsive policies and capacity building in cybersecurity, the co-conveners also strive to contribute to strengthening inclusive public institutions and fostering international cooperation to prevent cyber-related violence, terrorism, and crime, ultimately promoting peace and justice (SDG 16.a).

Format

 

Roundtable promotes interactive dialogue among participants representing diverse stakeholder groups. Given the aim of this roundtable to collect insights for a compendium of good practices, the conveners believe this format would encourage a frank exchange of lessons learned, ensuring that voices from various regions and constituencies are heard. Moreover, this format will facilitate networking and formation of partnerships of like-minded individuals and organizations committed to gender equality in cybersecurity. This will help mobilize collective action for mainstreaming gender into cybersecurity practices through relevant processes, such as the OEWG and the IGF Dynamic Coalition on gender. Allocating 90 minutes also ensures ample time for participants to generate meaningful insights and explore in-depth good practices and recommendations for integrating gender considerations into cybersecurity policy. It would also provide the organizers with the time to hold break-out group discussions with the audience online and in the room to collect recommendations.

 

Description

In today's digital landscape, there's a growing acknowledgment of the gender dimension of cyber threats as well as the persistent digital and cyber gender divide with women representing only 25 percent of the global cybersecurity workforce. However, specific gender-differentiated impacts of cyber threats and strategies to increase women participation in cybersecurity remain underexplored, hindering multi-stakeholder efforts to enhance cyber resilience and promote inclusive international peace and security governance models. Building upon the work within the IGF Dynamic Coalition on Gender and its Best Practices Forums, this open forum will explore gendered impacts of cyberattacks and practical steps for mainstreaming gender into global cybersecurity policy. It will also aim to identify concrete strategies to enhance women's participation in cyber diplomacy and the cybersecurity workforce more broadly to pave the way for a more inclusive and secure digital future. This session is part of a series of events convened jointly by the UN Institute for Disarmament Research and the Stimson Center to collect insights and recommendations from across the multi-stakeholder community for a ‘Compendium of Good Practices for Mainstreaming Gender into Global Cybersecurity Policy.’ With this workstream, the conveners intend to stimulate practitioner-led discussions to advance consensus recommendations of the UN Open-Ended Working Group (OEWG) to identify specific gender-based vulnerabilities and harms stemming from cyberattacks as well as concrete good practices for integrating gender considerations into cybersecurity policy and digital development initiatives across the globe. Key Session Objectives: - Raise awareness about the gendered impacts of cyberattacks on individuals, communities, and society. - Highlight the importance of gender-focused research in strengthening the UN framework of responsible state behavior in cyberspace. - Share good practices from existing gender mainstreaming initiatives in cybersecurity and digital development projects, including those identified through IGF channels and forums like the Gender Report Cards and relevant Best Practices Forums. - Foster gender-sensitive approaches to countering malicious cyber activities and inform actionable insights for cyber and digital capacity-building efforts. - Encourage the Internet governance community to explore gender-based threats and support the collection of gender-disaggregated data for policy making.

To ensure seamless interaction between onsite and online participants, after the initial kick-off interventions, we will prioritize questions and interventions from the online audience before turning to onsite participants, ensuring inclusivity and equal engagement across both groups. Utilizing online polling tools, we will collect input and written resources on the subject from all attendees. This approach will allow us to promote real-time engagement but also to gauge the pulse of the audience and tailor discussions accordingly. To collect lessons learned and good practices, we will divide in-person and online participants into break-out groups using one or more online moderators as needed. This will provide opportunities for all attendees to actively contribute and exchange ideas. The organizers will also leverage complementary online tools and platforms such as Slido and online polling tools to collect input and encourage engagement during the session. These tools will enable us to collect questions, gather feedback, and facilitate interactive polls in real time, enhancing engagement and fostering a sense of community among participants, regardless of their location. By incorporating these interactive elements and encouraging active participation from both online and onsite attendees, we aim to create a dynamic and inclusive discussion where diverse perspectives are valued, heard, and recorded to inform the compendium of good practices, which will be published in 2025.

Key Takeaways (* deadline at the end of the session day)

Urgent Need for Gender Diversity in Cybersecurity Workforce: Women represent only 25% of the global cybersecurity workforce, underscoring the need to close this gap to address the global shortfall in skilled professionals across technical and policy domains.

Gender-Based Threats and Technology Biases: Women face disproportionate online harassment, including non-consensual content targeting, amplified by AI technologies. Facial recognition and other emerging technologies show significant biases, highlighting the need for security-by-design principles and gender-responsive solutions.

Integrate Gender-based Approaches into Tech and Cyber Capacity Building: Participants underscored the need for effective and collaborative capacity building and funding gender-oriented efforts in not just cybersecurity, but all emerging tech workstreams to bring about meaningful and lasting positive change.

Call to Action (* deadline at the end of the session day)

Promote Gender-Based Approaches to Cyber Threats: Develop and deploy proactive measures, such as authenticating digital content, to mitigate harms from AI-driven threats. Establish co-creation labs where women design and implement technical solutions with industry partnerships. Increase Women’s Participation in Cybersecurity: Expand mentorship programs, fellowships, and technical training opportunities targeted at women and underrepresent

Mainstream Gender into Cybersecurity Policy and Governance at all levels. Create and Share Gender-Inclusive Good Practices: Convene workshops in 2025 focusing on key themes like gender-based threats, cybersecurity workforce participation, and capacity building. Develop a compendium of good practices with actionable recommendations for policymakers to advance gender equality in cybersecurity governance.

Session Report (* deadline 9 January) - click on the ? symbol for instructions

The intersection of gender, diversity, and cybersecurity is a critical area requiring urgent attention to address inequalities, enhance global security, and ensure inclusive governance. The IGF Day 0 Roundtable “From Policy to Practice: Gender, Diversity, and Cybersecurity” highlighted key challenges, shared actionable recommendations, and set the stage for collaborative next steps to promote gender-responsive and inclusive cybersecurity frameworks. 

Key Takeaways 

  1. Urgent Need for Gender Diversity in the Cybersecurity Workforce Women currently represent only 25% of the global cybersecurity workforce. Increasing the participation of women in this field is essential to address the global shortfall in skilled cybersecurity professionals across technical and policy domains. 

  1. Gender-Based Threats Amplified by Emerging Technologies Online threats targeting women—including harassment, doxing, and non-consensual content—are widespread and exacerbated by AI technologies. Facial recognition systems often misidentify women and people of color, leading to biases and potential wrongful enforcement actions. 

  1. Mainstreaming Gender into Cybersecurity Policy and Governance Gender considerations must be integrated into cybersecurity policies at all levels—local, national, regional, and global. Strategies need to address persistent inequalities and provide differentiated responses to gender-based online violence. 

Recommendations 

  1. Promote Gender-Based Approaches to Cyber Threats 

  • Develop measures to authenticate digital content (e.g., messages, videos, audios) and flag non-authentic materials. 

  • Integrate security-by-design principles into the creation and deployment of next-generation technologies. 

  • Support ecosystem champions and co-creation labs for women to design and implement their own technical solutions. 

  1. Increase Women’s Participation in Cybersecurity 

  • Expand mentorship programs, fellowships, and leadership training targeted at women and underrepresented groups. 

  • Highlight role models in leadership positions to inspire participation. 

  • Establish community support structures and technical training programs in specialized fields like ethical hacking and AI governance. 

  1. Strengthen Policy Frameworks and Capacity Building 

  • Governments should map inequalities and develop effective responses through differentiated strategies. 

  • Incorporate gender equality mandates into existing cybersecurity frameworks. 

  • Support policy labs to incubate innovative gender-responsive solutions. 

  • Promote regional and global frameworks to combat gender-based online violence and harassment. 

Next Steps 

  1. Compendium of Good Practices: UNIDIR, together with partners, plans to produce a compendium of good practices for mainstreaming gender into cybersecurity efforts. This document will capture insights and recommendations shared during the roundtable and provide actionable guidance for policymakers. 

  1. Workshops in 2025: A series of online workshops will be convened in 2025 to explore key themes: 

  • Addressing gender-based threats. 

  • Integrating international obligations to promote gender equality into cyberspace and technology governance. 

  • Increasing women’s participation in the cybersecurity workforce. 

  • Mainstreaming gender into capacity-building initiatives and national policies. 

  • Empowering women in global technology governance processes. 

This IGF Day 0 Roundtable underscored the urgency of addressing gender and diversity gaps in cybersecurity while also showcasing actionable pathways forward. By promoting gender-responsive approaches, increasing women’s participation, and leveraging the multistakeholder model, we can create a more inclusive and secure digital ecosystem. As we move forward, the collaboration and contributions of all stakeholders will be essential to achieving these goals. 

The participants also underscored the IGF’s multistakeholder model plays a vital role in advancing gender diversity and cybersecurity. By bringing together governments, international organizations, civil society, industry, and technical experts, this approach ensures that solutions are inclusive, collaborative, and sustainable.