Why Nonprofits Might Be at Higher Risk for Cyberattacks

Cyberattacks On Nonprofits

Today’s society is one where any organization operating online is theoretically at risk for cyberattacks.

Such incidents could tarnish reputations, result in profit and data losses and even get so severe that they force the attacked organizations to shut down due to the damage caused. Nonprofit companies are not at a reduced risk of hacks. On the other hand, they may face an elevated risk for numerous reasons.

Nonprofits Are Not Adequately Prepared for Hacks

A 2016 survey found that 66 percent of the nonprofits polled did not plan to increase their data security spending. Moreover, nearly half of the respondents had not assessed their online risk factors in the past year.

Also, nonprofits often don’t adequately gauge the costs of having to temporarily shut down due to cyberattacks. If their websites get taken offline, people can’t find them in Google searches, and individuals may hesitate to donate money after hearing about Vulnerabilities.

Nonprofits may also get caught in the tricky situation of deciding whether to give into hackers’ demands to get their files back in the case of a ransomware attack. If they decide to pay money in hopes of receiving the records, the costs likely cause financial burdens. Or, they may lose time and productivity by restoring lost files.

Nonprofits May Not Feel Compelled to Put Their Funds Towards Cybersecurity

Data from the 2016 NetDiligence Cyber Claims study found the average number of records seized in a nonprofit cyberattack was more than 12,000. That statistic shows if nonprofits believe that hackers will not do significant damage during an attack, or worse, are under the impression that cybercriminals won’t target them, they may face a surprise.

However, many nonprofits are cash-strapped and want to do everything they can to fulfill the missions of their organizations. Such a mindset means cybersecurity may not fit into the equation when they figure out their budgets for the year.

The Nonprofit Finance Fund’s 2018 State of the Nonprofit Sector Survey also revealed only 26 percent of nonprofits achieved break-even financing in 2017. It also showed a growing uncertainty about being able to meet the needs of service users this year. Both of those things suggest nonprofits may not feel encouraged to invest in cybersecurity before it’s too late.

Nonprofits Often Struggle to Meet Human Resource Needs

Nonprofits frequently operate with bare-bones teams, and they may not have on-site IT team members. On a positive note, some vendors that cater to the nonprofit sector offer secure software options that meet needs such as volunteer management. If nonprofits cannot afford to hire full-time IT experts, the next best thing is to keep their software updated and choose vendors that prioritize security.

Outsourcing is another possibility that could fill the void for IT experts at nonprofits. In any case, the lack of staffing means that people often fill many roles. And, if they need to engage in a team effort to recover data or otherwise get back on track after a cyber incident, it’s not difficult to imagine how an already-busy team could get even more swamped during the aftermath.

When Little Red Door, a nonprofit from Indiana, got hacked, one of the people who helped resume operations afterward was going through chemotherapy for breast cancer while assisting with the file recovery process. She kept up a cheerful attitude during the ordeal but personified the hard work involved in coming back from a hack.

Nonprofits Do Not Believe They Have Valuable Data

Another pervasive myth in the nonprofit sector is that nonprofits do not have any information hackers would want. However, consider that since they accept donations, most nonprofits likely have credit card information kept on file. Statistics indicate that credit card information could sell on the Dark web for more than 0.

Also, even if hackers get less-valuable information such as emails, they could bombard their victims with advertising, phishing attempts and other kinds of unwanted emails. The simple but dangerous belief that a nonprofit organization does not have information useful to hackers could raise the threat of a cyberattack, mainly if groups do not know best practices for keeping their data safe.

It’s Time for a Changed Mindset

The points above are not the only reasons why nonprofits are often at a higher-than-average risk for being hit by cybercriminals. But, they highlight how nonprofits frequently have assumptions that don’t match what statistics show. Then, those faulty conclusions could leave organizations reeling after hackers orchestrate attacks.

Nonprofit representatives must take action to alter their mindsets and realize that now is the time to focus on cybersecurity throughout organizations. Only then can such groups make substantial progress for keeping hackers at bay.

By Kayla Matthews

Matt Holleran

Cloud Marketplaces Give Startups A Leg Up – Part 2

Cloud Marketplaces In my last post, Cloud Platforms, Marketplaces, and Startups Part One, I examined the proliferation of partner ecosystems within the cloud software business, beginning with Salesforce AppExchange. Here, we’ll look at how startups ...
Signal Messenger: How to Successfully Resist Wiretapping Attempts

Signal Messenger: How to Successfully Resist Wiretapping Attempts

Successfully Resist Wiretapping Attempts Against the backdrop of events in the US, the popularity of the Signal secure messenger has grown sharply - from 6,000 to 26,000 downloads per day. This software uses strong cryptography ...
Karen Gondoly

Lessons Learned When Moving to the Cloud

Moving to the Cloud Lessons At Leostream, we work with organizations around the globe that are moving workloads to the cloud. These organizations span a wide range of industries, vary in company size, and typically ...
Patrick Joggerst

Payments Companies Will Always See ROI on Embedded Real Time Communications

ROI on Embedded Real Time Communications Without secure, real time communications applications, the financial services industry could literally come to a standstill. While transactions are driven by data, the human voice and human messaging continues ...
François Amigorena

SMB’s perceptions of Cloud Storage Security

Data Storage Security The use of cloud storage is on the increase. However, SMBs are still suspicious about it. Actually, 61% of SMBs believe their data in unsafe in the cloud. Why are those perceptions ...
Jen Klostermann

Telemedicine to medical smartphone applications

Telemedicine to medical smartphone applications With the current and growing worldwide concerns regarding the Coronavirus (COVID 19). Telemedicine is more important now than ever. What are some of the key areas in the coming years ...