Kaduu is proud to support the CyberPeace Institute for the launch of the Humanitarian Cybersecurity Center (HCC).

Introduction

Geneva, Switzerland, 27 February 2023 – In the last 3 years, cybercriminals and Nation State
actors have accessed systems and personal records, stolen millions of dollars of donations, carried
out surveillance operations, or led disinformation campaigns against non-governmental
organizations (NGOs).

What is the problem?

Humanitarian and development NGOs are targeted by cyberattacks and information operations.
They do not have the capacity to both be on the frontline of aid delivery and respond to cyber
threats. Cyberattacks imperil lives and erode the trust in organizations that is essential for their work.
This is why the CyberPeace Institute launched the Humanitarian Cybersecurity Center (HCC) –
developed and hosted in Switzerland, and operating globally. This is a partnership platform,
scaling-up cybersecurity solutions for humanitarian NGOs.

More than 1 billion people across the world receive vital support and services from NGOs. These
organizations leverage technologies to carry out their activities and are entrusted to hold vast troves
of sensitive data on people. This has increased the cyberattack surface of these organizations.
There is an urgent need to help NGOs to protect themselves.
The Humanitarian Cybersecurity Center provides them with free tools, workforce and knowledge to
face the threat.

The Center provides expert support and practical assistance to NGOs in the humanitarian and
development sectors, tailored to their needs, and available anywhere in the world. The Center builds
upon the CyberPeace Institutes key capabilities and develops programs of activities and associated
projects to support communities vulnerable to threats in cyberspace.
Providing assistance and advice adapted to the specific needs of each NGO and working to
foster collaboration and strengthen resilience, the Center carries out activities in 4 key focus
areas:

What is the Humanitarian Cybersecurity Center providing?

1. DETECT & INFORM: Equipping NGOs with guidance and cyber threat intelligence so that
   they can detect upcoming cyberattacks.
2. PREVENT: Providing hands-on assistance to NGOs to build cyber preparedness and
   resilience through risk assessments, simulation exercises and training.
3. ASSIST: Hands-on technical and forensic investigative support and assistance with incident
   and crisis management.
4. STRENGTHEN: Developing standards, fostering multi-stakeholder collaboration and
   advocating for protection of the humanitarian sector at international fora.
   One of the pillars of the Center is the CyberPeace Builders program. This is a unique network of
   expert corporate volunteers which has delivered, since its launch in 2021, end-to-end cybersecurity
   services to more than 100 NGOs, with the objective to provide a diverse, distributed capacity
   building offering. The aim is to serve 300 humanitarian NGOs in 2023 and 1,000 NGOs by 2025.
   Some of these activities have already been running for over a year and are being scaled
   through the Center, others are being tailored to the needs of NGOs.
   “NGOs are regularly targeted by cyberattacks and information operations. Whether responding in a
   conflict zone or to a natural disaster, or carrying out development programs, NGOs do not have the
   capacity to both be on the frontline and respond to cyberthreats” stated Stéphane Duguin, Chief
   Executive Officer, CyberPeace Institute. “The CyberPeace Institute’s ‘Humanitarian Cybersecurity
   Center’ provides them with the tools, workforce and knowledge to face the threat. The Center is a
   free, global resource for NGOs and Humanitarian actors responding to their needs, to be secure.”
   The Center strives to protect NGOs from cyber threats and provides tangible and free cyber
   assistance and support. The focus of the Humanitarian Cybersecurity Center is to enable
   organizations to build and/or strengthen their capabilities and preparedness for, and resilience
   against, cyberattacks through the provision of tools, resources, knowledge, and hands-on help.
   The Center offers a range of services, from awareness on the threat landscape, to establishing
   baseline security measures, vulnerability scans, simulation exercises, and to prepare for, and to
   assist during and after a cyberattack. The CyberPeace Institute requires donations to scale the
   assistance provided to protect humanitarian organizations during an active cybersecurity crisis.
   Cyberattacks have taken place against large international organizations such as the United Nations
   (UN) and International Committee of the Red Cross (ICRC), and NGOs including Save the Children,
   Mercy Corps and Roots of Peace.
   “The CyberPeace Institute contacted us 18 months ago to introduce its services to our humanitarian
   organization, and we started our collaboration with a study/analysis of our cybersecurity situation.
   They found a specialist to help with this, and then we received a detailed report of our situation
   which allowed us to plan and implement the necessary corrections and improvements to the
   computer security of our organization. This was at no cost to Terre des hommes” stated Eric
   Monnier, Head of Information Services, Terre des Hommes. “We are now launching a new activity
   with the Institute to help us in the optimization of our cybersecurity environment, related to Cloud
   services. It has become essential to have an external view and skills to improve our cybersecurity,
   and the CyberPeace Institute support allows us to do so. This is particularly important for NGOs like
   Terre des hommes, who are not spared from the attempts of hackers to penetrate our systems.To
   be able to do this without having to use our budgets destined to help children is a relief” he
   concluded.
   While NGOs play a critical role in protecting people, they face many constraints to protect
   themselves. Currently, only 1 in 10 NGOs train staff regularly on cybersecurity and only 1 in 5 have
   a cybersecurity plan. Since it was founded in 2019, the CyberPeace Institute, has worked hard to
   protect NGOs in order to enable them to protect the most vulnerable.
   “Cybercrime is costing the global economy trillions of dollars and sadly, the humanitarian community
   is not exempt. Yet the cost in this sector goes well beyond the financial, harming our most vulnerable
   communities and society as a whole. Humanitarian organizations struggle to reduce cyber risk as it
   means diverting precious resources away from core mission activities. CyberPeace Institute’s
   ‘Humanitarian Cybersecurity Centre’ will help address this issue by coordinating voluntary
   cybersecurity assistance, information sharing and education efforts. This collaborative approach will
   help amplify the reach and positive impact of this effort for society” stated Jen Ellis, Cybersecurity
   Advocate and member of CyberPeace Institute’s Humanitarian Cybersecurity Center’s Advisory
   Committee.