The C1b3rWall Academy 2021/2022 program keeps surprising us with insightful lectures on cybersecurity. In Module 7 “Incident Management. Good practices in cybercrisis: a study of Ransomware” we can find a lecture on “Cybersecurity and Accessibility,” of Juan Carlos Ramiro, president of the CINTAC association and CEO of AISTE.
Basic cybersecurity concepts
If we define cybersecurity as the set of procedures and tools that are implemented to protect the information that is generated and processed through computers, servers, mobile devices, networks and electronic systems, cybersecurity accessibility, in the part that can be controlled by the user, is to provide the product with designs, interfaces and understandable and easy configuration, contents and alert or informative messages that allow the user to have as much control as possible over their data and its use.
Examples include configuration menus with appropriate contrasts, multifunctional systems, appropriate keyboards, translations or non-confusing screen presentations.
Modern technologies provide people with disabilities with autonomy, security, opportunities, sociability, access to services and many other advantages.
The dangers of the lack of cybersecurity are exactly the same for people with disabilities as they are for a person without them, however, they may be more vulnerable due to impaired vision, hearing or cognitive ability…
To make accessible cybersecurity a reality, it is necessary to work with developers and also with citizens.
How to create accessible and usable security systems
Creating accessible and usable security systems requires accessible thinking, i.e. anyone can understand them, regardless of their situation. We can start by using understandable language, multimodal authentication systems (a blind person cannot perform a captcha), alarm warnings adapted to the user’s age, cognitive capacity and training, giving the user control over settings, providing explicit context on application elements, videos with subtitles for the deaf and audio description for the blind, images with alternative description, adequate contrast between the font and the background… Accessibility guidelines and technical standards, such as 301 546, can be followed.
The balance between user accessibility and curbing cyber-attacks can be strengthened with technology, awareness and knowledge. The biggest social problem regarding cybersecurity is the lack of knowledge of technology and its uses. We must select technology adapted to the user’s functional and cognitive abilities.
The trend towards omni-channeling translates into a constant change in the tools and channels we use. In this scenario of permanent change, systems must adapt continuously in line with people’s needs.
Juan Carlos introduces us to a very valuable topic about the little-known aspects of accessibility in cybersecurity. I therefore encourage you to watch the full lecture at the following link.
You can read the full article on News-365.