skip to main content
ArticlePodcastReportQuick LookVideotriangleplus sign dropdown arrow Case Study All

CNA Inclusive National Security Initiative: Racism and Cybersecurity

Download full report

Rapporteur: Annaleah Westerhaug


On April 9, 2021, CNA held its second Inclusive National Security event (@InclusiveNatSec on Twitter). The recording of this event can be found here. This series aspires to explore the intersection of structural bias and national security, and the event focused on the relationship between racism and cybersecurity. The keynote
speakers were Camille Stewart, Head of Security Policy for Google Play and Android Google, and Royal Hansen, Google’s Vice President of Security. The event moderator was Dr. Veronica Santos, UCLA Professor of Mechanical and Aerospace Engineering as well as Associate Dean of Equity, Diversity, and Inclusion and Faculty Affairs. Below is a summary of the key takeaways from the discussion.

Reflections from Camille Stewart and Royal Hansen:

  • We are not as effective as cybersecurity practitioners if we are not thinking about how race influences the effect that technology has on our lives, how to address vulnerabilities among members of racial or ethnic minority groups, and how racial tensions can be weaponized in online environments.
  • The more we rely on technology, the more cybersecurity becomes important. Our online lives are connected, and what is good for one group is good for the whole. By contrast, what makes one group vulnerable makes everyone vulnerable.
  • Google’s aspiration is to provide services for everyone. That is why diversity, inclusion, and equity are a key focus of our workplace, our supplier commitments, and the way we run our company.
    • Royal Hansen: A key way to make a positive impact is by recruiting and hiring diverse teams; it can be easy to miss this talent by recruiting only from traditional pipelines, and it is important to look outside the traditional cyber path. Doing so leads to a more diverse staff.
    • Camille Stewart: A more diverse staff is necessary to address particular challenges; we need to look
      for complementary skill sets and experiences and not limit ourselves to specific technical skills.
  • Representation matters. Exposing students and young adults to technology (including cybersecurity) is crucial to increasing diversity in the sector. It is critical that underrepresented populations see people who look like them succeeding in the industry.
  • The relationship between racism and cybersecurity may not be self-evident, but cybersecurity is a tool that supports a broader agenda. In other words, cybersecurity exists to facilitate other work via information sharing and connectivity, and this work—including community activities, social services, financial access, healthcare, and voting—often has clear racial implications.
  • The relationship between racism, cybersecurity, and national security is particularly evident in online threats and disinformation campaigns.
    • Camille Stewart: Our adversaries focus on “low-hanging fruit” and use existing racial biases and divisions to their benefit. They divide and conquer.
      Additionally, protecting the integrity of information is both a cybersecurity concern and a national security issue; this means not only safeguarding information but also guaranteeing its accuracy. If racial bias facilitates the sharing or the distortion of information, or if racial inequalities in cybersecurity education create weak nodes in our network, then we are less safe.
Download full report

Unlimited Distribution

Details

  • Pages:
  • Document Number: CCP-2021-U-029712-Final
  • Publication Date: 4/1/2021