PIRC Releases Guide on Cybersecurity for Nonprofits Facing Compliance Demands

Share Article

Cybersecurity Consulting firm offers guidance in its new white paper “Pillars of Cyber-Risk Management For Nonprofits"

News Image
Cyber threats, particularly ransomware, can swiftly take a viable, respected nonprofit and turn the organization upside down.

New York-based Partners in Regulatory Compliance (PIRC), which provides answers to the growing, complex need for cybersecurity in organizations facing strict regulatory compliance controls, has released a new white paper geared to help nonprofits with cybersecurity challenges unique to that vertical.

Nonprofits of all sizes and types, but particularly those with less robust budgets for IT spend, have found themselves increasingly vulnerable to the explosive new levels of cybercrime that have accompanied the other challenges of the COVID pandemic. While always a serious threat, cyberattacks during today’s economic uncertainty can have a catastrophic impact on smaller nonprofit organizations, including reputation damage, exposure of data from both the nonprofit and its donors, and ultimately, regulatory punishment.

“Cyber threats, particularly ransomware, can swiftly take a viable, respected nonprofit and turn the organization upside down,” explains Daniel J. Haurey, founding member of PIRC. “In this white paper, we outline cybersecurity steps every nonprofit should take—either internally or with the support of a partner—to protect themselves, their data and the personal donor information they have been entrusted with. Failure to do so can quite literally cost them everything.”

In this guide on cybersecurity for nonprofits, PIRC experts outline the four pillars of cyber-risk management and offers guidance on how to protect your organization:

1.    Conduct an end-to-end IT assessment of all organizational data and network devices, determining levels of risk tolerance around each type of data and device.

2.    Undergo threat modeling to determine potential threats and corresponding vulnerabilities, evaluate and understand the seriousness of each, and then prioritize options for protecting the organization across each scenario.

3.    Identify the state and federal regulations your nonprofit is subject to and understand what level of institutional, donor and personnel data exposure could spark regulatory scrutiny and potential disciplinary actions.

4.    Create a written incident response plan that outlines your organization’s response to a data breach, including detecting a breach, the members of your crisis response team, an overview for both internal and external communications, and the necessary steps to remediate the damage.

“While cyberattacks are increasingly inevitable, this simple but thorough handbook provides nonprofits with an outline to start enhancing their cybersecurity stance with a focus on advanced preparations that can mean the difference between a full shutdown of business and the opportunity to navigate a cyber incident with minimal damage,” said Haurey. The white paper also includes suggestions for improving a nonprofit’s security stance within the typically tight budgets of nonprofit organizations.

Download the cybersecurity for nonprofits white paper free of charge.

To learn more about PIRC, visit https://piregcompliance.com

About PIRC
Partners in Regulatory Compliance (PIRC) provides an array of cybersecurity services including policy management, risk assessments, employee training, and regulatory compliance assistance to nonprofit organizations. PIRC is a cybersecurity consultancy that provides innovative answers to the growing, complex need for cybersecurity in nonprofit organizations facing strict regulatory compliance controls. By addressing the full range of digital and human threats to create a compliant, secure environment, PIRC ensures customers are meeting their professional, ethical and legal commitment to protect the sensitive data they work with and store on behalf of their clients.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Daniel J. Haurey
@piregcompliance
Follow >
Partners in Regulatory Compliance
Like >
Visit website