Securing Humanitarian Operations: Preparedness and Response to Cyber Crises in Aid Delivery
How have humanitarian organisations dealt and coped with cyber incidents preparation and response strategies to their specific priorities, needs, and contexts? And how could cyber incidents preparation and response strategies developed for other types of organizations be adapted to HOs?
The increasing reliance of organisations worldwide on digital technologies and data has amplified their vulnerability to cyber incidents. Cybersecurity governance and crisis management scholars are developing strategies to prepare and respond to these incidents. However, research has concentrated mostly on strategies for private companies, while overlooking other organisations with distinct priorities, needs, and contexts, such as Humanitarian organizations (HO). The mission of these organizations is to assist and protect victims of armed conflicts, violence, and natural disasters. Organisational science explains that HOs –as a type of NGO– differ from profit organisations in their mission, organisational structure and culture, the environment they operate, relationship with stakeholders, and human and financial resources.
The consequences of a cyber crisis for HOs can be catastrophic, severely limiting their ability to provide aid, damaging their reputation, and resulting in loss of support from donors. This project addresses the scientific and societal challenge of developing cyber crisis preparation and response strategies for the specific priorities, needs, and contexts of HOs. Drawing on organisational science, cybersecurity governance, and crisis management, the project will (1) develop a conceptual and theoretical framework for cyber crises in HOs; (2) investigate incident preparation and response practices within HOs; (3) assess previous cyber crisis communication strategies used by HOs; and (4) provide recommendations that can strengthen the preparation and response to cyber crises in the humanitarian sector.
In this way, the project will contribute to improve cyber crisis management in an under-studied type of organisation in the cybersecurity and crisis governance fields.