If you think you’re immune to cybercriminals because you run a nonprofit organization, think again.
Cybercrimes against nonprofits are more common than you think. According to the Nonprofit Quarterly, there has been a 270 percent increase in the number of attacks against business, with small businesses and nonprofits at higher risk than ever before.
Why? It’s simple: easier targets. Criminals know that nonprofits and small businesses are less likely to have the time, patience, and resources to fight back when they’re the target of an attack. They pay up rather than risk the resources, capital, and reputation that might be spent defending against the attack.
It’s been said that the best defense is a good offense. That certainly goes for cyber defenses. There are five things a nonprofit can do to defend against the most common cyber-attacks. Taking these steps may mean the difference between sending an “I’m sorry” email to your constituents and business as usual.
Five Steps to Defend Against Nonprofit Cyber Attacks
There are many things you can do to prepare for and defend against cyber-attacks, but the following stand out as being simple, easy to implement, and within the abilities of most nonprofits.
- Educate employees about threats: Keep up to date about the latest types of cyber threats and educate your employees about the signs of such attacks. Employees may not know about ACH attacks, for example, which target them through emails pretending to be from the CEP to gain access to company bank accounts. These and other attacks pose serious threats to nonprofits but can easily be thwarted through education and vigilance.
- Encourage reporting of potential attacks: Encourage your employees to ask for help if they think they’ve accidentally clicked on a bad link or given out information to potential cyber thieves. Make it safe to do so and avoid repercussions that could discourage them from reporting. Early reporting of possible breaches enables you to take swift action to batten down the hatches against further problems.
- Establish offline ways to confirm financial transactions: Ensure that employees can confirm transactions or the release of vital information offline through a phone call to a senior executive. Offline ensures that a link in a phishing email won’t take the employee straight back to the scammer for confirmation. It also puts in place a series of checks to stop possible mistakes.
- Create backup systems and files: The use of cloud-based software such as cloud-hosted fundraising and donor management software protects files against viruses on your network by hosting them off network and onto a more secure cloud system. Other software such as Abila Cloud Accounting secures valuable financial detail through controlled access to accounts and financial systems.
- Prioritize updates: It’s tempting to click “ignore” when a pesky update notice pops up on your computer. Patches and updates close gaps in software codes that can be exploited by thieves, so don’t neglect updates. Conduct regular software updates on all of your systems. Cloud-based software updates automatically and in the background so you don’t have to remember to update it. That’s another reason for choosing cloud systems for accounting, financial management, donor and fundraising management, and more.
Do you remember a television commercial featuring Smoky the Bear? Smokey’s slogan was, “Only you can prevent forest fires.”
Well, only you can prevent cyber-attacks by taking the appropriate steps to protect and defend your organization. If you believe in your mission, then you know it is worth the time and effort to secure valuable resources against external threats like a cyber-attack.
Welter Consulting bridges people and technology together for effective solutions for nonprofit organizations. We offer software and services that can help you with your accounting needs. Please contact Welter Consulting at 206-605-3113 for more information.