Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireLogical SecuritySecurity & Business Resilience

Why nonprofits need to be more worried about cybersecurity

By Mike Szczesny
two workers filling paper bags

Image via Unsplash

June 8, 2023

When running a nonprofit, there’s a good chance that cybersecurity is the last thing on someone’s mind. When the purpose isn’t based on making money and the budget isn’t exactly expansive, it can be strange to imagine that there are people out there looking to profit from an organization. Unfortunately, that’s exactly what’s happening.

Smaller organizations are more likely to be the victims of cyberattacks because they’re less likely to spend their limited resources on shoring up their security. This is especially the case when it comes to nonprofits. That isn’t even factoring in some hackers' political motivations against certain nonprofit organizations.

But even if security leaders recognize cybersecurity as a pressing issue, they might wonder how to protect their organizations without the money or time that major corporations do. It sounds like a big ask. The good news is that there are quite a few steps to take that don’t require allocating a huge amount of resources to security. They just require the cooperation of an organization’s teams and some extra oversight from IT.

Here are the eight steps security leaders should take today to secure their nonprofit:

1. Stay current with security best practices

If running out-of-date software, an organization opening up a back door for hackers to stroll through. Don’t be one of those organizations that still rely on Internet Explorer. Update all software and operating systems to ensure known security breaches are patched as soon as possible. Keeping everything up-to-date will also help security leaders get optimal performance out of their hardware.

2. Strengthen passwords

Everyone in an organization should use complex, randomly generated passwords that are difficult to crack and virtually impossible to guess. A team should not use these passwords for other sites and should change them regularly (security leaders can set it up so passwords must be changed in a specific timeframe). 

Have everyone use a password manager rather than storing passwords directly on their computers. This will also make it easier for employees to remember the complex passwords they create.

3. Implement two-factor authentication (2FA)

A password should only be one part of the login equation, however. Security leaders should also implement 2FA across an organization. This acts as another line of defense when a password is stolen. Users must verify that they are who they say they are by approving a login through a second device (usually their phone). Ideally, this authentication should be done through an app. While better than nothing, SMS is more easily hijacked than dedicated authenticator apps.

4. Prioritize regular data backups

While backing up important data won’t keep an organization from being the victim of a cyberattack, it will put them in a much better position if it happens. Ransomware attacks, for example, lose their teeth if the data they’re threatening to delete is safely backed up elsewhere. Backups are also indispensable in hardware theft, loss or failure.

Backups should be kept in a secure location off-site. This will ensure that any disasters affecting primary storage won’t impact fail-safes.

5. Remain alert for potential threats

Keep a steady eye on online presence to spot and handle any suspicious activity before it becomes problematic. That means monitoring networks, servers, website and social media presence. It also means looking for any vulnerabilities or breaches that impact an organization's platforms. This way, even if caught up in someone else’s breach, security leaders can quickly catch it and mitigate the damage.

6. Encrypt sensitive information

The unfortunate fact of cybersecurity is that, even with all the right protections in place, breaches can still happen, which is why it’s so important that all personal and private data is heavily encrypted. That way, even if someone can steal sensitive files and documents, they won’t be able to read them.

Encryption doesn’t just apply to data at rest, either. Security leaders should do so through encrypted channels if they send or receive private information. If relying on emails, use PGP or other encryption options. Better yet, use a platform that offers encryption by default for sending and receiving information.

7. Limit access permissions

While providing open access to an organization’s data to all team members might be easier, it’s also a massive vulnerability. The default behavior should be to deny access to information unless an employee needs to see it. Ensure to remove permissions when an employee leaves the company or no longer needs access. This a policy that should go all the way to the top.

8. Document procedures and train the team

The research found that 26% of charities had a cyberattack in 2021. This means that a wide swathe of nonprofit organizations are sitting ducks for any bad actors that come along.

Cybersecurity best practices only work if everyone is practicing them. Codify best practices and educate the team about them. Don’t assume someone knows to do things like avoid public WiFi or keep everything updated. Make security training a regular thing. As practices are updated, the team should be too.

It can be tempting to think that just because a nonprofit is small, they’re under the radar of any cybercriminals looking to make a buck. But the truth is that these qualities make them the exact target they’re looking for. Don’t wait until after a data disaster to invest in security. The sooner data is kept safe, the better off a nonprofit will be.

KEYWORDS: data protection employee training multifactor authentication password management ransomware

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Mike szczesny

Mike Szczesny is the owner and vice president of EDCO Awards & Specialties.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyberwarfare-freepik1170.jpg

    Citing cyberthreats: Why we should be worried

    See More
  • Changing the Hoodie Image for Cybersecurity

    No More Hoodies: Why We Need to Attract More Women to Cyber

    See More
  • healthcare 3 responsive default

    Health agencies are gathering data to combat COVID-19: Here’s why that might be a problem and what to do about it

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • into to sec.jpg

    Introduction to Security, 10th Edition

  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!