Non-profits are not any less likely to suffer a cyberattack than a for-profit business. Hackers and other criminals do not typically care that they are interfering with your charitable mission when they gain access to your private information and extort you. And, unfortunately, cyber-attacks and compliance breaches are becoming more common all of the time. Criminals realize that targeting comparatively small firms is often lucrative, so the size of your non-profit will not protect you.
However, there are important things you can do to protect yourself and your donor’s data. We don’t have to tell you how much your donors mean to your organization, and how private many of them are about their information. Only 26% of nonprofits use advanced cybersecurity techniques, like multi factor authentication. You can fix that, protect your donors and protect your organization. Here is how to improve non-profit cybersecurity.
Know the Sensitive Information You Collect
You have a personal rapport with your donors and there is a great deal of trust between you. Sometimes this leads to forgetting about how valuable and sensitive the information that you collect can be. You’re a steward of this information, and even remembering that can help you make better cybersecurity decisions. Some of the most sensitive information you collect includes:
- Credit card and other payment information
- Medical information
- Social security numbers
- Home and business addresses
Manage Volunteer Access
Your non-profit, like many passionate organizations, likely has many volunteers who have access to your systems and to donor information. When possible, restrict your volunteer’s access to donor information. Ideally, you’d leave handling sensitive information to employees, or to volunteers when under the supervision of employees.
Update Your Technology
It can be hard to justify spending money on new hardware and software for your non-profit when things are “working”. You want as many of your dollars as possible to go to your charitable cause. However, when you think about the major impacts a cybercrime could have on your non-profit, the costs become easier to justify. Updated software and hardware are more secure and harder for would-be criminals to defeat.
Educate Volunteers and Employees
Often volunteers and employees are unfamiliar with basic cyber security principles. It is worthwhile to train them on how to protect donor information. Especially considering that many hackers rely on social engineering, or taking advantage of people’s naivety or good will, to get your donor information.
Monitor Vulnerabilities Regularly
Updating your security and your hardware and software right now is a good idea. However, you’ll need more to stay up to speed with the latest protections and ahead of the criminals. You should schedule a meeting, yearly or less, to monitor your potential vulnerabilities and see where you may need to adapt or improve.
Prepare an Incident Response Policy
Despite your best efforts, a cyber security incident may happen. How your organization responds to this incident can help you retain donors, protect your charitable cause, and even make subsequent attacks less likely. We have the professional expertise to help you design these policies.
Kyber Security | CT Cybersecurity Experts
Don’t get caught off guard. See your organization from an attacker’s perspective. Kyber Security can conduct a comprehensive cyber insurance and controls preparedness assessment to evaluate vulnerabilities.
Here’s What You Can Expect From an Assessment:
- Understand your organization’s gaps with core controls associated with cyber liability insurance premiums
- Obtain immediately actionable information for how you can better secure your organization
- Learn how you can improve the overall cybersecurity posture of your organization