Staff of the In Trust Center recently attended a webinar on cyber security for nonprofit organizations. The webinar was provided by the Delaware Small Business Development Center and presented by Michelle Wang, assistant director of information security administration for the Board of Pensions of the Presbyterian Church. Although the webinar was presented for an audience of Delaware nonprofits, the information provided is pertinent to any organization that would like to improve their cyber security efforts.
The webinar was an excellent overview for people who may not know much about cyber threats and security. Wang covered topics such as “What are cybercriminals after?” (Answer: personal and confidential information, access to client networks, and organizational resources). She also addressed the top areas of weakness in organizational cybersecurity, including absence of an information security policy, failure to secure devices, and lack of employee awareness and training.
In response to these concerns, Wang provided a basic list of to-dos for organizational leaders to accomplish, including creating an information security policy and developing procedures for employees, contractors, and outside stakeholders for accessing technology.
Many institutions have dedicated information technology support that deals with these types of issues; however, this webinar made it clear that everyone – including administration, board members, and faculty – is responsible for maintaining cybersecurity. For administrators and board members, this may mean collaborating with information security experts to create information technology policies for employees and students; and for all institutional stakeholders, it means making sure you are personally aware of security policies. And then adhering to them.
For information on what to do, see the resources below, which were provided by the webinar presenters.
Also, we’d like to hear what your school has already done to protect yourself from cyber threats. What policies or procedures do you have in place, and how are they enforced?
Cybersecurity Resources List
SBDC Cybersecurity White Paper