Systemic Racism Is a Cybersecurity Threat

A Twitter employee works at a computer at the company’s headquarters. REUTERS/Robert Galbraith

Understanding how systemic racism influences cybersecurity is integral to protecting the American people, deterring U.S. adversaries, and defending American businesses as the United States seeks to return to its position of international leadership.

For years there have been well documented discussions about the need to expand gender and racial diversity in cybersecurity. People have argued that if we address social and systemic issues separately, we will get the technology right. However, the social and the technological are mutually constitutive. Bringing in new points of view is crucial to cybersecurity, but we also have to change the systems in which technology is embedded and review technology against the backdrop of larger systemic issues to reduce vulnerabilities.

Technical and policy mitigations in cybersecurity need to account for the weaknesses of our society, systems, and institutions in their implementations. The places where democracy breaks down and the ugliness of our past sins are laid bare and unaddressed are where we are most vulnerable. Technical and policy mitigations to cybersecurity challenges will never reach their full potential until systemic racism is addressed and diverse voices are reflected among our ranks at all levels.

The spread of disinformation that capitalizes on racial tensions in the United States, by both foreign and domestic actors, is an important but classic reminder of the need to address race. The narratives of the disenfranchised are the best tool and target for disinformation operations designed to incite the majority and further alienate minority groups. Crucially, exploiting the narratives of disenfranchised groups, especially Black Americans [PDF], is a powerful tactic used to radicalize minorities, one we have seen Iran and other countries use. Addressing inequality and systemic racism reduces if not eliminates the efficacy of this tactic.

Also, misinformation and disinformation move through immigrant and diaspora communities differently because of cultural norms. This has implications for the encryption debate and content moderation by tech companies because immigrant communities are heavy users of encrypted platforms like WhatsApp. Building teams composed of diverse viewpoints and conscious of race issues can help elevate those nuances, identify new tactics, techniques, and procedures, and adapt detection to relevant environments. This ultimately will better enable the United States to combat disinformation and misinformation at home and abroad. For example, deeper analysis of Russia’s outsourcing of information operations to Ghana and Nigeria could show that this is more than just an obfuscation tactic and tool to inflame racial tensions but also an effective mechanism for targeting African diaspora communities by exploiting their connections back to the continent.

Cyber diplomacy and international cyber capacity building are better served by having diverse representation that understands the cultural nuances that determine how technology will move through a society. For example, China is heavily investing in digital infrastructure in Africa and the Caribbean and playing a larger role in regional and multilateral bodies, shifting influence away from Europe and the United States. Lack of consistent U.S. investment and engagement in these areas is at its core a race-based decision that is an impediment to creating cyber norms and other global mechanisms to protect ourselves and our allies.

Understanding the cultural nuances of technology use and access is integral to building policies and technical solutions that secure systems and serve people. As countries around the world explore online and mobile voting, efficacy and adoption will differ across cultures, communities, and socioeconomic status. The issue of voter identity authentication [PDF] will be especially challenging. Understanding the differences within our communities and lived experiences domestically and abroad will help build resilience into mobile voting and any other policy and technical cybersecurity solution we seek to implement.

Racism breeds distrust in systems and institutions. This undermines initiatives that require broad civic engagement, such as public health awareness campaignsvoter turnout, and counterterror efforts such as “see something, say something.” Technology can often exacerbate this problem, even unintentionally, and further engrain systemic racism into our institutions and organizations. For example, racial bias in U.S. Customs and Border Protection’s (CPB) facial recognition technology has further diminished trust in the agency and the Department of Homeland Security (DHS), its parent organization, which has an expanding cybersecurity mission…

The above is published with express consent from Net Politics. To read the rest of this article, please visit the Council on Foreign Relations website.

Camille Stewart is the former senior policy adviser for cyber, infrastructure and resilience policy at the Department of Homeland Security under President Barack Obama, a cofounder of Diversity in National Security Network, New America political reform fellow, Council on Foreign Relations term member, and Truman national security fellow.