What Are the Current Threats to Non-Profits and their Data?
5 of the Top Current Threats to Organizations in 2021
- Social Engineering: 1/3 of breaches in 2021 used social engineering and of those 90% utilized phishing emails to infiltrate organizations.
- Ransomware: Encryption of data and extorted payment of ransomware required to get the decryption key. Top threat to the digital community today.
- DDoS Attacks: Distributed Denial-of-Service uses a massive sudden increase of online traffic to disrupt an organization’s website.
- Cloud Computing Vulnerabilities/Misconfigurations: Cloud customers need to thoroughly understand the responsibility of the provider versus their responsibilities. Attackers are looking for the gaps created by any misunderstanding.
- Third Party Software: Software companies race to market often sacrifices complete testing and leads to unknown vulnerabilities waiting to be found.
All of these details need to be considered when protecting your organization - however they don't need to be done all at once. If you simply do not know where to start, we can help you take the first steps and build from there.
What Are Some Steps That I Can Take to Protect My Non-Profit?
- Phising campaigns - organize campaigns with your IT department to test employees and work with them on how to avoid phishing scams.
- Posters - constant reminders and awareness throughout your place of work can give that extra nudge for employees to stay aware.
- Town hall meetings - open discussions with your teams can help them understand whats at stake and the easiest ways to do their part.
- Awareness training for employees - it doesn't stop with a one-off meeting. Regular trainings are the most beneficial for helping organizations stay safe.
Understand the Scope of What You Have:
- Conduct a risk assessment to identify gaps in your defensive posture
- Identify critical assets (software applications, databases, etc.)
- Classify your data so you know what you have and what your responsibilities are to protect it
Our teams at Pathway Forensics can help guide you in each of these matters.
How Can I Figure Out if My Non-Profit is at Risk?
Take our B&V Pathway Forensics Cybersecurity Threat Assessment!
It is 13 simple questions about your organization regarding good cybersecurity hygiene. It will tell you how you scored after and our Director of Cybersecurity, Mike Trpkosh, at Pathway Forensics, will send you an email with advice on how to better protect your organization.
Why Should I Use Digital Forensics When I Have an IT Department?
Digital Forensics can perform internal investigations, suspected/known financial malfeasance, computer use violations, harassment/discrimination issues, internal data breach matters, preservation of evidence, and more.
IT Dos and Don'ts
Do: Preserve the evidence before any wrongdoing is suspected or found, turn off the computer and store it until it can be prevented, establish a “hands off” policy on computers until they can be preserved
Don’t: Allow another employee or IT debt to browse the computer, copy files off a computer, attach a USB device