What Color Is Cybersecurity?
By Sean Lawson
Cybersecurity is not something we typically think of as having a color. But, as it turns out, cybersecurity’s dominant color is blue, cyan blue or the code #235594 to be exact.This finding comes from an early analysis of a new dataset of cybersecurity-related images used on the web. The Daylight Security Research Lab, part of the Center for Long-Term Cybersecurity at U.C. Berkeley, compiled the Cybersecurity Imagery Dataset.
It is comprised of thousands of images collected using Google Image Search for terms related to cybersecurity. The researchers used a set of 10,000 images to algorithmically determine that the dominant colors used in cybersecurity imagery on the web include shades of blue and gray with red used periodically to indicate danger. Initial analysis indicates that the images are not only “highly homogenous” in their use of color, but also in the objects depicted in them. Of course, we have likely all see the classic “hacker in a hoodie” image. The Berkeley researchers report that “padlocks and abstract network diagrams” are also common in the dataset.
The Daylight Lab’s project was inspired by a recent call by IDEO and the Hewlett Foundation for designers to reimagine the use of visual communication in the cybersecurity world. The premise of its Cybersecurity Visuals Challenge is that the visual communication of cybersecurity is too often dominated by “sensationalist media” relying on “pictures of locks, white men in hoodies, or headlines about Russian data breaches and coders breaking into bank accounts.” The problem of cybersecurity, however, is more complicated and in need of a broader repertoire of visual imagery and metaphors.
While the IDEO and Hewlett Foundation project focused on encouraging the creation of new kinds of cybersecurity imagery, the Daylight Lab sought to undertake a large-scale, systematic analysis of “the current state of cybersecurity’s visual language.” We have all seen the pictures of men in hoodies, padlocks, and networks, but are these really the dominant themes of cybersecurity imagery? The Daylight Lab’s dataset allows us to know for sure, as well as to analyze the images for other themes and patterns of interest. It creates a baseline of knowledge about the current state of cybersecurity imagery that can be used to help us do better. To solve a problem, you first have to understand it.
The use of such imagery is important because communication, especially on the web, is not just textual but has an increasingly important visual component. Even if a picture is not worth a thousand words, we do know that visual communication is important. As the Daylight Lab researchers note, the most commonly used cybersecurity visuals communicate a sense of danger and insecurity. As a result, they encourage those who create and use such imagery to consider whether the messages they send evoke fear and whether they are effective in empowering readers to take action to improve their own privacy and security.
These are important considerations because, as the researchers note, “The way media represent technical concepts visually influences how consumers of that media come to understand those concepts.” My own research has demonstrated the prevalence of over-the-top appeals to fear and the use of cyber-doom rhetoric in the U.S. cybersecurity debate. Such rhetoric can actually backfire, causing people to ignore the warnings or engage in counterproductive responses. It is disappointing, but not surprising, that the visual rhetoric of cybersecurity seems to be reinforcing those themes.
The Cybersecurity Imagery Dataset is just one of several projects from the Daylight Lab exploring “representations of security.” The guiding rationale of these projects is the fact that, “The way we represent technical concepts visually shapes how people understand them, which in turn affects how and why decisions are made.” Another of the Lab’s projects related to visual communication is the Cybersecurity Arts Contest, which offers grants for artistic projects that can help to “expand and refine” the kinds of images used in cybersecurity discourse.
Not all of the projects are visual, however. Another project is tracking the use of the word “hack” in news media discourse with the goal of uncovering dominant understandings of the term. Ultimately, the researchers hope to “amplify the original, positive use of the word ‘hack’, and replace its negative usage with more specific alternatives: theft, vandalism, espionage, stalking, harassment.” The Cybersecurity Imagery Dataset provides some interesting and unique insights into the current state of cybersecurity discourse on the web. Continued exploration of the data by researchers at the Daylight Lab and elsewhere will no doubt turn up other interesting results. Most importantly, however, this project and the larger efforts of which it is a part will help cybersecurity researchers and practitioners to create more accurate and effective strategies for communicating about cybersecurity to policymakers and the public.