SlideShare a Scribd company logo

Nonprofit Cybersecurity Incident Report

Community IT Innovators
Community IT Innovators

Join CTO Matthew Eshleman as he walks through the inaugural Nonprofit Cybersecurity Incident Report from Community IT Innovators. This report looks at the different types of attacks that occur at small and mid-sized organizations. He also shares advice on security improvements that provide protection against the most common attacks. Learn the role of leadership in placing a value on cybersecurity preparedness for your nonprofit and the long term planning that should accompany your immediate assessment of your security risk. For the video of the presentation or to subscribe to future webinars: https://www.communityit.com/connect-with-us/webinars/

Technology
1 of 19
Download to read offline
Nonprofit Incident Report Webinar Series March 2019
Survey Questions • How confident are you with your organization’s cybersecurity? • Very / somewhat / not at all • Who’s responsible for cybersecurity in your organization? • Me / IT Department / Operations / No one • Do you have a plan to improve cybersecurity at your org? • Yes, underway / Waiting on Approval / Just getting started / Nope
About Community IT Advancing mission through the effective use of technology. 100% Employee Owned
Presenter Matthew Eshleman CTO
NONPROFIT CYBERSECURITY INCIDENT REPORT 2018 © 2019 Community IT Innovators, Inc. All Rights Reserved February 2019 1st Edition
Agenda Cybersecurity landscape Our approach to cybersecurity Types of incidents Report data Steps to secure your organization
CYBERSECURITY LANDSCAPE Persistent and ongoing brute force attacks on identities Sophisticated spear phishing 68% of Nonprofits don’t have an Incident Response Plan Breach response for a small to medium business is $149,000
PREDICTIVE INTELLIGENCE IDENTITY DATA DEVICES PERIMETER WEB SECURITY AWARENESS SECURITY POLICY OUR APPROACH TO CYBERSECURITY
BASELINE INFRASTRUCTURE SECURITY PRACTICES OS UPDATES THIRD PARTY PATCHING BIOS AND DRIVER UPDATES ANTIVIRUS WEB FILTERING
Incident An event that compromises the integrity, confidentiality or availability of an information asset.
Breach An incident that results in the confirmed disclosure— not just potential exposure—of data to an unauthorized party.
Types of incidents • Email Phishing: a social engineering attack that attempts to get a user to click on a link that goes to a malicious site that contains malware or steals credentials • Malware: any type of malicious software, usually reported by the end user as a slow computer or strange pop-ups • Account Compromise: unauthorized use of a digital identity by someone other than the assigned user
Types of incidents • Business Email Compromise: scam using traditional confidence scheme techniques combined with email impersonation to extract funds through illicit means • Wire Fraud: any fraudulent or deceitful scheme to steal money by using phone lines or electronic communications through electronic means • Virus: a malicious piece of software that can alter the way a computer works, typically spread from one computer to another, often rendering the computer and/or data unusable
Types of incidents • Supply Chain: an attack that is initiated through a partner of the organization. Also known as a value-chain or third-party attack. • Advanced Persistent Threat: State-Sponsored actor or criminal group focused on targeting a specific organization or individual, operating over a long period of time with a goal of remaining undetected and exfiltrating data. • Ransomware: a type of virus that has the characteristic of encrypting files and then demanding payment for decrypting the files.
06 CYBERSECURITY INCIDENTS INCIDENT TYPE COUNT OF INCIDENTS COUNT OF SAMPLE % OF SAMPLE EXPERIENCE INCIDENT 1. Email Phishing 140 41 26% 2. Malware 54 39 25% 3. Account Compromise 20 18 12% 4. Business Email Compromise 14 13 8% 5. Wire fraud 3 3 2% 6. Virus 1 1 1% 7. Advanced Persistent Threat 1 1 1% 8. Supply Chain 0 0 0% 9. Ransomware 0 0 0% Grand Total 233 116 50%
SECURE YOUR NETWORK 01 IMPLEMENT MULTI-FACTOR AUTHENTICATION Protects against: account compromise 02 IMPLEMENT A SECURITY AWARENESS TRAINING PROGRAM Protects against: email phishing, account compromise, business email compromise and wire fraud. 03 HAVE A COMPREHENSIVE DEVICE MANAGEMENT PLAN Protects against: malware, account compromise, viruses, advanced persistent threats 04 GET A SECURITY ASSESSMENT Protects against: investing in security solutions that do not have a clear ROI
Let’s Talk: Email: cybersecurity@communityIT.com Schedule a meeting: https://outlook.office365.com/owa/calendar/Cybersecurity@communityit.com/bookings/
Upcoming Webinar Working with an outsourced IT Manager Wednesday April 25 3:00 – 4:00 PM EST
cybersecurity@communityit.com © 2018 Community IT Innovators, Inc. All Rights Reserved. www.communityit.com THANK YOU!

Recommended

Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarCommunity IT Innovators
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The Growing Threat of Ransomware
The Growing Threat of RansomwareThe Growing Threat of Ransomware
The Growing Threat of RansomwareZerto
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 

Recommended

Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threatsTIKAJ
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the CloudAlert Logic
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarCommunity IT Innovators
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
The Growing Threat of Ransomware
The Growing Threat of RansomwareThe Growing Threat of Ransomware
The Growing Threat of RansomwareZerto
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYharsh arora
 
Cyber security
Cyber securityCyber security
Cyber securityvishakha bhagwat
 
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh... "Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...e-SIDES.eu
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Cyber security
Cyber securityCyber security
Cyber securityRIPPER95
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber securityTevfik Üret
 
Website security
Website securityWebsite security
Website securityRIPPER95
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack MethodologiesGeeks Anonymes
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismRaheela Patel
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security TermsSuryaprakash Nehra
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorismAccenture
 
2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 

More Related Content

What's hot

"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh... "Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...e-SIDES.eu
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Cyber security
Cyber securityCyber security
Cyber securityRIPPER95
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber securityTevfik Üret
 
Website security
Website securityWebsite security
Website securityRIPPER95
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack MethodologiesGeeks Anonymes
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsVeriato
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorismAccenture
 

What's hot (20)

CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security
Cyber securityCyber security
Cyber security
 
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh... "Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
"Towards Value-Centric Big Data" e-SIDES Workshop - “You’re monitoring my wh...
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber security
 
Website security
Website securityWebsite security
Website security
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack Methodologies
 
Fraud Detection With User Behavior Analytics
Fraud Detection With User Behavior AnalyticsFraud Detection With User Behavior Analytics
Fraud Detection With User Behavior Analytics
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security Terms
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
 

Similar to Nonprofit Cybersecurity Incident Report

2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats5 Key Findings on Advanced Threats
5 Key Findings on Advanced ThreatsHannah Jenney
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptxxanparker
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsCommunity IT Innovators
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxSharmilaMore5
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsHappiest Minds Technologies
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
cyber terrorism
cyber terrorism cyber terrorism
cyber terrorism Accenture
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Rahul Neel Mani
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistancePaul-Charife Allen
 
Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemChinmayee Behera
 

Similar to Nonprofit Cybersecurity Incident Report (20)

2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment Basics
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
cyber terrorism
cyber terrorism cyber terrorism
cyber terrorism
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
 
CS 1.ppt
CS 1.pptCS 1.ppt
CS 1.ppt
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
Cyber security do your part be the resistance
Cyber security do your part be the resistanceCyber security do your part be the resistance
Cyber security do your part be the resistance
 
Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent Them
 

More from Community IT Innovators

Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Community IT Innovators
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Community IT Innovators
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Community IT Innovators
 
2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends RoundtableCommunity IT Innovators
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019Community IT Innovators
 
5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your OrganizationCommunity IT Innovators
 
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowServer 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowCommunity IT Innovators
 
What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?Community IT Innovators
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Innovators
 
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Community IT Innovators
 
Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators
 
Selecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastSelecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastCommunity IT Innovators
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsCommunity IT Innovators
 

More from Community IT Innovators (20)

Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for Nonprofits
 
SharePoint Online for Nonprofits
SharePoint Online for NonprofitsSharePoint Online for Nonprofits
SharePoint Online for Nonprofits
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?
 
2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019
 
5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization
 
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowServer 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
 
What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT Manager
 
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
 
Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019
 
Selecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastSelecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes Last
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for Nonprofits
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best Practices
 
Nonprofit Development, Meet Accounting!
Nonprofit Development, Meet Accounting!Nonprofit Development, Meet Accounting!
Nonprofit Development, Meet Accounting!
 
IT Management Fundamentals
IT Management FundamentalsIT Management Fundamentals
IT Management Fundamentals
 
Encryption 101 for Nonprofits
Encryption 101 for NonprofitsEncryption 101 for Nonprofits
Encryption 101 for Nonprofits
 

Recently uploaded

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Nonprofit Cybersecurity Incident Report

  • 2. Survey Questions • How confident are you with your organization’s cybersecurity? • Very / somewhat / not at all • Who’s responsible for cybersecurity in your organization? • Me / IT Department / Operations / No one • Do you have a plan to improve cybersecurity at your org? • Yes, underway / Waiting on Approval / Just getting started / Nope
  • 3. About Community IT Advancing mission through the effective use of technology. 100% Employee Owned
  • 5. NONPROFIT CYBERSECURITY INCIDENT REPORT 2018 © 2019 Community IT Innovators, Inc. All Rights Reserved February 2019 1st Edition
  • 6. Agenda Cybersecurity landscape Our approach to cybersecurity Types of incidents Report data Steps to secure your organization
  • 7. CYBERSECURITY LANDSCAPE Persistent and ongoing brute force attacks on identities Sophisticated spear phishing 68% of Nonprofits don’t have an Incident Response Plan Breach response for a small to medium business is $149,000
  • 8. PREDICTIVE INTELLIGENCE IDENTITY DATA DEVICES PERIMETER WEB SECURITY AWARENESS SECURITY POLICY OUR APPROACH TO CYBERSECURITY
  • 9. BASELINE INFRASTRUCTURE SECURITY PRACTICES OS UPDATES THIRD PARTY PATCHING BIOS AND DRIVER UPDATES ANTIVIRUS WEB FILTERING
  • 10. Incident An event that compromises the integrity, confidentiality or availability of an information asset.
  • 11. Breach An incident that results in the confirmed disclosure— not just potential exposure—of data to an unauthorized party.
  • 12. Types of incidents • Email Phishing: a social engineering attack that attempts to get a user to click on a link that goes to a malicious site that contains malware or steals credentials • Malware: any type of malicious software, usually reported by the end user as a slow computer or strange pop-ups • Account Compromise: unauthorized use of a digital identity by someone other than the assigned user
  • 13. Types of incidents • Business Email Compromise: scam using traditional confidence scheme techniques combined with email impersonation to extract funds through illicit means • Wire Fraud: any fraudulent or deceitful scheme to steal money by using phone lines or electronic communications through electronic means • Virus: a malicious piece of software that can alter the way a computer works, typically spread from one computer to another, often rendering the computer and/or data unusable
  • 14. Types of incidents • Supply Chain: an attack that is initiated through a partner of the organization. Also known as a value-chain or third-party attack. • Advanced Persistent Threat: State-Sponsored actor or criminal group focused on targeting a specific organization or individual, operating over a long period of time with a goal of remaining undetected and exfiltrating data. • Ransomware: a type of virus that has the characteristic of encrypting files and then demanding payment for decrypting the files.
  • 15. 06 CYBERSECURITY INCIDENTS INCIDENT TYPE COUNT OF INCIDENTS COUNT OF SAMPLE % OF SAMPLE EXPERIENCE INCIDENT 1. Email Phishing 140 41 26% 2. Malware 54 39 25% 3. Account Compromise 20 18 12% 4. Business Email Compromise 14 13 8% 5. Wire fraud 3 3 2% 6. Virus 1 1 1% 7. Advanced Persistent Threat 1 1 1% 8. Supply Chain 0 0 0% 9. Ransomware 0 0 0% Grand Total 233 116 50%
  • 16. SECURE YOUR NETWORK 01 IMPLEMENT MULTI-FACTOR AUTHENTICATION Protects against: account compromise 02 IMPLEMENT A SECURITY AWARENESS TRAINING PROGRAM Protects against: email phishing, account compromise, business email compromise and wire fraud. 03 HAVE A COMPREHENSIVE DEVICE MANAGEMENT PLAN Protects against: malware, account compromise, viruses, advanced persistent threats 04 GET A SECURITY ASSESSMENT Protects against: investing in security solutions that do not have a clear ROI
  • 17. Let’s Talk: Email: cybersecurity@communityIT.com Schedule a meeting: https://outlook.office365.com/owa/calendar/Cybersecurity@communityit.com/bookings/
  • 18. Upcoming Webinar Working with an outsourced IT Manager Wednesday April 25 3:00 – 4:00 PM EST
  • 19. cybersecurity@communityit.com © 2018 Community IT Innovators, Inc. All Rights Reserved. www.communityit.com THANK YOU!