Over the past year, the Journal of Cyber Policy has renewed its commitment to strengthen the representation of global perspectives and gender balance in all aspects of our work. We have published a manifesto for diversity and inclusion, launched a mentorship scheme to provide opportunities for early career scholars from diverse backgrounds, and issued calls for papers encouraging submissions on the theme of digital technology in emerging economies: from innovation to governance.
The pace of academic publishing can be somewhat leisurely, and effecting change can sometimes be frustratingly slow. So, it is a pleasure to see these long-planned initiatives come to fruition. With the publication of this final issue in Volume 8 will be an accompanying progress report against the targets we set ourselves to improve diversity and inclusion in all aspects of the Journal’s production cycle.
The Journal of Cyber Policy Mentorship Scheme aims to increase and amplify voices from historically under-represented groups in the field of cyber policy. The scheme seeks to contribute to the research, careers and professional development of promising scholars from such groups by pairing mentees with mentors from a pool of thought-leaders in cyber policy: established academics, professionals and research experts. Ultimately, the scheme will act as an inclusive platform for high-quality knowledge production and idea development.
In a similar vein, Volume 8, Issue 3 brings together a collection of unsolicited manuscripts which highlight the benefits of an inclusive approach to cyber policy and digital governance. Articles from Nate Allen, Serif Hashem and Elizabeth Kolade cover well-worn topics, such as the cybersecurity of critical infrastructure but with refreshingly diverse perspectives – including case studies from Nigeria and Egypt. Likewise, while the scholarship has been alive to the societal harms arising from the spread of disinformation since 2017, Mohammed Hossain offers a rare glimpse of the complexities of content moderation in languages such as Bangla, which despite being within the top 10 most spoken languages in the world, are poorly represented in relevant discourse.
Complementing these country-specific studies is an interview with Will Middleton, Director of the Cyber Policy Department at the UK Foreign, Commonwealth and Development Office, which provides a deep dive into the UK’s approach to cyber capacity building. Alongside this is a collection of short reflections on cybersecurity and the politics of knowledge production, curated by Fabio Cristiano, which walks the talk on taking an interdisciplinary approach by bringing together the perspectives of 10 authors from diverse backgrounds and geographies.
In the final article of the collection, by juxtaposing the diverse sources of security controls on the one hand, and security outcomes on the other, Daniel Woods and Sezanah Seymour examine the challenges of effective mitigation of cybersecurity threats.
Volume 8, Issue 3 concludes with four book reviews.
‘Leapfrogging’ or ‘lagging’?: highlighting critical information infrastructure protection challenges and opportunities in Egypt and Nigeria
Dr Nate Allen, Dr Sherif Hashem and Ms Elizabeth Kolade
Critical infrastructure is becoming increasingly cyber-dependent and, thus, vulnerable to cyberthreats. Despite these increasing vulnerabilities, there has been little progress in protecting critical information infrastructure in many emerging economies or late-digitising, low-and-middle income countries. Drawing on the cases of Nigeria and Egypt, Nate Allen, Sherif Hashem and Elizabeth Kolade explore what can be learned about protecting critical information infrastructure from early digitising regions of the world and how context-specific these protection policies and strategies should be.
The implications of the Arabic case for Bangla content moderation on Facebook: future considerations for combating Bangla hate speech
Mohammad Pizuar Hossain
With the expansion of mobile broadband and the affordability of smartphones, the prevalence of hate speech has risen, particularly on Facebook. This surge in online hate speech has – among other things – contributed to violence against ethnic and religious minority groups all over the world. This article considers the contours and particularities of this phenomenon in Bangladesh and India. Focusing on Facebook’s moderation of content in various languages, including Bangla, Mohammad Pizuar Hossain examines the potential reasons behind the inadequacies of Facebook’s moderation of Bangla content by comparing it to the challenges faced in moderating Arabic content on the platform.
Interview with Will Middleton: the UK’s approach to cybersecurity capacity building in a changing world
In this interview, Isabella Wilkinson (Research Fellow, Chatham House) interviews Will Middleton (Director of the Cyber Policy Department at the UK Foreign, Commonwealth and Development Office) about the UK’s approach to cybersecurity capacity building. Middleton outlines the UK’s approach to cybersecurity capacity building, covering the values of principles-based capacity building activities, and how the UK engages in international, multistakeholder and regional initiatives to ensure cybersecurity capacity building is as effective as possible.
Cybersecurity and the politics of knowledge production: towards a reflexive practice
Fabio Cristiano, Xymena Kurowska, Tim Stevens, Louise Marie Hurel, Noran Shafik Fouad, Myriam Dunn Cavelty, Dennis Broeders, Tobias Liebetrau and James Shires
Cybersecurity expertise traverses the diverse and overlapping fields of academia, diplomacy and policy. This article examines how cybersecurity expertise is ‘made’ and explores the need for a reflexive approach to guarantee the production of relevant and applicable knowledge in the cybersecurity field. The contributing authors critically examine the complexities of cybersecurity scholarship and identify obstacles and opportunities for creating more relevant and effective knowledge for policy and academic purposes.
Evidence-based cybersecurity policy? a meta review of security control effectiveness
Daniel W. Woods and Sezanah Seymour
The absence of a centralised authority to consolidate and assess the effectiveness of cybersecurity measures presents a challenge for private firms and policymakers, who currently must piece together information from disparate sources like academic research, tech companies and cyber insurance databases. To address this, Woods and Seymour conduct a meta-review of 17 studies from academia and industry, examining the connection between security controls and cyber risk outcomes to suggest policy-relevant conclusions.
Reflecting on the Journal of Cyber Policy’s manifesto for diversity and inclusion 2023
In March 2023, the editorial team at the Journal of Cyber Policy (JCP) launched its first manifesto for diversity and inclusion. In this manifesto, the editorial team committed to:
improving gender representation;
increasing diversity of authorship; and
ensuring transparency and accountability.
In this report, the editorial team reflect on the progress made on these commitments in the past year and priority areas for the coming year.
Improving gender representation
The cyber sector has long had a representation issue. It is estimated that just one in four members of the global cybersecurity workforce identify as women.Footnote1 Globally, cyber decision-makers and technology leaders are still predominantly male. In research and academia, there are gender disparities in STEM subjects and cyber policy. Gendered power dynamics influence cyber policy just as they influence other areas of policy: they create arbitrary hierarchies, entrench stereotypical gendered roles and functions, and exclude diverse voices.
This picture is not reflective of the origins of cybersecurity and computer science. In modern history, women have played essential roles in shaping and developing cyberspace and the technologies which are now pervasive in everyday lives, from Ada Lovelace pioneering the world’s first computer program to Katherine Johnson leading calculations enabling space exploration.Footnote2
This picture is also changing. Governments and organisations are making more effort to diversify STEM careers, from primary and secondary education all the way to international policymaking. While recent progress in gender representation in cyber is cause for celebration, there are still significant barriers to gender diversity and inclusivity in research, barriers that the JCP editorial team have identified and tracked in its own work.
The success of other journals, such as International Affairs, in achieving gender parity in authorship acted as a source of inspiration. It is evident that encouraging stronger gender diversity not only greatly benefits both research and policy, but also the global movement for gender equality and equity.
In 2023, the JCP editorial team’s commitment to increasing the gender diversity of authorship and improving gender representation more generally resulted in three key changes in editorial practices.
Firstly, the editorial team developed a strategic approach to prospective author outreach, with a focus on authors who identified as women or non-binary. This involved mapping organisations and researchers (at various stages of their career) and reaching out to raise awareness about the Journal as a potential avenue for submitting and publishing research.
Secondly, the editorial team made efforts to ensure that at least one referee for each manuscript sent to review identified as a woman or non-binary. The double-blind peer review process is integral to the credibility and quality of the articles the Journal publishes. Referees inform the manuscript’s research, analysis and readability: a diverse selection of peer reviewers helps to ensure diversity of thought.
Thirdly, the editorial team made more effort to connect the JCP’s D + I initiative with Chatham House’s Cyber Policy team’s broader work on gender and cyber. This included showcasing research on gender and cyber on International Women’s Day 2023, at the Chatham House Cyber 2023 conference, and at other internal and external events throughout the year. This effort demonstrated that diversity in cyber policy is achievable not only in terms of representation but also in content and substance.
These efforts have resulted in a marked increase in the percentage of authors who contributed to Volume 8 that identify as women. Due to GDPR and data collection limitations, we are unable to present accurate data on the gender split, but anticipate future EDI reports to report specifically and critically on gender balance among authors.
Increasing diversity of authorship
Historical trends of knowledge production in academic and policy research have increased the disproportionate dominance of Anglo- and Euro-centric voices in cyber policy discourse, but this does not reflect the scope or scale of cyberspace and technologies.
The Journal’s editorial team has recognised that publishing can be an inaccessible and difficult process to navigate for a variety of different reasons. For some authors, navigating a journal that publishes and operates solely in English may pose difficulties at various points in the editorial process (for instance, responding to peer review feedback). For other authors coming from a non-academic or non-research background, understanding the pre-submission requirements (for example, referencing or preparing a literature review) may prove a challenge. For first-time authors tackling a relatively unfamiliar field and publication, there are many hidden barriers to taking an idea from abstract to full article with confidence.
In the editorial team’s experience, many submissions have the potential to be adapted into high-quality, relevant, clear, coherent and thought-provoking articles with varying degrees of expert guidance.
Efforts to diversify our pool of peer reviewers has helped increase diversity of authorship. It has allowed us as an editorial team to approach manuscripts from different (theoretical) perspectives and opinions. Additionally, the editorial team made slight changes to the manuscript types it accepts. The introduction of a clearer distinction between an 8000 word research article and a 4000 word practitioner article has meant that some manuscripts have a higher chance of publication (if unsuitable for a research paper, the editorial team recommends re-framing for the practitioner paper format), and that the editorial team has been able to invite submissions from a broader variety of experts who may not have experience of producing papers at the level of academic research.
In order to further increase the diversity of authors published by the Journal, the editorial team has in the past year increased its commissioning of book reviews. A social media call for reviewers saw almost 100 responses, indicating appetite among global, early career researchers to write on cyber issues. Since then, several early career experts and researchers from under-represented communities have been commissioned to write book reviews. For early career researchers or those new to the field of cyber policy in particular, writing book reviews is not only an opportunity to publish, but also exposes early career experts to journal publication processes. This has also provided the Journal with a significant opportunity to publish more experts who identify as women or non-binary.
The articles published in 8.1, 8.2 and 8.3 span over 10 different countries with case studies from Australia, Bangladesh, Canada, China, Egypt, Nigeria and the United Kingdom. The authors published range from early career to established experts and from academia to industry. This global breadth and diversity of authorship demonstrates a commitment to – and the importance of – approaching cyber policy from an international and multistakeholder lens, and the Journal’s role in nurturing and encouraging that.
As part of this nurturing and encouragement, the editorial team launched its inaugural mentorship scheme in 2023. This mentorship scheme aims to increase and amplify voices from historically under-represented groups in the field of cyber policy by pairing mentees with experienced mentors from the cyber policy field. In 2023, prospective applicants were invited to submit a short abstract with a novel idea along with a blurb outlining their suitability for the scheme. The scheme received 38 applications, from which three mentees were chosen. These mentees will be paired with mentors from the Journal’s pool of experts and will work with them to develop their abstracts into a manuscript for publication. Throughout the process, the mentees will have access to their mentors and the editorial team for substantive and procedural guidance. These manuscripts will then go through the standard JCP submission and editorial process.
Ensuring transparency and accountability
This first Diversity and Inclusion Report is the editorial team’s effort to ensure transparency and accountability on our progress. Diversity and inclusion are adaptive and evolving values but they must be accompanied by tangible and visible outcomes.
This report is an honest account of the challenges the editorial team has faced in the previous year and the measures the team has used to overcome them in order to reach our D + I goals. The editorial team recognise that this has been a difficult year – a reality most starkly demonstrated in the difficulties the team has faced in publishing our three issues on time. But throughout the past 12 months, the editorial team has been committed to launching these new initiatives and trialling new methods of increasing diversity.
Priorities for 2024
The editorial team’s priority areas for the coming year are to continue to improve representation and proactively identify new ways to increase gender representation. This may include further exchanges with other publications and organisations committed to increasing gender diversity in their fields, particularly as the past year has underlined the importance of cross-learning.
Through direct outreach, an improved social media presence (that has seen our X account increase to over 4000 followers) and external engagement opportunities, the past year has offered the Journal a useful opportunity to establish itself as a publication committed to diversity, and we hope to build on that in 2024.
The editorial team aim to launch a second intake in mid-2024, learning from the first intake and continuously adapting the mentorship scheme to ensure that it offers an unrivalled experience for under-represented and early career experts in cyber policy.
In our second D + I Report, due to be disseminated after the publication of JCP, Issue 9.3 in 2025, the editorial team hope to be able to report on improved gender diversity, the positive experiences of our mentees, research published in the JCP on EDI and cyber policy, and more ambitious commitments and objectives for making the field more accessible, inclusive and diverse. A long-term objective is to be able to set targets for the Journal and be able to measure the Journal’s progress against those targets. Our incremental efforts and improvements will help us achieve that objective.
Notes
1 CREST-Gender-report_202004.pdf (crest-approved.org).
2 History of Women in IT: 6 Female Pioneers in Computer Science (purdueglobal.edu).