'Ought' should not assume 'can' ... basic capabilities in cybersecurity to ground sen's capability approach

Partha Das Chowdhury, Karen V. Renaud

Research output: Contribution to conferencePaperpeer-review


We inhabit a ‘digital first’ society, which is only viable if everyone, regardless of ability and capacity, is able to benefit from online offerings in a safe and secure way. However, disabled individuals, people living under oppressive regimes, elderly citizens and indi- viduals fleeing conflict can be excluded, because they might not have the opportunity to implement cybersecurity hygiene measures. To reduce this potential exclusion, it is crucial to make all users’ situated realities focal variables in policy debates and provisioning efforts. This requires a validated set of basic minimum capabilities which reflect individuals’ diverse personal and social realities. In this paper, we report on a scoping literature review intended to reveal the state of play with respect to capabilities-related research in the cyber domain. We motivate our initial focus on the over 65s for this investigation. We used advice from online government cybersecurity advisories to arrive at a set of five recommended cybersecurity hy- giene tasks. These fed into a survey with sixty senior citizens to elicit the barriers they could envisage someone of their age encountering, in acting upon cybersecurity hygiene advice. The final deliverable is a candidate list of basic capabilities (cybersecurity) for seniors. This enables us to start measuring security and privacy poverty, an essential step in recognising and m
Original languageEnglish
Number of pages16
Publication statusPublished - 21 Sept 2023
EventNew Security Paradigms Workshop - Segovia, Spain
Duration: 18 Sept 202321 Sept 2023


ConferenceNew Security Paradigms Workshop
Abbreviated titleNSPW 2023
Internet address


  • capability approach
  • cybersecurity hygiene
  • list of basic capabilities


Dive into the research topics of ''Ought' should not assume 'can' ... basic capabilities in cybersecurity to ground sen's capability approach'. Together they form a unique fingerprint.

Cite this