Like You Need Another Reminder About Cybersecurity (But Really, You Do)

In the wake of the Marriott hotel security breach that exposed not only exposed personal information for their customers, but also passport numbers and credit card payment information, it’s worth mentioning that your organization should have several measures in place to handle threats and be prepared to react accordingly in the event of a breach.

Adaptistration People 206In a timely announcement, the Nonprofit Technology Network, in conjunction with Microsoft, polled more than 250 nonprofit organizations with an eye toward taking a base reading on the state of cybersecurity preparedness.

The survey attempted to measure:

  • The policies and procedures nonprofits have for who and how people can access systems.
  • To what extent nonprofits are using technology to protect their systems.
  • The type of training is offered to nonprofit staff.
  • How nonprofit operations contribute to cybersecurity vulnerabilities.

Some notable findings include:

  • Over 70 percent of respondents have backup policies, enabling them to get back on their feet after an incident.
  • 68 percent do not have documented policies and procedures in case of a cyberattack. #NotGood
  • Only 1/3 of respondents provide employees with cybersecurity training on an annual or more frequent basis.

The report’s press statement headline pretty much sums up where we are as a field: “Nonprofits recognize cyber threats, but challenges remain.”

That’s a nice way of saying most organizations need to do more and to that end, their report is a good place to begin.

Download The Free Report From

About Drew McManus

"I hear that every time you show up to work with an orchestra, people get fired." Those were the first words out of an executive's mouth after her board chair introduced us. That executive is now a dear colleague and friend but the day that consulting contract began with her orchestra, she was convinced I was a hatchet-man brought in by the board to clean house.

I understand where the trepidation comes from as a great deal of my consulting and technology provider work for arts organizations involves due diligence, separating fact from fiction, interpreting spin, as well as performance review and oversight. So yes, sometimes that work results in one or two individuals "aggressively embracing career change" but far more often than not, it reinforces and clarifies exactly what works and why.

In short, it doesn't matter if you know where all the bodies are buried if you can't keep your own clients out of the ground, and I'm fortunate enough to say that for more than 15 years, I've done exactly that for groups of all budget size from Qatar to Kathmandu.

For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, keep track of what people in this business get paid, help write a satirical cartoon about orchestra life, hack the arts, and love a good coffee drink.

Related Posts