The development of a secure, safe, responsible and peaceful cyberspace for all is a global endeavour and priority, with interlocking development and security implications. Understanding the gendered dimensions of cybersecurity, therefore, is a matter of international security.
The UN defines gender as ‘the social attributes and opportunities associated with being male and female and the relationships between women and men and girls and boys, as well as the relations between women and those between men’. While definitions of gender are fluid – and are sometimes contested or politicized in public debate – it is commonly understood that gender is socially constructed, evolving over time and often mirroring entrenched power hierarchies and dynamics. Notably, the word ‘gender’ is not synonymous or interchangeable with ‘women’.
As a social structure, gender is a system of power that creates and reinforces norms – i.e. standards of behaviour deemed appropriate in a given context. Gender norms are usually binary, generating specific expectations for the behaviour of men and women. This gender binary has two related characteristics. First, it is hierarchical, placing one gender above another and valuing subtypes of masculinity and femininity differently, leading to unequal power, access and opportunity. Second, it is exclusionary, repressing and marginalizing diverse gender identities that do not fit within the binary. State and other institutional systems incorporate and amplify gender norms for political and other reasons, creating and exacerbating gendered cyber harms.
Gender is intersectional. A term coined by Kimberlé Crenshaw, ‘intersectionality’ traces how gender interacts with race and other social categories and identities, and how forms of discrimination manifest around these intersections. To give just one example of why this matters in cyberspace, a 2023 report on ‘digital misogynoir’ studied the dehumanization of Black women on social media, and found significantly more highly toxic posts about Black women than white women. An intersectional gender analysis includes people of LGBTIQ+ identities. This paper examines cyber harms to LGBTIQ+ communities as gendered cyber harms, focusing on their cascading and compounding connections.
State and other institutional systems incorporate and amplify gender norms for political and other reasons, creating and exacerbating gendered cyber harms.
Online, the presentation of gender identity is influenced and governed variously by individual preferences, community norms, platform requirements and national legislation. Inferences and assumptions about gender identity are central to gendered cyber harms, from social media hate speech to the impacts of a data breach.
If our starting concern is how safe people are – and feel they are – online, then anything that increases individual insecurity and exposure to cyber harm constitutes a cybersecurity issue. Thus, while some policy approaches exclude the social media harms considered under ‘hate speech’ in this paper from the scope of cybersecurity (preferring to describe them as issues of ‘online safety’ or similar), a gender-focused analysis encourages viewing them as issues of human (in)security online – i.e. cybersecurity. Similarly, gendered cyber harms straddle standard distinctions between cyber-dependent and cyber-enabled threats and risks in the cybersecurity community.
Secure access to ICTs can advance gender equality by increasing access to services for marginalized communities and people for communication, education and economic purposes. If access to and dissemination of these technologies is not coupled with a gender-sensitive understanding of the harms, vulnerabilities and risks that can arise from their use, the vast empowerment potential of ICTs for individual, organizational and national growth and sustainable development is put at risk. Just as the international development field has successfully connected the rights and protection of women and girls to social and economic development, connecting gendered understandings of cyberspace to (failures of) cybersecurity can lead to better overall international security both within and beyond the cyberspace domain.
The Women, Peace and Security (WPS) agenda offers an established and internationally recognized foundation for this work. As explained by Sharland et al., the WPS agenda seeks to ensure that ‘lessons learned from traditional peace and security processes are incorporated for the benefit of a sustainable open, free and stable digital world’. Aligning (international) cybersecurity with the WPS agenda helps to identify and counter underappreciated or unseen gendered harms, and also consider how all genders – not just women and girls – experience cybersecurity. Furthermore, by treating gender equality and empowerment, along with principles of fairness, equality, equity and stability, as key priorities, a gender-transformative approach to cybersecurity is also a means for advocating against the militarization of cyberspace in general and, consequently, working towards a more inclusive vision of cyber peace.