Join CTO and Nonprofit Cybersecurity expert Matthew Eshleman as he walks through the third annual Community IT Nonprofit Cybersecurity Incident Report. This report looks at the different types of attacks that occur at small and mid-sized nonprofit organizations. Is your nonprofit prepared? Matt also shares advice on security improvements that provide protection against the most common attacks. Learn the role of leadership in placing a value on cybersecurity preparedness for your nonprofit and the long term planning that should accompany your immediate assessment of your security risk. Matt touches on vendor hacks from 2020 including Blackbaud and SolarWinds and discusses steps your nonprofit should take to understand your risk level. Learn about real cyberattacks on nonprofit organizations and how they responded to these attempted hacks. Matt gives you the tools you need to protect your organization and staff from cybercrimes. Many of these tips you can put in place quickly and train your staff on immediately. Download the full report or view here: https://communityit.com/2021-nonprofit-cybersecurity-incident-download/

1. 2021 NONPROFIT
CYBERSECURITY INCIDENT
REPORT
Webinar
Series
February 2021

2. About Community IT
Advancing mission
through the effective
of technology.
100% Employee
Owned

3. Presenter
Matthew Eshleman
CTO

4. NONPROFIT
CYBERSECUR
ITY
INCIDENT
REPORT
2021
© 2021 Community IT Innovators, Inc. All Rights Reserved
February 2021 3rd Edition

5. Agenda
Cybersecurity landscape
Remote work
Our approach to cybersecurity
Types of incidents
Report data
Steps to secure your organization

6. CYBERSECURITY LANDSCAPE
Persistent and ongoing brute force
attacks on identities
Sophisticated spear phishing
Organizations targeted because of the
work they do
Attacks targeting vendors

7. Landscape
–
Nonprofit
Vendors
Impacted
MIP Ransomware attack
BoardSource Email Breach
Blackbaud Hosted Services
Ransomware attack Baltimore County
SolarWinds SUNBURST

9. Cybersecurity
Impacted by
COVID
• Increase in COVID-19 related Spam / Spear
phishing
• Weak home network security practices
• Potential for data leakage

10. Applicability
to more
remote
work
• Management / reporting harder
• Remote work opens up security holes
• Device management / MDM is critical
• Proactive planning pays off

11. OUR APPROACH TO CYBERSECURITY
PREDICTIVE
INTELLIGENCE
IDENTIT
Y
DATA
DEVICE
S
PERIMET
ER
WEB
SECURITY AWARENESS
SECURITY POLICY

12. Foundational
Cybersecurity
PRACTICES ANTIVIRUS
IT Policy
OS and THIRD-PARTY
PATCHING
Security Awareness
Training
WEB FILTERING
MFA

13. Threat
Actor
The entity perpetrating the attack, whether an
individual, cybercriminal network, corporate rival
or state sponsored adversary. Most often this will
be the external “bad guy” that sends the phishing
email or encrypts the files.

14. Incident
An event that compromises the integrity,
confidentiality or availability of an information
asset.

15. Breach
An incident that results in the confirmed
disclosure—
not just potential exposure—of data to an
unauthorized party.

16. Types of
incidents
• Spam: unwanted or inappropriate email
that is sent to a large number of recipients
• Malware: any type of malicious software,
usually reported by the end user as a slow
computer or strange pop-ups
• Account Compromise: unauthorized use of
a digital identity by someone other than
assigned user

17. Types of
incidents
• Spear phishing: scam using traditional
confidence scheme techniques combined with
email impersonation to extract funds through
illicit means
• Wire Fraud: any fraudulent or deceitful scheme
to steal money by using phone lines or
communications through electronic means
• Virus: a malicious piece of software that can
alter the way a computer works, typically
from one computer to another, often rendering
the computer and/or data unusable

18. Types of
incidents
• Supply Chain: an attack that is initiated
through a partner of the organization. Also
known as a value-chain or third-party attack.
• Advanced Persistent Threat: State-Sponsored
actor or criminal group focused on targeting a
specific organization or individual, operating
over a long period of time with a goal of
remaining undetected and exfiltrating data.
• Ransomware: a type of virus that has the
characteristic of encrypting files and then
demanding payment for decrypting the files.

19. 06
CYBERSECURITY INCIDENTS
Incident Count
Spam 368
Spear Phishing 183
Malware 95
Account Compromise 32
Virus 7
Advanced Persistent Threat 4
Ransomware 1
Wire fraud 0
Grand Total 690

20. Compare Year over Year
140
378
368
54 50
95
14
59
183
1
3
7
0 0
1
20
15
32
1 1
4
3 3
0
-5
0
5
10
15
20
25
30
35
0
50
100
150
200
250
300
350
400
450
2018 2019 2020
Spam Malware Spear Phishing Virus Ransomware Account Compromise Advanced Persistent Threat Wire fraud

21. Trends
Cybersecurity incidents continue to climb
Third party vendors / partners are a notable
threat vector broadly
MFA is extremely effective
Account compromise is still at a high level

22. Data
Analysis
• Advanced PersistentThreats are only increasing
efforts and targeting Policy Orgs andThinkTanks
• If an org has been compromised once, more
attacks are likely
• Social service organizations more susceptible to
Business Email Compromise
• MFA is effective in preventing account
compromise

23. Anatomy of an Attack
User clicks on
malicious link
Enters password
on site
Password used
to login to
account and
setup mail rules

24. SECURE YOUR
NETWORK
01
IMPLEMENT MULTI-FACTOR AUTHENTICATION
Protects against: account compromise
02
03
IMPLEMENT A SECURITY AWARENESS TRAINING
Protects against: email phishing, account compromise,
business email compromise and wire fraud.
Establish an IT Acceptable Use Policy
Protects against: misguided and misaligned IT Initiatives

25. Community IT
Cybersecurity
NIST Security Survey
Core Cybersecurity Assessment
Comprehensive Cybersecurity Assessment
Managed Cybersecurity Services
Cyber Liability Insurance
Incident Response

26. Let’s Talk:
Email: cybersecurity@communityIT.com for a complimentary DarkWeb
Scan to see what accounts are already compromised.
Meet: Books some time with me https://meetings.hubspot.com/meshleman

27. Upcomin
g
Webinar
Slack vsTeams
vs Zoom
Wednesday March 17
3:00 – 4:00 PM EDT

28. cybersecurity@communityit.com
© 2018 Community IT Innovators, Inc.
All Rights Reserved.
www.communityit.com
THANK
YOU!