Why Care About Cybersecurity?

October is Cybersecurity Month. This is the first in a series of posts about the importance of cybersecurity for nonprofits. To learn more, and to find more information about a CEO Roadmap and Considerations for Partnership Agreements, visit our page on Cybersecurity. 

It has often been said that “at the end of the day, all one has is his or her reputation.”

The issue of cybersecurity embodies this concept. An organization might spend years — perhaps decades — building a strong and respected reputation. Yet, that reputation can be irreparably harmed overnight in a single cybersecurity breach. If the personal data of your donors and clients is accessed by an unauthorized person or entity, you can lose all of your hard-earned trust in an instant. This may sound unfair and unreasonable, but it is the hard reality that everyone in our sector faces.

To minimize this risk, every CEO/leader must embrace — and champion — effective cybersecurity practices. We can’t rely on our tech team to lead, implement, and manage cybersecurity. Given the amount of data we retain on our constituents and stakeholders, the risks are real and too high to be ignored.

Accordingly, cybersecurity needs to be a priority for an organization’s CEO; and equally important, it needs to be a priority for the organization’s board of directors. While tech issues in general, and cybersecurity in particular, can feel mundane or overwhelming, it is crucial that the leaders engage, lead, and champion ongoing cybersecurity awareness and implementation.

An effective CEO and members of an organization’s board should be realistic and humble regarding cybersecurity. They should be comfortable with “knowing what they don’t know.” CEO’s and board members should strive to become more conversant and knowledgeable, and willing to seek guidance and scrutiny from independent, third party security experts who can provide a critical, objective view as to the organization’s cybersecurity effectiveness and opportunities for improvement.

It may be an old school point of view, but the attitude of the CEO on any issue typically permeates throughout an organization. If the employees know that the CEO cares about cybersecurity and tracks the organization’s effectiveness, with virtual certainty the employees will focus on cybersecurity as well. Over time, cybersecurity awareness will become as important to an organization as donor development and mission fulfillment.

What specifically should a CEO do?

Here are a few specific first steps:

  • Engage with a third party to complete a a cybersecurity audit at least once a year — signed off by the CEO and presented to the board of directors for its approval.
  • Ensure that auditors check all systems — including laptops, servers, and network devices (home office and in office) — to make sure they are both current in their patches and have a process to ensure that they stay current throughout the year.
  • Regularly train employees on cybersecurity best practices. This is vital, especially for remote team members.
  • Ensure that files are routinely backed up, with a frequency and location appropriate to the type of data.

These are but a few of the many steps an organization needs to take to be effective, or more literally, to help avoid a cybersecurity disaster that could not only harm its reputation, but actually put it out of business. Agree? Disagree? Please let me know!

Keith Huntoon
Author: Keith Huntoon

Keith Huntoon, President and Co-Founder of LiftEngine, has over 25 years of marketing, management, and business development expertise.

Related Posts

Image representing artificial intelligence.

5 Takeaways for the Future of AI in Nonprofit Marketing: A Discussion with 70 Leading Agencies and Nonprofit Consultants

April 9, 2024
Ben Deutsch
Blog

Technology has posed significant challenges and opportunities for nonprofits before, sparking innovation and change for direct-response fundraisers. Today, we stand at a similar crossroads with the emergence of generative AI. Recently The Nonprofit Alliance’s (TNPA) Direct Response Fundraising Counsel (ADRFCO) convened a roundtable discussion at the Nonprofit Fundraisers Symposium (presented by DMAW and TNPA), inviting the agency and partner perspectives on navigating AI. I’m grateful to have had the opportunity to facilitate the discussion. The attendees shared a tremendous wealth of knowledge, so I wanted to share my five key takeaways that offer a glimpse into the future of AI in nonprofit marketing and beyond.

Read more
Image with lightbulb and stacked coins on soil. Nature background.

Harnessing AI Responsibly: A Guide For Nonprofit Leaders

March 15, 2024
Amanda Nelson & John Robichaux
Blog

In a time where AI is becoming more important and influential in shaping all aspects of our lives, the question for nonprofit organizations has shifted from whether to use AI to how it can be used effectively and responsibly. Simply saying ‘no’ to AI is no longer viable; dismissing it as too overwhelming or complex undermines the potential for considerable mission advancement and societal impact. Now is the time for nonprofits and leaders alike to move beyond apprehension and embrace a holistic AI strategy that considers its ethical and responsible use across all facets of an organization.

Read more
Back To Top