Our operating model
Cyberattacks directly affect people. From hospitals to humanitarian NGOs, threat actors target the organizations playing an essential role in supporting those most in need. We are an NGO, supporting NGOs and other critical sectors, offering free cybersecurity assistance, threat detection and analysis whilst advocating for safety and security in cyberspace. Our commitment to assist and protect vulnerable communities determines the focus of the activities of the Institute.
We bring together a cohort of partners, experts and volunteers to help humanitarian and development NGOs prepare for, defend against and recover from cyberattacks.
We work collaboratively with cybersecurity and technology partners to develop an understanding of the cybersecurity threat landscape of vulnerable communities. We provide advanced warning of threats so as to reduce their impact and harm.
We actively participate in coalitions and international debate to influence respect for and/or development of laws, rights and norms in cyberspace, for responsible behaviour and accountability.
We monitor and analyse the impact of emerging and disruptive technologies, such as artificial intelligence and quantum computing, on the security of vulnerable communities in cyberspace.
What we care about
We develop programs to support communities vulnerable to threats in cyberspace. By monitoring, assessing and communicating on the cyber threats to these communities, we can work together with partners to better protect them.
Protecting Humanitarian and Development NGOs
More than 1 billion people across the world receive vital support and services from non- governmental organizations (NGOs). NGOs leverage technologies to carry out their activities and are entrusted to hold vast troves of sensitive data on vulnerable people. This has increased their digital risk.
We help over 170 NGOs build their cyber resilience and fend off cyberattacks. We continuously develop products and services to better understand the risks they face and assist them on their cyber-readiness journey for free.
Defending Civilians & Critical Infrastructure
Cyberattacks and operations during an armed conflict pose real threats to civilians, critical infrastructure and the functioning of society whilst disrupting the safe, secure and trusted use of technology.
We’ve tracked over 1100 cyber incidents in the context of the conflict between Ukraine and the Russian Federation and provide insights on the latest threats and trends. We analyze the cyber threat landscape from the perspectives of harms to people, and respect for international law. We seek to advance responsible behavior in cyberspace, the protection of people, and to ensure an open, free, stable and secure cyberspace.
Preserving Rights & Freedoms
We’ve identified over 30 private sector companies exploiting emerging vulnerabilities to develop commercial-grade spyware. These targeted surveillance tools have been misused by governments around the world to conduct surveillance activities on non-criminal targets including High Profile Persons of Interest, such as journalists, human rights defenders, dissidents and opposition politicians.
Our research explores in-how-far the global sale and transfer of spyware products may result in a systemic threat in cyberspace and harm to people. We seek to protect and empower those whose security and liberty has been violated by unveiling loopholes in existing legal, policy and regulatory instruments.
Securing the Healthcare Sector
Attacks on healthcare are attacks on people. Not only do attacks target highly sensitive health data, they hamper delivery and access to essential services to people in need, with potentially devastating consequences.
We document threats to the healthcare sector from disruptive cyberattacks, notably ransomware, recording over 500 incidents since June 2020. By doing so we are able to identify critical vulnerabilities at a technical, operational and policy level to better protect the sector and the people it serves from harm.