ICRC Global Cyber Hub in Luxembourg: highlights humanitarian use of digital tech at Luxembourg’s first GRC Summit
On 05 June, the ICRC’s Global Cyber Hub took center stage at Luxembourg’s inaugural Governance, Risks and Compliance (GRC) Summit, held during the third edition of Spring Cybersecurity Week. Participating in two expert panels, the ICRC highlighted the humanitarian application of digital technologies, emphasizing responsible innovation and risk management in conflict-affected areas. A key feature of the engagement was the launch of an interactive online game titled Trust & Safety: Conflict Edition, designed to immerse players in the complex ethical and operational dilemmas in digital spaces.
The GRC Summit brought together over 300 participants, including cybersecurity professionals, lawyers, diplomats, and technology innovators. Attendees explored emerging threats, compliance challenges, and cutting-edge practices in governance and risk as organizations adapt to a rapidly shifting regulatory and cybersecurity landscape.
Speaking on the panel “National and International Cybersecurity Strategies,” Els Debuf, Head of the ICRC’s Global Cyber Hub in Luxembourg, urged States and stakeholders to integrate humanitarian considerations and international humanitarian law into their cybersecurity strategies and risk management frameworks. She underscored several considerations including the spread of harmful content online, and how it can directly compromise people’s safety, dignity and access to essential services.
Debuf discussed the growing militarization of cyberspace is blurring the lines between combatants and civilians, and between military and civilian infrastructure—posing serious risks to international humanitarian law (IHL) protections. She further emphasized how connectivity restrictions and internet shutdowns play out in conflict situations, resulting in loss of life and injury, separation of families, disruption of access to essential services such as water, power and health services, and loss of livelihood.
The panel discussion also touched upon the importance of maintaining control over data and digital assets – an issue closely associated with the ICRC’s exclusive humanitarian mandate and its strong commitment to the principles of neutrality, impartiality, and independence and to its working modalities of proximity to people, do-no-harm and confidentiality.
From an operational standpoint, managing digital dependencies includes exploring open-source solutions for operation systems and ensuring the secure storage and handling of sensitive humanitarian data. Legally, it remains essential that the privileges and immunities granted to the ICRC and other international organizations continue to effectively safeguard them in the digital age.
Following the panel, the ICRC showcased its recently launched online game, Trust & Safety: Conflict Edition. This interactive simulation immerses participants in a fictional conflict scenario, presenting various operational dilemmas that social media companies face when navigating harmful content, misinformation, and digital risks. The game is designed to raise awareness and foster collaboration between humanitarian actors and tech companies on mitigating digital threats while responsibly harnessing the potential of technology.
During the panel discussion on “Safeguarding Rights and Data: Integrating GRC and Cybersecurity into Humanitarian and Human Rights Work,” Vitaly Savenkov, Tech Engagement Coordinator at the ICRC Global Cyber Hub, emphasized risks and benefits posed by new technologies. He noted that while there are key opportunities in digital and tech that improve the efficiency of operations, activities can also disrupt critical services and infrastructure vital to human safety and dignity, and even erode of trust in humanitarian organizations. Responsible use of technology and human-centric approach to deployment of tech solutions remains to be the key, as demonstrated in the recently published ICRC’s AI Policy. Another point he made was built on the disturbing experience of 2022 data breach and other similar cases, which clearly outlined the need for humanitarians and their infrastructure and data to be protected both offline and online.
In the current landscape where cyber and digital threats are increasingly more complex and pervasive, the humanitarian approach – one that prioritizes the protection of people and preservation of trust in humanitarian action – is vital. Events such as the GRC Summit are a key opportunity to engage with diverse actors, foster responsible innovation, and ensure that governance and risk frameworks incorporate the human realities of conflict and crisis in the digital age.
