The Right Message on Digital Security

Over the last few weeks in Nigeria, I had the opportunity to conduct capacity-building training sessions almost every day. While many of these sessions were enthusiastically received, discussions on digital security fell on deaf ears.

For one of these training sessions, I’m invited to train on “ICT,” and offered no further parameters. To be frank, I feel a bit like I’m Noah being asked to choose animals for his ark: decidedly “ICT” is too broad a category for training. So, I decide to prepare a few different topic areas and let the audience determine where we should focus our time.

The day arrives, I enter the room, and rows of eyes look out at me. I do my typical intro: why I’m here, what I’ve done, what my areas of expertise are, and I ask:

“What do YOU want to learn about today”

Uncomfortable silence greets me. I’ve made a mistake. Paralysis of choice is on setting for my audience. I decide to narrow it down.

“Well, I can talk about something called open-source software, and make some suggestions on free tools that might be helpful for your work, I could talk about strategies for messaging in social media, or I could give a lesson on how to keep yourself and your information safe while using technology.”

In a room of 12, 9 hands raise for free tools, 3 (several repeaters) rise for social media, and 1 lonely hands raises up for digital security.

When I talk with partner programs about messaging strategy, I try to get them to differentiate between the message their audience wants to hear and the message their audience needs to hear. I personally know about this struggle. It’s the struggle I feel when I talk about digital security to people who don’t work or live in tech. This is clearly not a group of ardent stakeholders.

Before I go forward with training, I decide to ask a few questions about security habits. 

“How many people here use the same password for their personal email and social media accounts? ” 90% of the hands rise.

“How many people here use a firewall?” No hands rise.

“How many people here know what identity theft is?” 1 hand rises.

I sigh. Ok, there is a message that wants to be heard and a message that needs to be heard. I go for the PowerPoint on free tools and I focus more than half the session on “free” security tools: Password generators and savers, encryption tools, tracking tools for hardware, antivirus and antispyware, and system maintenance software. I loop in lessons on malware, and I keep the hook on “this safety could all be yours, for free!”

If I had the chance to develop a messaging strategy from inception here, I would have focused on why we need digital security and how it impacts the integrity of the work this group was doing. I would follow up with the cost and time-saving basic security protocols provide when faced with the possibility of a threat. However, I wonder if this message is being missed in a broader context. In a world where ICTs are being rapidly deployed in low infrastructure, low-tech contexts, the techies are thinking about digital security, but is this message being received by stakeholders who are new to the technology curve?

Blog reposted from