Combating NFP cybercrime with a proactive cybersecurity strategy

Baker Tilly hosted our annual not-for-profit governance and fiscal workshop this past June, with one of our most attended sessions focused on cybersecurity and related fraud risks. Our presenters, Joe Shusko and Bernard Regan, delivered compelling examples, data and innovative ideas to assist not-for-profit (NFP) organizations in their defense against these types of crimes. If you missed the workshop or the session, you can view our on-demand recordings from each day. The top five notable lessons learned discussed from the session are below.

Connect with us for more information on our session or to discuss solutions tailored to your organization.

Takeaway 1: Be prepared

NFPs should create a detailed plan to be prepared in the event of a cyber-attack. Cyber-attacks are quick – and scary. Operating in these situations is stressful and most likely, organizations are unable to access their systems. Should your organization suffer an attack, having a plan (offline!) with contact information, steps, insurance policies and other critical information will be necessary. Once you have established a plan, don’t just leave it on the shelf, but periodically practice the plan to ensure familiarity, work out the kinks and update it as necessary. Doing an annual “table-top” exercise puts the plan in practice and is a proactive and productive way to ensure preparedness. Look into information sources such as cisa.gov for support you can tap into when developing your plan.

Takeaway 2: Be informed

Not-for-profit organizations need to be well-informed and diligently aware of current types of cybercrime being committed. With advancing technology and the advent of artificial intelligence (AI), yesterday’s crimes are often irrelevant and have been replaced.

Recommended resources to stay abreast of trends include: