Is Your Nonprofit Making Cybersecurity a Priority?
As a nonprofit, it can sometimes be hard to know what to prioritize. With so many different tasks to juggle, some details might fall through the cracks. This is understandable, considering the amount of good that nonprofits do for their communities and the time it takes. However, if cybersecurity is one of these oversights, you could be opening up your nonprofit to a number of threats. Do not worry though. There are many ways to ensure your nonprofit’s online safety!
Digital resources can be incredibly beneficial for nonprofits, but they can also leave your nonprofit vulnerable. We want to help keep you protected. Research recently showed that global cyberattacks have increased by 38% in 2022. According to another study at the University of Maryland, there is a hacker attack somewhere every 39 seconds. This is why it’s important to stay vigilant and be aware of how to prevent this from happening to your organization.
We at GrantWatch want to make sure your nonprofit is covered when it comes to cybersecurity. For this reason, we have put together a list of ways you can protect your nonprofit against cyber attacks.
What Can Your Nonprofit Do?
1. Keep Your Software Updated
An important way to safeguard your organization against cyber threats is to regularly update your software to make sure it’s the most current version possible. Everyone has experienced the annoying notifications that pop up reminding you to install updates to your software. Though it may seem like a daunting task and take some time away from the important work you do, it will be well worth it in the long run.
Updates often address security flaws that may have been present in the previous issue of the software. Installing these updates tightens your security and makes it harder for hackers to find holes in your system.
2. Change Passwords Often
Making sure you create strong account passwords and change them often is also crucial to maintaining cybersecurity. To strengthen your passwords, be sure to use at least 10 characters. In addition, when you create passwords, use a combination of numbers and special characters, as well as both upper and lower case letters. This will make it harder for others to discover your passwords.
Along with strong passwords, changing your passwords regularly will boost your security. It is vital that you also change passwords when an employee leaves to be sure to avoid ongoing access. On their own, employees are often lax about regularly changing their passwords. As a result, make sure to have systems in place that regularly require password updates.
3. Have System Backups in Place
System Backups are also an important part of proper cybersecurity. Backing up your important documents and sensitive data allows you to retain access to crucial information in case of a ransomware attack or other types of system failure. Not only does this protect against cyber attacks, this will also protect your information from being lost in case of a natural disaster.
One backup strategy is often referred to as the “3-2-1 Rule.” This is where you make ‘three’ copies of your data and store them in ‘two’ different forms of storage. At least ‘one’ of these copies should be kept offsite. This ensures maximum protection for your nonprofit’s data and sensitive material.
4. Know Who to Contact
You must act preventatively when it comes to cybersecurity. It’s vital to know ahead of time who to call in case of a cyber attack. Make sure all key staff have this information. This way, if you are unavailable, other staff will know who to contact for help.
If you suspect your organization has been a victim of a cyber attack, here are some places to contact:
- 24/7 Cyber Watch (CyWatch): 855-292-3937 or CyWatch@fbi.gov
- Internet Crime Complaint Center (IC3): https://www.ic3.gov
- The Federal Trade Commission (FTC) shares consumer complaints and online scams with all levels of law enforcement.
5. Use Multi-Factor Authorization
Enabling multi-factor authorization is another way your organization can protect itself against possible threats. In place of a single password, opt for multi-factor authorization. This could be having a code sent to an email or phone number to verify identity, or requiring one or more security questions that only you or your key staff could answer.
If a system has already been compromised, multi-factor authorization will help fend off illegitimate log-ins until you are able to make whatever changes are needed.
6. Make Sure Your Staff Has Proper Training
Giving your staff proper training on cybersecurity is arguably one of the most important ways you can protect your organization from cyber threats. A majority of attacks occur when employees are unaware of the proper steps to avoid or repel a cyber attack. This includes unknowingly opening a suspicious email or link that turns out to be a phishing scam. Phishing is the fraudulent practice of sending emails or other messages that seem to be from reputable companies to get people to reveal sensitive information. Minimize illegitimate access to your data by training your staff on how to identify, avoid, and report phishing schemes.
It is also important to use account access permissions to safeguard and/or otherwise restrict staff access to sensitive company information. For example, you might want to limit your social media account access to only a few specific employees. This might also be the case with your customer support email inboxes. Limiting access to who in your organization can access these types of accounts will help ensure that proper protocols and safety measures are in place.
Overall, it is imperative that your staff understands the potential dangers to proprietary information in your organization from a cyber attack and the extent to which lasting damage from these types of attacks can have on your nonprofit. Take these risks seriously to help prevent them from occurring in the first place.
With these tips to improve your organization’s cybersecurity, we wish you luck as you continue the important work you’re doing for your community. Remember to be safe, vigilant, and aware of the threats that can accompany an online presence.
GrantNews Notes
With close to 8,000 grants currently available, GrantWatch.com is the leading grant listing directory. Upgrade to a MemberPlus+ subscription to view full grant details, including eligibility criteria and application information. For more information, you can also visit the GrantWatch FAQ page.
In addition, GrantWatch has a category specifically for technology grants. In this category, there are a number of grants to help with cybersecurity. Currently, grants are available to colleges, universities, and nonprofit organizations for projects related to cybersecurity.