Webinar
Cybersecurity challenges for not-for-profits: your questions answered
June 26, 2015 · Authored by Mike Cullen
In a recent webinar, Cybersecurity challenges for not-for-profits, the following topics were discussed:
- The impact of data breaches to organizations
- How cyber criminals are attacking your organization
- Developing and formalizing an incident/breach response plan
- What your organization can do to reduce cybersecurity risks
- The role of the board in cyber-risk oversight
As mitigating cyber risks is top of mind, cyber specialist Mike Cullen answered a few questions that many organizations are asking. These answers can help you raise awareness about cyber risks within your organization and start developing a plan to address the risks.
How do I know where to focus my resources and efforts when assessing my organizations cybersecurity landscape?
- Begin with a risk assessment to identify the bigger risk areas and items that may exist within your organization
- Perform walkthroughs with key information technology (IT) professionals, business users, and other leaders to understand their cybersecurity practices
- Risk rank gaps in practices to determine where to focus your time and resources to address your risks
How can I raise awareness within my organization about cybersecurity and the risks that exist?
- Begin at the top – Build a security culture that encompasses all departments and operations since cybersecurity is not an IT issue, it is an organizational issue
- Advance your knowledge – Stay up to date with cybersecurity leading practices and standards (e.g., NIST, SANS, ISACA)
- Establish governance – Outline responsibilities for monitoring, evaluating, and reporting risks, both within the organization (especially senior management) and to regulatory agencies and industry organizations
- Conduct ongoing training – Ongoing education and training for all employees is critical to an overall risk management and cybersecurity strategy
