BLOG
To mark Cybersecurity Awareness Month, observed each October, this month’s guest blog features a Q&A with CODI Member Kamal Sedra, Managing Director at eduCYBER Sàrl. An expert working at the intersection of cybersecurity and digital transformation, he highlights the critical importance of providing technical Internet and cybersecurity training in local languages to ensure every person, everywhere, can protect themselves against attacks online.
Tell me about your background and your role at eduCYBER Sàrl.
My work in cybersecurity and digital transformation started well before the Arab Spring, during the years of social and political change that eventually led to those historic movements across the Arab world. In those days, I was supporting civil society, NGOs, and local communities who were trying to use technology to connect, organize, and make their voices heard. Nevertheless, I kept noticing a gap: most of the technical knowledge and tools were in English and very complex. People on the ground needed that knowledge translated not just linguistically, but also in a way that made it practical and useful in their daily lives.
That’s how I came to see myself, and still do today, as a kind of translator. My role has always been to simplify technical knowledge, break it down into real-life skills, and empower non-technical people to use it in ways that improve their security, their work, and ultimately the quality of life of the communities they serve. This philosophy led me to found eduCYBER Sàrl, where I now design and lead training, advise NGOs and businesses on secure practices, and create multilingual resources. My work is about making cybersecurity accessible, practical, and empowering so that no one is left behind because of a language barrier.
What is the link between language diversity and cybersecurity? How could increased language representation on the internet change the cybersecurity landscape?
Language is central to how people understand and respond to online risks. When cybersecurity tools or materials exist only in major languages like English, whole communities are left vulnerable. I’ve seen this in Arabic-speaking regions, but also in Nepal, Eastern Europe, and South Asia, where people struggle to access guidance in their own language.
Greater language representation online strengthens cybersecurity for everyone. It helps users detect threats, adopt safer habits, and respond more quickly, while reducing the advantage attackers gain from exploiting linguistic gaps. Multilingual cybersecurity isn’t just about inclusion; it’s a key part of building global resilience.
What gaps in multilingualism on the Internet have you identified in your work? How do they create cybersecurity challenges for different groups?
One of the biggest gaps I’ve seen is that cybersecurity awareness resources in many languages are often outdated or written in a way that’s too complex for the people who actually need them. In Arabic, for example, a lot of guides exist, but many were produced for projects that are not updated regularly. On top of that, some were direct translations from English, written in a formal or technical style that ordinary users struggle to understand. As a result, activists, journalists, and NGOs continue to rely on materials that don’t reflect current threats, or they give up on using them at all because they feel inaccessible.
I’ve seen a similar challenge in places like Nepal, where most cybersecurity resources are not available in Nepali. Many NGO staff can follow the basics in English, but when the advice gets too technical, they can’t apply it correctly in practice. This leaves whole communities exposed, not because they don’t care about security, but because the information isn’t available in the language and style that works for them. That’s why I believe multilingual, easy-to-understand resources are just as important as the technology itself when we talk about cybersecurity.
What are some real-world examples where attackers have exploited a lack of language diversity or understanding, or script-based vulnerabilities?
A well-known example of how language and script can become security risks comes from a series of phishing attacks that targeted Egyptian human rights organizations and journalists. I personally received one of these emails after I had managed a human rights organization in Egypt. The messages mimicked trusted platforms like Dropbox or Google Drive and appeared legitimate at first glance, but they were written in a confusing mix of Arabic and English, with broken text alignment caused by the clash between right-to-left and left-to-right writing systems. Because many digital platforms still don’t properly support Arabic text, users have grown accustomed to distorted or poorly formatted messages. This made the attackers’ fake emails appear normal, allowing them to exploit a vulnerability not in the software, but in the language experience itself.
This problem isn’t unique to Arabic. Across different regions and languages from South Asia to Eastern Europe, attackers have taken advantage of similar gaps in localization, translation, and script support. When users are forced to navigate digital spaces that don’t fully respect their language, confusion becomes a security weakness. Bridging these linguistic gaps is not just a matter of inclusion, but an essential step toward global cybersecurity.
How can cybersecurity tools and AI models evolve to better detect threats across multiple languages and cultural contexts?
The rise of AI offers both challenges and opportunities for cybersecurity in multilingual contexts. From spam filters to threat intelligence systems, most of today’s AI-driven tools are trained primarily on English-language datasets. This leaves major gaps when threats appear in other languages or scripts. For example, a phishing message written in Arabic, Nepali, or Amharic may use patterns that existing models were never trained to recognize, allowing malicious content to slip through.
To bridge this gap, cybersecurity tools need to evolve in three main ways. First, AI systems must be trained on diverse linguistic datasets that reflect real communication styles, dialects, and even the visual complexity of scripts like Arabic or Devanagari. Second, cultural understanding should be embedded into AI design because how people interpret messages, trust sources, or respond to warnings can vary dramatically across regions. Finally, partnerships between local experts, language communities, and cybersecurity developers are essential to make these tools relevant and effective in every linguistic context.
At eduCYBER, we see this as an opportunity for collaboration, not just innovation. AI should help create an internet that protects everyone equally, regardless of the language they use to connect, communicate, or defend themselves online.
What role should organizations like eduCYBER and the Coalition on Digital Impact play in building a safer multilingual digital environment?
Organizations like eduCYBER and the Coalition on Digital Impact (CODI) have a crucial role to play in bridging the gap between technology, policy, and people. We are uniquely positioned to connect global cybersecurity efforts with the lived experiences of users who operate in different languages and cultural contexts.
At eduCYBER, our mission has always been to make cybersecurity accessible, translating complex technical knowledge into practical awareness that empowers NGOs, journalists, and local communities. Through training, partnerships, and tailored awareness programs, we help individuals understand threats in their own language and context. CODI’s global platform complements this by amplifying such experiences, connecting diverse actors, and shaping the global conversation around digital access and safety.
Together, we can promote policies, research, and educational initiatives that make language inclusion a core element of cybersecurity design, not an afterthought. By doing so, we build more equitable digital spaces where every user can understand, act, and stay secure in the language they trust most.
What practical steps can everyday users and businesses take to protect themselves in a more linguistically diverse internet?
The first step is awareness and understanding that cybersecurity is not just technical, but also linguistic and cultural. Everyday users should be cautious when receiving messages that look unusual in tone, language, or layout, especially if they mix multiple languages or use awkward phrasing. These are often signs of phishing or social engineering attempts.
For organizations, the key is to integrate language accessibility into their cybersecurity strategies. This means providing awareness materials and policies in the languages their teams actually use, ensuring that training sessions and digital tools reflect local realities. Businesses working in multilingual environments should also test how their communication platforms handle different scripts. Poor translation or broken formatting can lead to costly confusion or even security breaches.
At eduCYBER, we always encourage both users and institutions to think of language as part of their digital hygiene. Updating systems and software is essential, but so is updating the way we communicate about security. Clear, culturally aware communication helps close one of the most overlooked gaps in global cybersecurity: the language gap.
.png)
.png){kind=logo}
.png)
.png)
.png)
.png)
.png)
.png){kind=logo}
