Advancing IT Security Through Diversity and Representation
Whether in the fields of communication, health, or mobility, IT security plays a crucial role in all socially-relevant areas. The increasing interconnection between the digital and physical worlds constantly brings forth new challenges and questions. For institutions, businesses, authorities, and individuals alike, the issue of IT security becomes increasingly urgent and complex, as the number of cyberattacks and the sophistication of attack methods continue to rise.
Therefore, innovative solutions and ideas are needed, developed, and advanced through research in the field of IT security. The fact that the majority of researchers in many areas of IT security are male is repeatedly critically examined, since the individual perspectives of each researcher significantly influence the approach, investigations, solution approaches, and ultimately the results. This highlights the importance of fostering diverse teams and ensuring increased representation of women.
Perspectives from female CASA Researchers
In 2015, the United Nations General Assembly established the "International Day of Women and Girls in Science," which has since emphasized the need for equal participation of women in science, technology and innovation every year on February 11. On this occasion, three researchers from different Research Hubs of our Cluster of Excellence CASA in Bochum share their thoughts on the question "Why the female perspective is crucial for research in IT security":
- Yixin Zou is Principal Investigator (PI) of the Usability Hub of our cluster and a Tenure Track Faculty member at the Max Planck Institute for Security and Privacy (MPI-SP), leading the "Human-Centered Security and Privacy" group.
“Centering female perspectives is vital for fostering inclusivity in IT security research: Previous studies in the field of usable security and privacy have revealed negative stereotypes, portraying women as more gullible and emotional in security and privacy matters and less secure in behavior compared to men. Such stereotypes can worsen existing gender gaps, disempowering women from self-protection. Additionally, research indicates that women and men seek security and privacy advice differently, with women favoring advice from intimate connections and men preferring online content.
The gender gap has even more devastating consequences in high-risk cases: My prior research focused on technology-enabled intimate partner violence, where spyware, mobile apps, and smart home devices are increasingly weaponized to monitor and harass survivors in abusive relationships, disproportionately affecting women.
Researchers' personal experiences and biases influence their research approaches. Gendered assumptions can impact study design, participant recruitment, data interpretation, and other aspects. A crucial measure for IT security research is enhancing the representation of women in the workforce, listening to their perspectives, and providing the resources for research and advocacy. This approach aims to address gender gaps and embrace diverse viewpoints that reflect the needs of every individual.”
- Clara Schneidewind is PI within the Research Hub "Future Cryptography" of our Cluster of Excellence CASA and speaker of our Equal Opportunities & Diversity Board. At the MPI-SP, she heads the Heinz Nixdorf Research Group for Cryptocurrencies and Smart Contracts.
“The financial sector has historically been male-dominated, particularly in the field of cryptocurrencies, where technology and the economy intersect. I am concerned about this situation, given the profound societal impact of technologies like cryptocurrencies. They have the potential to shape the future of payment transactions and influence the currencies adopted by national governments. There are substantial questions that need addressing, such as determining whom we trust to maintain such systems (exploring the possibility of having direct accounts with central banks). Moreover, there is a need to establish the level of privacy we desire from these systems (e.g., specifying circumstances under which tracking certain payments should be permissible).
Even if the decisions are not ultimately made by us, I believe it is essential for women to actively participate in shaping the development of solutions. Their perspectives and contributions play a pivotal role in ensuring a comprehensive and inclusive approach to the implementation of these technologies.”
- Elisabeth Krahmer is a PhD student at the Chair for Security Engineering at Ruhr University Bochum and part of our Research Hub “Embedded Security”. She is actively involved in our Equal Opportunities & Diversity Board.
“There are two distinct reasons why I strongly advocate for increased female representation in IT security research. Firstly, I believe in the societal benefits of diversity. Research, like many aspects of life, thrives on a variety of perspectives. Gender, among other factors, influences our thinking and problem-solving approaches. A research community dominated by (white, straight, western, able-bodied) males holds significant untapped potential that can only be unlocked by diversifying its members, encompassing various genders.
The second reason refers to the working environment. I observe that the diversity within our team (with three female PhDs), positively influences our dynamics. I believe that an open approach to addressing challenges, including failures, is crucial for progress, both in society at large and in the field of research. In my experience, women tend to be less hesitant to share unsuccessful approaches than men.”
Unlocking Potential: Shaping Inclusive IT Security Solutions
As the individual insights of our researchers illustrate, diversity in teams is the key to considering as many perspectives and needs as possible. Diverse teams bring a wide range of skills and experiences, contributing, for example, to avoiding biases in data, algorithms, models, and technologies. Consequently, more inclusive and unbiased systems and solutions can emerge. Promoting gender diversity in IT security is thus of significant societal importance and represents a crucial competitive advantage. Nevertheless, the slow increase in the number of female students in computer science in Germany suggests that there is still much work to be done. This is an important challenge that we, as a Cluster of Excellence, face.
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.