Non-Profit Organisations & Cyber Security

Uploaded on 2021-11-29 in TECHNOLOGY--Resilience, FREE TO VIEW

Non-profit organizations need to start paying attention, as smaller organizations and businesses tend to be targeted by cyber criminals due to the lack of smart and sophisticated cyber security technology. 

According to various reports, around 50% of smaller organizations and 90% of small businesses lack cyber security technology to protect themselves. Most non-profits do not collect any personal information like their bigger counterparts (banks for example) and yet they are still at great risk.

The reason for this? Often these organizations have a lack of awareness, how the ransomware infection process works and what kind of encryption methods are used. The lack of attention to cyber security by non-profits also comes from the fact that they often think (or at least hope) that cyber criminals will bypass them and target bigger more lucrative companies instead.

The ransomware usually encrypts information, photos, and files of a smaller company/organization, and the owner is then notified through an email that they have to pay a certain amount of money to receive a key or code that will unlock their data.

In some cases, the ransom may even be as high as hundreds of thousands of dollars! Oops! That's quite a lot for a non-profit. Well, this is why there are all kinds of options to choose from when it comes to cybersecurity products for your organization so you don't have to lose all your data and hard work!

Some organizations (that use Windows operating systems) may want (or need) to look into the following:

  • DIY Solutions like free AVG anti-virus. There are other options out there as well, but they may give you a false sense of security.
  • Industry-standard software like Avast or McAfee are either free or come with a monthly option (or trial) for organizations to use which allows them to be able to protect themselves against ransomware without having to pay anything.
  • You can always run your computers in a simulated environment with no internet access to prevent any intrusion or infection in the first place! This is referred to as 'Sandboxing'. An example of this software would be VMware. However, keep in mind that these products are not perfect and don't always work. But they are a good place to start.

There are also many other solutions out there, including cloud-based ones from companies like Carbonite, however, make sure you do some research on the product itself and how it works before you get yourself into one of them!

While these options may be appealing because of their low costs or even free options, please remember that they may not be as secure as products made by companies that specialize in anti-virus and cyber security or those that put high-end security on top of their list, such as Microsoft.

Always research and make sure you know what you're protecting yourself against before making a decision like this. It's better to be safe than sorry!

However, there is worse to come. Non-profits are not only at risk from ransomware, but also from phishing attacks that can steal your donations or sensitive information. This is because of the lack of password protection on servers and databases possibly containing sensitive donor information.

But hopefully, with these tips, you will be able to secure your non-profit against these attacks. The key is prevention.

If you ever do get infected, remember that the first thing you should be doing is disconnecting all of your equipment from any network! If this is not possible, turn off the internet connection and immediately contact your IT service provider.

Lastly, always make sure your employees are well-trained on how ransomware works and what they should do if they suspect anything. This is important especially because non-profits are often run by volunteers and someone not knowing what to do could cost you everything!

The bottom line is that ransomware infections are becoming a bigger risk for non-profits now. It's important to educate yourself on the subject and make sure your organization does as much as it can to prepare itself against these attacks. Because, if cyber criminals target you, there's no telling what they might want or be able to take!

John Giordani is CISO at NCheng LLP

You Might Also Read: 

Cyber Crime Is An Increasing Risk For Charities:

 

« Ransomware, Iranian Hackers & Pornography
Trojan Malware Installed On Millions Of Android Devices »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.