Guidance

Terms of Reference: piloting gender-transformative interventions in cybersecurity programming

Published 12 July 2022

Objective

The Conflict Stability and Security Fund (CSSF) is a unique cross-government fund that tackles conflict, stability and security challenges overseas, which pose the greatest threat to UK national security. Since its inception in 2015, CSSF programmes have addressed threats arising through conflict, serious and organised crime, terrorism and violent extremism in more than 85 countries and territories. It has been a catalyst for a more integrated UK government response to fragility and conflict, including delivering our commitments under UK National Action Plan on Women, Peace & Security (WPS) 2018-2022, the National Cyber Strategy and the Integrated Review.

The UK’s National Cyber Strategy sets out the UK’s priorities in cybersecurity, including to:

• improve the understanding of cyber risk to drive more effective action on cyber security and resilience

• shape global governance to promote a free, open, peaceful and secure cyberspace

• strengthen the structures, partnerships and networks necessary to support a whole-of-society approach to cyber

• strengthen the cyber security and resilience of international partners and increase collective action to disrupt and deter adversaries

As the domain of cyberspace and corresponding possibilities for economic, social and military activity are expanding rapidly, existing rules and norms need to keep pace.

In order to be a responsible cyber power, as these rules and norms develop and evolve, it is essential that we adopt a gender-transformative approach to address existing and emerging issues.

Considering gender in international cybersecurity is critical as it shapes and influences our online behaviour; determines access, power and vulnerability and as result, impacts of cyber attacks and threats are different based on gender identity or expression^{[footnote 1]}. There is also a clear gender gap in the cybersecurity field, with women under-represented in the global information security workforce, driven by numerous social, institutional and personal barriers^{[footnote 2][footnote 3]}. There is some, but limited, understanding of the extent to which cyber threats affect or hinder our ability to achieve our WPS objectives, and vice versa.

The Gender, Peace and Security (GPS) Portfolio funds innovative projects to address emerging trends and gaps within the WPS agenda.

The team are seeking bids that pilot gender-transformative interventions to cybersecurity programming to create a free, open, peaceful and secure cyberspace. Any project should have a dual objective:

• improve gender equality/secure the rights of women, girls and marginalised groups
• make cybersecurity interventions more effective by adopting a gendered approach

It will seek to address or explore the prevailing power relations, gendered patterns and how marginalised communities are impacted differentially by discriminatory practices that may perpetuate cyber threats.

All projects should aim to work towards a cyberspace that reflects our values and influence the global environment to ensure a safe and beneficial digital future for all.

Project content requirements

Funding innovative research that addresses knowledge gaps and piloting gender-transformative approaches allows the CSSF to build the evidence base for gender transformative cybersecurity programming. The implementer may pilot interventions under the following suggested sub-themes at the intersection of gender and cybersecurity:

Research

• identify and understand how gender influences people’s perceptions and experiences of cyber security including how cyber security technologies and systems can be used to prevent or enable harm to citizens
• identify, develop, or pilot techniques or interventions that lead to more inclusive cyber security within systems
• capturing the security requirements of citizens, in particular how cyber security priorities and needs differ based on gender and how well these needs are met by existing cyber security practices
• understanding how gender biases could influence cyber security decision-making (in design or deployment) and the consequences of these biases
• understanding how cyber security tools, technologies, or systems can be weaponised against people based on gender
• develop approaches to evaluate the efficacy/impact of techniques or interventions in cyber security design or deployment that drive more equitable and inclusive cyber security within systems
• designing security that can adapt and remain resilient as threats evolve to meet the security needs of people in the future

Capacity building and systems strengthening

• knowledge-sharing/capacity building on the gender dimensions of international cybersecurity
• integrating prevention of gendered disinformation into cybersecurity policy, legislation and strategies, advocating with governments, multilaterals and/or business to strengthen definitions, detection and response
• support for networks that consider the intersection of gender and other minorities in cybersecurity
• capacity building for stakeholders involved in cyber incident response (governmental, private sector, and civil society) to recognise gendered implications and respond appropriately
• assistance for states to conduct a gender audit of national or regional cyber security policies to identify areas for improvement, and/or implementation of existing gender audit recommendations
• detection and prevention of cyber-attacks and cybercrimes^{[footnote 4]} targeting women peacebuilders, women’s rights activists, women’s rights and women-led organisations, and other critical WPS actors

Women’s influence and participation

• increase and improve women’s participation within international cybersecurity, policymaking roles and institutions and participation in cybersecurity dialogue and processes

If the implementer considers additional sub-themes to be relevant, we would welcome new and innovative ideas where they align with policy objectives.

Activities should take an inclusive, multi-stakeholder approach, working with local partners where possible to either address gaps in programming and research or demonstrate how the pilot builds on existing research.

Bidding guidance

• projects will be funded initially between October 2022 to March 2023
• multiyear funding to March 2025 will be considered in exceptional cases, each project will be subject to annual break clauses in March each year
• maximum budget limit: £400,000 (4 hundred thousand pounds sterling) per financial year
• successful implementers must receive project funding in GBP
• proposals should not be crafted to reach the budget ceiling, but to specifically meet the objectives in pursuit of demonstrable impact and value for money
• the funding will be available as a mixture of Official Development Assistance and non-Official Development Assistance
• bids where possible should not exceed 30 pages
• bids must be in English

Standard templates and guidance for partners can be found at FCDO International Programme guidance and templates

Process

The deadline to submit project proposals is 11.59pm (GMT) on 21 August 2022. Late proposals will not be considered.

• include “Piloting gender-transformative interventions in cybersecurity programming” and organisation name in the subject line
• proposals must be submitted using the attached forms only (see below)
• bidders must submit documents in standard Microsoft Office formats
• proposals must be submitted to CSSFGender.PeaceSecurity@fcdo.gov.uk
• the selected bidder/s will undergo a Due Diligence Assessment
• the team seeks to finalise grant agreements with successful project implementers by 30 September 2022

Assessment

This is a competitive process and the following criteria will be used to assess each proposal:

• alignment with the above mentioned thematic priorities and policy
• project design that demonstrates the ability to deliver outputs
• evidence of sustainability and continuation of benefits after the funding ends
• alignment with the Paris Agreement, demonstrating that climate and environmental risk have been considered and no harm will be done
• suitable monitoring, evaluation and learning processes
• risk identification and management
• stakeholder and beneficiary identification
• budget that outlines a sufficient details and overall value for money and aligns with the guidance activity-based budget template

Essential skills and competencies of the implementer

The implementer will have:

• experience and familiarity of gender and cyber programming and strong working knowledge on the WPS agenda
• strong operational experience of working in the country or region in which the project is based
• the ability to source appropriate expertise to support any capacity building and advocacy components, both in-country and if necessary, from outside
• project and budget management skills
• appropriate cyber security controls to protect participants, the organisation and U.K. funding
• robust approaches to risk management, conflict sensitivity, and safeguarding policies and implementation plans in place that ensure the protection of beneficiaries and to safeguard against sexual exploitation, abuse and sexual harassment (SEAH). The project must be in line with UK equalities legislation, including International Development (Gender Equality Act) and Public Sector Equality Duty

Contacts

CSSF Programme Team – CSSFGender.PeaceSecurity@fcdo.gov.uk

Additional information and documentation

If the purchase of assets is essential for achieving the project outputs and impact, please complete a separate Equipment Purchase Supporting Letter and submit it with the project proposal and budget.

Digital development costs in excess of £10,000 for “any external-facing service provided through the internet to citizens, businesses, and civil society or non-government organisations” has to be depicted separately in the Digital Spend Proposal form and be approved by FCDO.

The FCDO is moving away from using a flat NPAC rate, please see guidance on Non-Project Attributable Costs (NPAC), PDF 688 KB. However, for the majority of projects, Admin Costs are unlikely to exceed 10% of the total project budget, but 10% is not a target or a cap. There will be circumstances where admin costs over 10% may still represent value for money and we will review these costs during the review process.

All successful implementers will sign a standard FCDO grant agreement. The terms of the contract or agreement are not negotiable.

Projects should aim to achieve 85% spend by 31 December 2022 and activities should be avoided in the final month of the project; however, we recognise this may not be possible with a short implementation period. Activity Based Budgets should reflect this where possible.

• Project proposal form for projects above £10,000: template

• Activity based budget: template

• NPAC template and guidance

• Value For Money guidance

• Equipment Purchase Supporting Letter

• Digital Spend Proposal form

1. https://www.apc.org/sites/default/files/Gender_Matters_Report_Web_A4.pdf ↩

2. https://thegfce.org/initiatives/gender-and-cybersecurity-creating-a-more-inclusive-digital-world/ ↩

3. https://www.devopsonline.co.uk/women-in-cybersecurity-bridging-the-gender-gap/ ↩

4. Cybercrimes are distinct and different from wider online safety issues such as bullying and harassment, hate speech, the spreading of disinformation, promotion of gang culture and violence, or underage access to pornography ↩