In this hands-on workshop, participants explore real-world cyberattacks on political organisations in Germany and across Europe and translate them into concrete lessons for prevention and resilience. Andreas Rohr draws on incident-response cases to show how attackers actually gain access—through phishing, compromised accounts, misconfigured cloud services, and vulnerable campaign tools—and what they do once inside, from data exfiltration and communications manipulation to disinformation and extortion. 

Building on this threat landscape, Amela Gjishti brings the human and organisational perspective of cybersecurity into focus. She highlights where security most often breaks down in political organisations—not because of missing tools, but because of overloaded staff, unclear responsibilities, insufficient training, and cultures that treat security as an afterthought. Drawing on her work with Women in Cybersecurity, she translates best practices into realistic approaches for training staff and volunteers, strengthening digital hygiene, and embedding security awareness into everyday political work. 

Together, the session shifts from diagnosis to action. Participants will learn how to harden critical accounts and devices, protect messaging channels, structure access rights, and build incident-response playbooks that work under real campaign pressure. The speakers will also address how to prioritise limited budgets, what questions to ask technology vendors, and how to design security practices that are inclusive, scalable, and sustainable across diverse teams. 

Attendees will leave with a clear checklist of immediate steps and a longer-term roadmap for improving their organisation’s digital protection and operational resilience—before, not after, the next attack.