Cybersecurity for non profit organisation
Addressing the "dark side" of the digital nomad lifestyle. The target audience faces a specific type of isolation and instability that standard wellness apps cannot solve.
Year:
2025 – 2026
Category:
Service Design / UX & UI
Client:
Concept proposal
Duration:
🟢 12 weeks (Ongoing)
Location:
DaNang/Vietnam, Denpasar/Indonesia
Tools:
Miro, Notion, Figma, FigJam, Google Suite, Typeform, Teams
Design process:
Design Thinking, Double Diamond
Wellbeing
Support
Mental Health
Experience
The project itself :
The context
The Context CIC (Center for the integration of foreigners) serves as a critical support hub for migrants in the Czech Republic, operating across multiple regions. While the organisation manages highly sensitive personal and legal data, it operates as a small non-profit with limited budgets.
Unlike large corporations, CIC lacks a dedicated IT department or robust technical infrastructure. This creates a dangerous paradox: the organization holds high value data critical to clients' lives (residency status, contracts) but relies on minimal resources to protect it, leaving the community vulnerable to digital threats.
Hypothesis:
I believe that for local non-profits like CIC, the barrier to cybersecurity is not a lack of awareness, but a scarcity of accessible resources. The absence of a tailored security strategy creates a vulnerability where the organisation's goodwill is at risk of being exploited. By implementing right-sized, cost-effective security measures, we can protect client data without overwhelming the organization's limited capacity.
Goal:
To design and implement a sustainable security framework tailored for a resource-constrained NGO. The primary goal is to audit current vulnerabilities and introduce effective data protection protocols that foster institutional trust.
The solution must act as a digital safety net, ensuring that the sensitive data of foreign nationals is secure, thereby preventing real-world harm to an already vulnerable population.
My role:
Cybersecurity consultant / project lead responsible for the initial audit, risk assessment, and the end to end implementation of security policies and staff training.
Responsibilities:
Security audit & gap analysis
Stakeholder interviews
Risk assessment matrix
Data flow mapping
Vulnerability Scanning
Security policy design
Implementation roadmap
Staff training materials
Impact evaluation
Feedback loops
Unmasking the Crisis
Discovery
Organization selection
Centrum pro integraci cizinců (Centre for Integration of Foreigners, CIC) is a non-profit organisation that has been operating in the Czech Republic since 2003. Its goal is to support the integration of foreigners into Czech society by providing comprehensive services.
CIC offers:
Czech language courses
social and legal counseling
employment and career services
community activities and programs for families with children
support for schools and teachers working with children of foreign nationals.
The organisation operates primarily in Prague and the Central Bohemian and Liberec regions. Its mission is to improve the quality of life for foreigners in the Czech Republic, help them navigate the local environment, and promote mutual coexistence between the majority population and minority groups.
Organization Name: Centrum pro integraci cizinců
(Centre for Integration of Foreigners), NGO
Infrastructure mindset:
CIC handles sensitive personal data of foreign nationals (e.g., residency status, employment contracts, and legal documentation). Enhancing cybersecurity does more than just secure data; it protects the clients themselves and fosters institutional trust within a community that is often uniquely vulnerable.
Practical need for security improvement
As a smaller non-profit organization, CIC does not have an extensive IT department or surplus technical resources at its disposal. For this reason, it is a suitable partner for the design and implementation of accessible but effective security measures.
Local character and svailability for collaboration
Support is limited to informal "small talk" or social events (e.g., padel, hangouts), which fails to address deep-seated distress.
Local character and svailability for collaboration
Official contact has been established with the organization Center for the Integration of Foreigners, o.p.s., and the framework for this academic project has been discussed. The collaboration was formalized through the conclusion of a contract that defines the terms and scope of engagement for both parties. CIC management consents to the student analyzing the organization's needs in the field of cybersecurity and proposing appropriate design measures. This contractual framework confirms CIC’s interest in strengthening its security and ensures that the project outputs will be practically applicable and beneficial to the organization and its clients.
Setup mindset
As my baseline approach, I chose the Design Thinking methodology, combining it with the principles of Human Centered Security.
As my baseline approach, I chose the Design Thinking methodology, combining it with the principles of Human Centered Security.
This approach helps me focus primarily on people their needs, behaviors, and limitations. In the context of the organisation, I take into account not only employees but also volunteers and clients. My goal is not purely a technical solution.
I am interested in situations where a person might make a mistake which is natural and how to design measures that are meaningful, understandable, and encourage secure behavior.
Design Thinking allows me to work iteratively: from empathy and understanding people to defining the problem, generating ideas, designing prototypes, and gathering feedback. This process functions well even within our asynchronous collaboration.
