This document discusses understanding the cyber threat landscape for nonprofits. It notes that nonprofits face a high risk of cyber intrusion due to complacency, lack of security expertise and budgets, and lack of independent security audits. Cybercriminals may target nonprofits for economic gain, hacktivism, personal information, or donor lists. Examples are given of past cyber attacks on nonprofits. Motivations of threat actors and potential impacts of security incidents are examined. Methods that could be used to damage nonprofits are outlined.
43. Security Measures for Nonprofits (Cont’d)
Teleconferencing
• Create Virtual Waiting Rooms
• Use unique meeting ID’s and Passwords
• Lock down your meeting (If Applicable)
Remote Work
• Use VPN (Virtual Private Networks)
• Use 2FA / MFA
Others
• In‐House CFI / Security
• Understand your Cyber Security Policy, e.g. what is REALLY
covering and under what terms and conditions
• Cloud: Use the right licensing to protect your staff and your
customers data, e.g. M5 vs O5 (Microsoft Example)
• Data Loss Prevention
• FIM Solution
• Threat & Intel