Nonprofits: The Surprising Target of Cybercriminals


According to a new report from BitSight, a cybersecurity rating company, nonprofits have been hit with more cyber attacks than any other type of organization in the past year. The report found that nonprofits were hit with an average of 5.7 cyber attacks in the past year, which is nearly double the rate of attacks faced by other types of organizations.

So why are nonprofits such a prime target for cybercriminals? Well, there are a few reasons.

While nonprofits aren’t known for being the most technologically advanced type of organizations there are, it’s a misconception to assume that they don’t care about security. Given that nonprofits and mission-based organizations are frequently transacting in donations, they are actually prime targets for threat actors. Anyone who has ever donated any money to any nonprofit should care about how secure those organizations are - they have our personal and financial info!

In addition, many nonprofits might be using outdated technology and software, which can make them even more vulnerable to cyber-attacks. And finally, Nonprofits often don’t prioritize their resources to invest in robust cybersecurity measures, which makes them an easy target for cybercriminals.

So what can you do to protect yourself and your organization from being targeted by cybercriminals?

*** Cover your Basics**

For starters, it’s important to be aware of the risks and to educate yourself and your staff on best practices. Using organizational-wide measures like a password manager or 2FA can provide an important first line of defense for your team.

*** Audit your ecosystem**

A good place to start, a technology and systems audit can go a long way towards understanding the true scope of your IT security needs. Retiring old machines, running patches, and software updates, and refreshing passwords to use more security login procedures are all fairly simple safety measures your team can take.

*** Don’t be scared to ask for help**

When it comes to staying current on cybersecurity happenings, it is very easy to get lost in the verbiage, vulnerabilities, and vast amount of information that’s available. That’s why we created the member forum for nonprofits like you. At Sightline, we gather and dissect relevant cybersecurity news, alerts, weekly patch report, and best practices, then translate them into language that is easy to understand without the technical jargon.

If you’re a nonprofit leader, know that you’re not alone in this - plenty of people and resources are available to help you protect your organization from becoming a victim of a cyber attack.

Cybersecurity shouldn’t be a special project!

Read more in the Sightline Security Member Forum