Context Research
Summary
This component allows the auditor to identify the relevant regional and technological context needed to provide a safe and informed SAFETAG audit. This component consists of desk research that is collected and analyzed by the auditor, as well as inputs from the Interview component.
Purpose
Analysis of context is the foundation of effective risk management. Both at-risk organizations and auditors will develop assumptions based upon their experience. It is important that an audit is based on information that is current and accurate.
Checking the assumptions both of the organization and of the auditor by researching the current regional and technological context will ensure that an auditor is basing their work on accurate assessments of the conditions the organization faces and that they are making informed operational security considerations.
The Flow of Information
Guiding Questions
- What infrastructural barriers exist in the region?
- What are the top, non-targeted digital threats in this region?
- What are the top targeted digital threats facing organizations doing this work in this region / country?
- Are there legal ramifications to digital security in the country? (e.g. legality of encryption, anonymity tools, etc.)
- Has any organization or individual made specific threats, or demonstrated intention or mindset to attack on the organization or similar organizations?
Approaches
- Conduct Regional Context Research to identify additional adversaries not previously identified
- Conduct Technical Context Research to discover infrastructure issues and explore the latest cyber security trends.
Outputs
- A summary of the most likely threats that the host and auditor may face:
- Possible adversaries and their capacity and willingness to act against the host,
- Latest general cyber-security threats,
- Legal risks to host and auditor conducting a SAFETAG audit.
- Modifications to the audit plan as necessary.
Operational Security
- Use VPNs or Tor to search if conducting the search from a country that is highly competitive with the organization’s country, or is known to surveil.
Preparation
Resources
Other Context Analysis Methodologies
Article: "Section 2.3 Context analysis p. 30" (Operational Security Management in Violent Environments: (Revised Edition))
Guide: "Vulnerability Assessment: Training module for NGOs operating in Conflict Zones and High-Crime Areas" (Jonathan T. Dworken)
Threats to the Auditor
Have aid workers faced retribution for their work in the region?
- Database: "The Aid Worker Security Database (AWSD) records major incidents of violence against aid workers, with incident reports from 1997 through the present." (The Aid Worker Security Database (AWSD))
Is it safe to do digital security work in the region?
Survey: "This is a survey of existing and proposed laws and regulations on cryptography - systems used for protecting information against unauthorized access.
" (The Crypto Law Survey)Article: "Legal Issues in Penetration Testing" (Security Current)
Guide: "Encryption and International Travel" (Princeton University)
Is the area safe to travel to?
List: "Foreign travel advice" (GOV.UK)
Alerts: "Travel Alerts & Warnings" (US Department of State)
List: "List of airlines banned within the EU" (European Commission)
List: "A list of aircraft operators that have that have suffered an accident, serious incident or hijacking." (Aviation Safety Network)
List: "Travel Advice" (Australian Government)
Targeted Threats for the organization
Is the group facing any legal threats because of its work?
- Monitor: "CNL's NGO Law Monitor provides up-to-date information on legal issues affecting not-for-profit, non-governmental organizations (NGOs) around the world." (NGO Law Monitor)
Does the organization face any targeted threats because of their work?
- Human Rights
- Transparency
- Public Service Delivery
- Health
- Free Media and Information
- Threatened Voices: Tracking suppression of online free speech.
- IREX’s Media Sustainability Index (MSI) provides in-depth analyses of the conditions for independent media in 80 countries across the world.
- Freedom House's "Freedom on the Net" index, assessing the degree of internet and digital media freedom around the world.
- Freedom House's "Freedom of the Press" index assess' global media freedom.
- ARTICLE 19 freedom of expression and freedom of information news by region.
- Open Society Foundation - Mapping digital media
- Press Freedom Index (RSF)
- Climate Issues
- Gender Issues
- Poverty Alleviation
- Community Building
- Peace promotion
- Agricultural Development
- Entrepreneurship
- Water, Sanitation
- Transportation
- Disaster Relief
General Threats for the organization
What general non-governmental threats does the organization face?
Map: "A global display of Terrorism and Other Suspicious Events" (Global Incident Map)
Organization: "ReliefWeb has been the leading source for reliable and timely humanitarian information on global crises and disasters since 1996." (ReliefWeb)
Reports: International NGO Safety (NGO proof, subscription required, covers Afghanistan, CAR, DRC, Kenya, Mali, and Syria currently)
What cyber-security practices is the government using?
Reports: Privacy International's in-depth country reports and submissions to the United Nations. (Privacy International)
List: "National Cyber Security Policy and Legal Documents" (NATO Cooperative Cyber Defence Centre of Excellence)
Reports: "Country Reports" (Open Network Inititiative)
Portal: "Country Level Information security threats" (The ISC Project)
Country Profiles: "Current cybersecurity landscape based on the five pillars of the Global Cybersecurity Agenda namely Legal Measures, Technical Measures, Organisation Measures, Capacity Building and Cooperation." (Global Cybersecurity Index (GCI))
Organization: "The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security." (The Citizen Lab)
Map: "Cyber-Censorship Map" (Alkasir)
Dashboard: "At-A-Glance Web-Blockage Dashboard" (Herdict)
List: "Who publishes Transparency Reports?" (James Losey)
Overviews:"Cyberwellness Profiles" (ITU)
What general cyber-security threats is the organization facing?
Report: "The Internet Annual Security Threat Report" (Symantec)
Report: "Annual threat report" (Mandiant)
Reports: "APWG Phishing Attack Trends Reports" (Anti-Phishing Working Group)
Reports: "Secunia Country Reports" (Secunia)
Reports: "McAfee Threat Trends Papers" (McAfee)
Report: "Monthly intelligence report" (Symantec)
What level of technology is available in the region?
Database: "World Telecommunication/ICT Indicators database 2014" (WT-ICT)
Comparisons: "Country Comparisons" (CIA fact-book)
Activities
undefined
