<p>Nonprofits serving vulnerable populations sit at the uncomfortable intersection of sensitive data, global exposure and limited security resources.</p>
<p>Geneva-based Protect.ngo, formerly the CyberPeace Institute, helps nonprofit and nongovernmental organizations (NGOs) navigate those challenges with free cybersecurity support. To fulfill its mission, Protect.ngo, itself a nonprofit, must continually identify and analyze the threats that target its nearly 700 member organizations — far easier said than done.</p>
<section class=”section main-article-chapter” data-menu-title=”The problem: When manual monitoring isn’t enough”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>The problem: When manual monitoring isn’t enough</h2>
<p>When Protect.ngo started in 2018, its cybersecurity analysts relied on open source intelligence skills to track publicly reported cyberattacks against the nonprofits in its network. The process involved manually checking news outlets, <a href=”https://www.techtarget.com/searchsecurity/feature/Data-after-the-breach-Economics-of-the-dark-web”>dark web forums</a>, social media and other sources.</p>
<p>”Many [NGOs] have a smaller digital footprint,” said Miles Collins, a cyberthreat analyst at Protect.ngo. “This can make it more difficult to detect whether they have been targeted and to gather enough evidence for technical attribution.”</p>
<p>With no unified view of the threat landscape facing NGOs and other civil society organizations, the work was time-consuming, inconsistent and unwieldy. The results also failed to give Protect.ngo analysts the real-time insights they needed to properly analyze and prioritize emerging and ongoing <a href=”https://www.techtarget.com/searchsecurity/feature/Top-10-types-of-information-security-threats-for-IT-teams”>security threats</a>. The scale of Protect.ngo’s monitoring activities compounded the challenge, with hundreds of member organizations spanning different regions, sectors and operating environments.</p>
<p>These challenges notwithstanding, it was critical that analysts detect attacks quickly and consistently, both for immediately affected organizations and their peers. A threat surfacing in one corner of the Protect.ngo network could have implications for countless other NGOs. Plus, any missed or delayed detections could create gaps in the public records upon which researchers and policymakers depend.</p>
<p>By March 2025, Protect.ngo analysts had manually documented more than 295,000 threats, 760 vulnerabilities and 1,100 distinct attacks on NGOs — and the threat landscape was only worsening.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”The fix: AI joins the cause”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>The fix: AI joins the cause</h2>
<p>Around the same time, Protect.ngo turned to AI to support the efforts of its human analysts. The organization deployed Dataminr’s AI-powered threat intelligence platform, which has the following capabilities.</p>
<ul class=”default-list”>
<li>Aggregates information from diverse sources across the public, deep and dark web, including government advisories, social media, cyber threat boards, dark web forums, news outlets, vulnerability disclosures, breach reports and <a href=”https://www.techtarget.com/searchsecurity/tip/Top-open-source-and-commercial-threat-intelligence-feeds”>threat intelligence feeds</a>.</li>
<li>Ingests and analyzes text, code, image and video data.</li>
<li>Uses agentic AI and large language models to autonomously analyze, enrich and contextualize data. The AI agents summarize incidents; correlate adversarial activity; identify patterns; and map relationships between cyber incidents, threat actors and targeted organizations.</li>
<li>Presents deduped, structured and contextualized intelligence alerts and briefs to human analysts in real time. Alerts include detailed source attribution, screenshots and background on threat actors involved.</li>
</ul>
<p>According to Collins, he and his fellow analysts at Protect.ngo review and verify all AI-driven alert and intelligence data, ensuring its accuracy and reliability before determining next steps.</p>
<p>”Human analysts are still required when it comes to judging whether those claims are credible or not,” Collins added. “As part of our methodological process, we always have an analyst reviewing AI output.”</p>
<blockquote class=”main-article-pullquote”>
<div class=”main-article-pullquote-inner”>
<figure>
Human analysts are still required when it comes to judging whether those claims are credible or not.
</figure>
<
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: