When a humanitarian crisis strikes anywhere in the world, aid workers rush in with critical help, no matter how dangerous or remote the location.
For cybercriminals, however, compassion is not a priority.
Since many nonprofits and non-government organizations (NGOs) lack enterprise-grade cybersecurity, bad actors smell opportunity — either to disrupt rescue operations for political reasons or to steal personal, financial, or government data.
Cisco and NetHope are working to change all that.
“It’s hard to imagine why hackers would want to target people who are doing good,” said Erin Connor, Cisco’s director of crisis response. “But we want to ensure that they are not easy targets.”
Since 2001, with Cisco’s early support, NetHope has led a global consortium of international development and humanitarian organizations, with the goal of collectively leveraging technology to increase effectiveness. Today, members total more than 60 organizations, including CARE, Save the Children, Mercy Corps, and the International Federation of Red Cross and Red Crescent Societies, to name but a few. Many operate under extreme conditions following earthquakes, droughts, hurricanes, wildfires, or wars.
But whether in a war zone or raising funds in a home office, hackers are ready to pounce. In a research study supported by Cisco, NetHope found that nearly half of international aid organizations had suffered a breach, while 65 percent “do not have confidence in their cybersecurity.”
That’s why Cisco is partnering with NetHope on an initiative called the Digital Protection Program. Their goal? To boost nonprofits’ cybersecurity capabilities and provide the technology, cooperation, and expertise that will thwart hackers, even during vulnerable crisis situations.
The Digital Protection Program is one pillar of a five-year, $15 million commitment (not including additional technology donations) from Cisco to NetHope, which began in 2022.
“For many nonprofits, cybersecurity and digital protection have been chronically underinvested,” said Connor. “These organizations are on the front lines of global challenges, trying to deliver help to vulnerable communities. That’s their priority. And it’s difficult for them to grant funding for what may seem like a back-end support function. But this puts many at great risk.”
NetHope is acutely aware of that risk.
“Cisco has been working with NetHope for more than two decades,” said Dianna Langley, NetHope’s chief operations officer. “From the beginning, connectivity has been fundamental and core. But today, it’s increasingly about the most technical aspects of cybersecurity and risk management.”
As challenging as security can be for a typical enterprise, Langley stressed the unique conditions under which many NGOs operate.
“With respect, many best security practices were established in business contexts, with high bandwidth and for single-hierarchy organizations,” she explained. “But they’re not always appropriate in a conflict zone when highly distributed networks of aid workers are attacked by nation-state hackers after an earthquake, tsunami, wildfire, or other disaster.”
Cisco and NetHope have been laser focused on these problems. In addition to the world-class security that it builds into every product, Cisco has provided innovative mobile networking kits. These have proven highly effective — and secure — in crisis situations when deployed by NetHope and Cisco Crisis Response.
In supporting the Digital Protection Program, Cisco is helping NetHope spread expertise, education, and highly secure technology throughout the ecosystem.
“Beyond sharing our expertise,” said Connor, “we’ve looked at the entire suite of Cisco security products to see how they can help NetHope and their members. We provided Cisco Meraki network infrastructure with advanced security and anti-malware capabilities, along with Cisco Umbrella grants to provide secure web filtering for difficult-to-control humanitarian networks.”
A partnership rooted in common purpose
For Cisco and NetHope, the partnership is deeply rooted and built on shared commitment. For example, Cisco’s core purpose — powering an inclusive future for everyone — resonates closely with the NetHope team.
“Cisco’s been an incredibly important partner because we’re so closely aligned,” said Molly Gascoigne, NetHope’s chief partnerships and philanthropy officer. “Everything Cisco has powered and enabled is baked into that core strategy and purpose. So, it feels like we’re one team, not two partners on either side of the aisle. That extends to when we’re deployed in an emergency — we feel like one team. And their technology makes so much of what we do feasible.”
Partnerships and cooperation are essential to NetHope’s mission. In addition to promoting grants and secure technology, the Digital Protection Program looks to raise awareness and support across the consortium.
“We’re not just about issuing funding,” said James Eaton-Lee, chief information security officer for NetHope. “We’re also about building community, building a culture of collaborative cybersecurity.”
Part of that is centered on sharing best practices for members, whether in home offices or far-flung crisis zones.
“We want our connectivity teams, who run towards the fire into some of these places, to have an integrated approach to cybersecurity in crisis response,” Eaton-Lee said. “For example, we have issued structured threat briefings to humanitarian teams going into Syria, going into Turkey, going into South Sudan, or processing Ukraine refugees — to give them contextual analysis that will drive their cybersecurity approaches.”
Cisco Talos, the company’s comprehensive threat-intelligence team, drives much of the global analysis informing NetHope’s insights and briefings.
“These threat briefings for humanitarian responders, along with much of our other responsive work, are based on data from Talos,” Eaton-Lee said. “And when members come in with particular challenges or briefings, we’ve put them through to the Talos team. Again, it’s what I would describe as a capital ‘P’ partnership. We benefit greatly from that team.”
Building skills for a secure future
Given the cybersecurity talent crunch facing even enterprises, it’s no surprise that many nonprofits lack sufficient security teams or leaders. NetHope has been trying to address the problem with skills programs.
“Education is part of our multi-strand approach,” said Eaton-Lee. “One of the things that Cisco funding enabled is to do is allow more people to go off and do training courses. And we can run those courses as a community.”
NetHope is also in discussions to use the Cisco Networking Academy, the company’s global networking and security training program.
“Among the things I love about the Cisco partnership,” said Langley, “is that all parts of Cisco are open to us.”
Again, it all comes down to community — public and private sectors working together to solve critical, global problems.
“This is a team sport,” said Langley. “We can’t fragment the ecosystem. We all need to work together bring the best of what our various agencies and various organizations can bring.”
As Eaton-Lee concluded, the stakes are high. And for any organization, going it alone is not an option.
“Our members are doing important work for some of the most vulnerable people on our planet,” Eaton-Lee concluded. “And we’re saying we need to work together to get cybersecurity right. Because if we don't, there are very sophisticated, well-funded groups who will try and disrupt what they’re doing.”