Research reveals language barriers limit effectiveness of cybersecurity resources

The idea for Fawn Ngo's latest research came from a television interview. Ngo, a University of South Florida criminologist, had spoken with a Vietnamese language network in California about her interest in better understanding how people become victims of cybercrime. Afterward, she began receiving phone calls from viewers recounting their own experiences of victimization.

"Some of the stories were unfortunate and heartbreaking," said Ngo, an associate professor in the USF College of Behavioral and Community Sciences. "They made me wonder about the availability and accessibility of cybersecurity information and resources for non-English speakers. Upon investigating further, I discovered that such information and resources were either limited or nonexistent."

The result is what's believed to be the first study to explore the links among demographic characteristics, cyber hygiene practices and cyber victimization using a sample of limited English proficiency internet users.

Ngo is the lead author of an article titled "Cyber Hygiene and Cyber Victimization Among Limited English Proficiency (LEP) Internet Users: A Mixed-Method Study," published in the journal Victims & Offenders. The article's co-authors are Katherine Holman, a USF graduate student and former Georgia state prosecutor, and Anurag Agarwal, professor of information systems, analytics and supply chain at Florida Gulf Coast University.

Their research, which focused on Spanish and Vietnamese speakers, led to two closely connected main takeaways:

• LEP Internet users share the same concern about cyber threats and the same desire for online safety as any other individual. However, they are constrained by a lack of culturally and linguistically appropriate resources, which also hampers accurate collection of cyber victimization data among vulnerable populations.
• Online guidance that provides the most effective educational tools and reporting forms is only available in English. The most notable example is the website for the Internet Crime Complaint Center, which serves as the FBI's primary apparatus for combating cybercrime.

As a result, the study showed that many well-intentioned LEP users still engage in risky online behaviors like using unsecured networks and sharing passwords. For example, only 29% of the study's focus group participants avoided using public Wi-Fi over the previous 12 months, and only 17% said they had antivirus software installed on their digital devices.

Previous research cited in Ngo's paper has shown that underserved populations exhibit poorer cybersecurity knowledge and outcomes, most commonly in the form of computer viruses and hacked accounts, including social media accounts. Often, it's because they lack awareness and understanding and isn't a result of disinterest, Ngo said.

"According to cybersecurity experts, humans are the weakest link in the chain of cybersecurity," Ngo said. "If we want to secure our digital borders, we must ensure that every member in society, regardless of their language skills, is well-informed about the risks inherent in the cyber world."

The study's findings point to a need for providing cyber hygiene information and resources in multiple formats, including visual aids and audio guides, to accommodate diverse literacy levels within LEP communities, Ngo said. She added that further research is needed to address the current security gap and ensure equitable access to cybersecurity resources for all Internet users.

In the meantime, Ngo is preparing to launch a website with cybersecurity information and resources in different languages and a link to report victimization.

"It's my hope that cybersecurity information and resources will become as readily accessible in other languages as other vital information, such as information related to health and safety," Ngo said. "I also want LEP victims to be included in national data and statistics on cybercrime and their experiences accurately represented and addressed in cybersecurity initiatives."