Back to all activities

Regional Context Research

Summary

This exercise focuses on research and re-confirmation of regional issues from general trends to specific legal restrictions and safety concerns, as well as current news and persistent challenges.

Considerations

    • Use VPNs or Tor to search if conducting the search from a country that is highly competitive with the organization's country, or is known to surveil.
    • Maintain data about any targeted attacks and attacks affecting the organization's line of work secure.

Walkthrough

    Cross-check reports on regional threats facing organizations with their focus area.

    • Targeted Threats

      • List all the relevant actors and their relationship with similar organizations.
      • List all present threats and upcoming threats to similar organizations.
      • List all documented instances of relevant actors carrying out these threats.
    • Decentralized Threats

      • List all present threats and upcoming threats to similar organizations.
      • Identify the motivation for these threats.
      • List all documented instances of these threats being carried out.

    Identify any legal risks associated with conducting the audit. Secure communications and storage, network forensics, device exploitation, digital security training.

    • Identify any export/import controls that might put the auditor or the organization at risk.
    • Identify any domestic laws and regulations that might put the auditor or the organization at risk.

    Identify any infrastructural barriers to adopting digital security practices.

    Explore the security landscape of hardware and software identified in interviews by conducting a basic vulnerability analysis.