Building Security Culture Within Marginalized Communities

From IFF Wiki
Jump to: navigation, search

Session Description

Increasingly, grassroots organizations and marginalized communities (LGBTQ+, women, immigrants, ethnic and racial minorities, etc.) are becoming targets of surveillance and harassment online, resulting in a heightened need for digital security at both personal and organizational levels. Unfortunately, critical tools and information often don't actually reach those who may need it the most, due in part to a lack of diversity within the security community itself — not to mention its somewhat insular nature. In this session, we’d like to have a conversation about how security experts, developers, educators, activists, and community leaders can collaborate to start making the topic of digital security accessible and relevant to these communities. The goals of this session will be to generate central themes for future workshops, methodologies for more inclusive development, and educational resources for both developers and the communities they serve.

Building Security Culture Within Marginalized Communities
Presenter/s Florencia Herra-Vega // Skylar Nagao
Bio/s Florencia Herra Vega is a backend developer and the CTO of Peerio. She previously organized Railsbridge Montreal and has been heavily involved in advocacy and grassroots education programs for the past decade, particularly around harm reduction, gender and queer issues. Skylar Nagao is the communications manager and general "writing things that aren't code" person at Peerio. He's a humanities geek interested in the ways technology, identity, and culture intersect. Skylar thinks science fiction is a sweet way to envision the worlds we want to live in, and that developers and educators are ideal actors to make those worlds come alive.
Language English

Session Comments

Session Notes:

Security Culture - day-today things we do to maintain security (technical, operational, informational, communication, etc)

Marginalized Communities - Anyone who doesn’t fit within the dominant … what it is to be a person online

Identifying the problems

Limited exposure to digital security, security period

Digital security is boring

Limited information about online threats

Lack of understanding of how the internet works

Threat scenarios

Harassment, doxxing, swatting, profiling, censorship, revenge porn, law enforcement, suppression of protests, ransom(ware), borders

General monitoring by government or people with more personal relationships

Discuss: Identify the needs of our audiences

- What do marginalized communities need to address these threats

- What does security culture look like in the communities

- Is encryption the best answer - or is it a flag?

- How do we make this information relevant and relatable to our community

Small Group Discussion: When trying to build security in your community

- What has worked?

- What hasn’t worked?

- What’s sort of worked?

Discuss in groups of approx 4-6 people

If you’re a security trainer, try to find someone who’s not

Sharing Findings