1 st Workshop on Diversity, Accessibility and Inclusivity in Cyber Security

Diversity, Accessibility and Inclusivity are important considerations for cyber security, to ensure that security mechanisms are suitable for all users, who could have differing abilities as a result of physical or cognitive impairments. One way this can be achieved is by implementing accessible authentication, which is recommended as part of the Web Content Accessibility Guidelines (WCAG 2.1) defined by the World Wide Web Consortium (W3C). There have been recent examples where authentication has presented challenges for people with disabilities (BBC News, 2020). Other considerations include, deriving heuristics during the design of systems, to ensure that the accessibility requirements of potential users are satisfied. This Workshop will investigate the recent developments that aim to ensure cyber security is accessible and inclusive to all users. It will discuss the methods that can be implemented to develop such systems. It will also become a forum for researchers in the domains of accessibility, cyber security, human computer interaction, human centred design and System of Systems. Discussions during the Workshop will lead to the creation of a road map to enhance the diversity, accessibility and inclusivity of cyber security. Accessibility


MOTIVATION
Identifying and specifying system security needs for users is difficult (Cheng and Atlee, 2009), but designing for a specific audience does not promote inclusivity for the wider audience.Mainstream research in security and privacy tends to focus on technical mechanisms and usability (Wang et al., 2018), but does not account for specific needs promoting accessibility.Worldwide there are 500 million people with disabilities, accounting for 15% of the total population (World Bank, 2021).Disability can be classified using the World Health Organization (2001) International Classification for Disability, Functioning and Health Framework (ICF).Kostanjsek (2011) states that disabilities should not characterise individuals, but be seen as "a complex interaction between the person and their environment".It is important to consider accessibility and inclusion to ensure that this user community has equal access to opportunities.This can be achieved through the use of assistive technologies that can "increase, maintain or improve the functional capabilities of persons with disabilities" (Assistive Technology Industry Association, 2021).Dr Whittington (Organising Committee) is an academic representative for the Smart Homes and Independent Living Commission that provides recommendations to support the adoption of smart home technology in social care.
It has been identified that people with disabilities can encounter barriers due to web security and privacy technologies, for example, users with learning disabilities experiencing challenges when following multi-step procedures on websites (World Wide Web Consortium, 2020) and individuals with physical disabilities being unable to authenticate themselves using one time codes over the telephone.This results in poor accessibility and potentially being excluded from purchasing goods, accessing services or communicating with organisations that result in frustration and cancelling of transactions.Accessible authentication mechanisms are recommended by the World Wide Web Consortium (2021) to promote inclusivity of computing to all abilities.
Due to COVID-19, financial services have been hardest hit by cyber security; therefore Financial Technology (FinTech) is the exemplar case study for this Workshop.Global smartphone penetration increased from 33.5% in 2016 to 46.45 % in 202046.45 % in (Statista, 2021)).The ubiquitous nature of this device has provided the rails for inclusive services leveraging the smartphone.The financial services sector has benefitted from this penetration, where FinTech is being leveraged as a tool to provide financial services to over 1.7 billion people globally (Asli et al., 2018).Incumbents in the Financial Services sector have promoted FinTech through Mobile Financial Services to provide innovative products, reach new customer bases and reduce operational costs, while challenger banks are beginning to emerge.Whilst the advent of FinTech has brought financial services closer to a broader range of customers more than ever before, it has introduced the risks of cybercrime to these customers (Shetty, 2018, Stone et al., 2017).Strong technology countermeasures exist, but have not succeeded in minimising the threat, due to human factor concerns (West et al., 2009).To address this problem, there is a need to ensure security controls are usable to end-users and security Application Programming Interfaces are usable to developers and that these controls have considerations for various groups of users, accessibility needs and cognitive limitations.This Workshop will examine various human factor approaches for making security controls in FinTech inclusive, to improve trust and consequently adoption.It follows the organisation of workshops on Human Centred Design for Intelligent Environments (HCD4IE) at British HCI 2016 (Bournemouth University, 2016) and 2018 (WikiCFP, 2021).Bournemouth University have also held two Assistive Technology Symposiums in 2018 and 2019 (BU Research Blog, 2018;2019).

TOPICS
This Workshop aims to explore the application of solutions to promote diversity, inclusivity and accessibility for cyber security systems, to ensure they are suitable for all abilities.It will culminate a range of topics, focused on three themes:

WORKSHOP FORMAT
The Workshop will be a full day event with a Call for Papers.The schedule will be as follows: Mr Srin Madipalli is a technology entrepreneur, executive and investor, who was the Founder/CEO of a startup that exited to Airbnb in 2017.Due to his physical disability, he is involved with advocacy work relating to disability inclusion in the workplace, helping technology companies to increase their accessibility and sharing experiences of being an entrepreneur with a disability.Mr Madipalli is on the Boards of leading advocacy groups in the UK and US, including an Advisory Board member at Included VC, which aims to help people from unrepresented groups find roles in the venture capital sector.

AUDIENCE
The intended audience for this Workshop will be academic and industries involved in the development of accessible cyber security solutions.
Researchers in the domains of Human Computer Interaction, Human Centred Design and System of Systems will also be targeted.

PUBLICATION STRATEGY
Accepted Workshop papers will be included in the proceedings of British HCI 2021 and published in the BCS e-WIC repository and the ACM Digital Library.These papers will also be considered as chapters in a future book publication of proceedings.

ORGANISING COMMITTEE
-15:10 Paper Presentations (Part 2) 15:10 -15:30 Break 15:30 -16:30 Panel Discussion Diversity, Accessibility and Inclusivity in Cyber Security Dogan • Whittington • Apeh • Ki-Aires 3 Keynote Speakers Dr Dave Edyburn (Senior Research Scientist and Professor Emeritus, University of Wisconsin-Milwaukee) research interests focus on the use of technology to enhance teaching, learning and performance.He has authored over 175 articles and book chapters on the use of technology in special education and his work represents a variety of contributions to theory, research and practice.Professor Edyburn is the editor of the Journal of Research on Technology in Education and Past Chair of the AERA Online Teaching and Learning SIG.