Resources
Build Your Cybersecurity Breach Defenses Before It’s Too Late
By Rachel Sams When a cybersecurity breach hits your organization, it’s too late to build optimal defenses. Your best opportunity to protect your nonprofit’s data exists now. It’s tough for any nonprofit to prepare for a crisis that hasn’t happened yet. Staffs and budgets are stretched thin everywhere. But with a reasonable amount of time … Continued
Comparison: HR Systems for Small Nonprofits
This factsheet compares and contrasts the features of 4 leading HR web products that offer pricing and options appropriate for small nonprofits: BambooHR, Eddy, Gusto, and Zenefits.
Ready to Respond: Building Resilience for a Cybersecurity Incident
Cybersecurity breaches can be scary and overwhelming for any nonprofit. This factsheet has six MUST-DO TASKS for any organization to ensure you’ll be ready if and when a breach happens.
Unplugged
By Whitney Claire Thomey “Almost everything will work again if you unplug it for a few minutes, including you.” – Anne Lamott When you find yourself traveling at the speed of risk, is it necessary to stay plugged in to organization communications, local and world news feeds, and updates from social media? Staying “on” all … Continued
Demystifying Cyber Liability Insurance
By Whitney Claire Thomey Every nonprofit that collects and stores confidential information, Personally Identifiable Information (PI), or Protected Health Information (PHI) is vulnerable to a costly data breach and its consequences. Data breaches, denial of service attacks, and phishing scams are a sampling of methods that cybercriminals use to steal and extort data. Organizations must … Continued
What Your Board Needs to Know About Cyber Threats
By Melanie Lockwood Herman Risk is top-of-mind for many nonprofit boards these days. Board members understandably want to grasp the top risks facing an organization and have confidence that the management team is prepared to weather the downside risks it cannot avoid. And based on our work with nonprofits across a wide spectrum of missions, … Continued
What Your Board Needs to Know About Cyber Threats
By Melanie Lockwood Herman Risk is top-of-mind for many nonprofit boards these days. Board members understandably want to grasp the top risks facing an organization and have confidence that the management team is prepared to weather the downside risks it cannot avoid. And based on our work with nonprofits across a wide spectrum of missions, … Continued
Demystifying Cyber Liability Insurance
By Whitney Claire Thomey Every nonprofit that collects and stores confidential information, Personally Identifiable Information (PI), or Protected Health Information (PHI) is vulnerable to a costly data breach and its consequences. Data breaches, denial of service attacks, and phishing scams are a sampling of methods that cybercriminals use to steal and extort data. Organizations must … Continued
Framework to Implement a Cybersecurity Plan
by Afua Bruce for NTEN Once organizations understand what cybersecurity is and recognize that it is a threat to their operations, the next step is to assess what cyber risks the organization has. By conducting risk assessments and implementing appropriate protections, organizations can decrease the likelihood of a cybersecurity attack. Additionally, the risk assessment process … Continued
Know Your CyberSpeak: A Cyber Risk Glossary
Navigating the world of cyber risk often feels a lot like learning a foreign language. Terms and concepts can be confusing and unfamiliar. This Cyber Risk Glossary will help nonprofit leaders as they examine cyber liability insurance policies and develop the necessary technology-related security protocols to protect their missions. Cloud – The term “Cloud” refers … Continued
Cloud Computing – BCP Boon or Boobytrap?
(download The Business Continuity Planning issue of Risk Management Essentials, here.) By Katharine Nesslage Many nonprofits are routinely taking advantage of the “Cloud” to provide low-cost software and data solutions. Gone are the days when organizations were required to purchase and maintain expensive servers on-site to house their applications and data. The allure of being able … Continued
Managing Risk in Tech Vendor Selection
Choosing a technology vendor can feel like learning an entirely new language and consume valuable staff time your team would rather spend on something else! And because tech contracts and marketing materials are filled with unfamiliar terms, some nonprofit teams lean towards “trust” instead of “verify.” This webinar provides an overview of the risks that … Continued
Cyber Liability Insurance: What You Need to Know
Risks related to data privacy and systems security are top-of-mind for risk professionals. And although insurance coverage is available for many aspects of this complex risk landscape, insurance products differ in intent, structure, and protection. Attend this webinar to learn about the key components and features of insurance policies available to protect against the “what … Continued
Technology Mishaps: Planning for IT and Communications Disasters
By Christy Grano For most of us, the word “disaster” usually brings to mind a natural disaster like a hurricane or a tsunami, but in the risk management world technology disasters immediately come to mind. An unexpected loss of data or communication can bring an entire organization to a halt if power, internet, email, or … Continued
Social Engineering: Why People with Passwords are the Biggest Threat to Your Mission
By Melanie Lockwood Herman During a recent conversation with my daughter, she explained how despite the beautiful building, appealing inventory, and ideal location of her first retail job, she viewed it as the “worst place to work.” Why? “The people,” she explained. “If even half of the managers had been kind, supportive, patient or pleasant, … Continued
Online Social Networks, Cyber Risk and Your Nonprofit: What You Need to Know
By Jeffrey S. Tenenbaum, Esq. and A.J. Zottola, Esq. Online social networking sites, such as the popular offerings provided by MYSPACE, FACEBOOK, TWITTER, and LINKEDIN, offer new ways for nonprofits to connect and interact with key stakeholder groups and the community at-large. An online networking site can offer opportunities and rewards due to the ease … Continued
Cyberbullying & Cyber Threats to Young People
By Lexie Williams In August of 2009, a nonprofit college preparatory day school in Los Angeles was sued for $100 million dollars by a student’s parents following a case of on-site cyberbullying. The incident occurred when nine students accessed another student’s personal website from school computers and left death threats. The lawsuit alleged negligence committed … Continued
Avoid Distracted Driving: Don’t Get Teary & Put Down Siri
Whether it is sending a quick text or recalling a very emotional memory or event, distracted driving is incredibly commonplace on roads throughout the United States and abroad. The Centers for Disease Control and Prevention (CDC) describes three primary varieties of distraction: visual—taking your eyes off the road manual—taking your hands off the wheel cognitive—taking … Continued
Go Phishing: Understanding Current Cyber Terms and Risks
Join us as we explore hot topics and trends in cyber security, including cloud computing risks, email scams such as phishing, and risks associated with BYOD programs. The webinar will help define and explain these risks, and will provide risk tips on how to protect your nonprofit from cyber threats. Learn how to identify weaknesses that expose your … Continued
Risk in the Cloud: Keep Your Assets Protected When Flying High
Are you leery of cloud computing? Many nonprofit leaders are considering the upsides of cloud computing, but remain concerned about data security in the cloud. This webinar will explore security risks in a cloud computing environment and offer actionable tips and recommendations to smooth your transition to the cloud. This content-packed webinar will address the … Continued
BYOD: Managing the Risk of Personal Devices at Work
Many nonprofit employees are asking to use personal devices for business purposes, including devices containing apps, music collections, photos and more. This webinar will explore the risks and rewards of the “BYOD” movement — Bring Your Own Device. Tune in for practical advice on managing the risks of dual-use devices in a nonprofit workplace, including … Continued
Managing Technology Risks: Employee and Volunteer Blogs, e-Commerce, and Internet Piracy
Organizations are finding that technology is both a blessing and a curse: easy access to information on the outside can also mean easy access by the public to the nonprofit’s proprietary information and to employees’ use (and abuse) of the Internet. Blogs, employees’/volunteers’ Web sites and e-mail, as well as e-commerce activities of nonprofits themselves … Continued
Workplace Privacy: Steering Clear of Danger While Protecting Your Nonprofit
The issue of privacy in the workplace presents challenges for nonprofit employers. While on one hand employers do not want employees to feel uneasy because “big brother” is watching their every move, smart employers know that full access to an employee’s physical and electronic workspace is necessary for legal compliance and to protect the assets … Continued
Adopt a Total Ban on Personal Electronic Device Use While Driving
January 26, 2016 By Melanie Lockwood Herman Since we began offering free RISK HELP to our Affiliate Members in 2012, we have answered a wide array of risk questions–some highly unusual. Last week we received this quirky question from two incredibly different member organizations: should we adopt a complete ban on the use of personal … Continued
Cyber Liability: Internet Killed the Radio Star
By Erin Gloeckner Remember the first music video that premiered on MTV? The Buggles’ “Video Killed the Radio Star” questioned the impact of new technology on the music industry. Technology and music videos have come a long way since then, and cyber culture continues to be both a benefit and a burden for public entities … Continued