Over the past decade, civil society organisations have increasingly relied on the use of digital technologies to provide essential services to communities. Despite the many advantages of technology, there are also many challenges that international civil society organisations (ICSOs) and local civil society organisations (CSOs) have struggled to proactively tackle. In recent years, (I)CSOs have faced an increase in digital threats and cyberattacks carried out by malicious actors interested in financial gains and access to sensitive data or identifiable personal information. The number of ransomware attacks, distributed denial-of-service (DDoS) attacks and data leaks targeting ICSOs and CSOs is growing. These actors are an easy target for cybercriminals because they often do not have sufficient cybersecurity plans in place due to budget restrictions or a lack of expertise or time. Therefore, there is a pressing need for (I)CSOs to prioritise cybersecurity to protect the communities they serve and their own work.
Within the SANE framework, the International Civil Society Centre and the CyberPeace Institute convened a series of SANE curated conversations to exchange know-how and strengthen the cybersecurity capacity of (I)CSOs. Based on key insights from these conversations, the CyberPeace Institute has developed a cybersecurity guidance to share lessons learned and best practices to help civil society actors better respond to cybersecurity challenges and digital threats. The guidance provides steps to better protect organisations online and highlights further relevant resources and initiatives. It addresses (I)CSO professionals across different departments as cybersecurity needs to be everyone’s responsibility.
The guidance focuses on three interrelated topics:
- Data protection and security – to equip (I)CSOs with knowledge and tools to protect the sensitive data of marginalised communities and vulnerable populations while providing essential services
- Prevention and mitigation of cyberattacks – to raise awareness of digital threats that can affect (I)CSOs and how they can prepare for and respond to cyberattacks
- Sustainable cybersecurity support for local civil society – to ensure that ICSOs also prioritise the cybersecurity of local civil society partners with whom they work