Accessibility as a cyber security priority
3 years ago, Anna (not her real name) was diagnosed with a neurological autoimmune disease in which her body attacks substances that are naturally found in the body, causing pain and vision loss.
Before her diagnosis, Anna worked in software technology and felt very confident and safe online. She now uses glasses, a magnifying glass and screen magnification where needed.
Anna has no peripheral vision or depth perception. Face ID, or proving her identity by taking a photo of herself on her phone are impossible as she does not have the vision to line up her face with the camera.
Trying to zoom in, clicking on the wrong link, or using websites with a time limit enhance her frustration and constantly remind her of interactions that used to be second nature, but now feel like an ongoing battle with technology. “I can start to get very stressed” says Anna. “The pressure can make me feel inadequate, which makes me shake. For me, it can spiral very quickly.”
Anna’s experience is taken from Thinks Insights and Strategy, looking at the cyber security ‘lived experiences’ of people with disabilities. Commissioned by the NCSC, it’s part of a growing body of work identifying how cyber security actions can be challenging if you have an accessibility requirement.
Accessibility is about ensuring that nobody is excluded from using something due to a disability or impairment. It is about helping everybody, irrespective of any physical or neurological difference. An estimated 22% of working age adults are disabled, with 4.9 million disabled people in the workforce.
There are many reasons to address accessibility, whether meeting legal requirements, delivering better operational outcomes, or attracting and retaining a more diverse set of talent. Addressing accessibility also provides cyber security benefits by making systems more usable and making human errors or workarounds less likely. Conversely, if we fail to consider accessibility, these risks increase.
If Anna was working in your organisation, would she find your systems accessible? Where might your processes be challenging, and what could the security consequences be if doing things securely wasn’t accessible?
Original Source: ncsc[.]gov[.]uk
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
