This document outlines Michael Enos' presentation on creating a culture of security. The presentation introduces common cyber threats facing non-profits, such as ransomware, DDoS attacks, and malware. It then discusses the NIST Cybersecurity Framework and how TechSoup has implemented it to identify, protect, detect, respond to, and recover from cyber incidents. The framework guides TechSoup's asset management, risk assessment, access control, data security, and monitoring practices. The presentation concludes by listing additional cybersecurity resources available to non-profits.
7. NIST
Cybersecurity Framework
• What is the Framework?
• The Framework is voluntary guidance, based on
existing standards, guidelines, and practices for
organizations to better manage and reduce
cybersecurity risk. In addition to helping
organizations manage and reduce risks, it was
designed to foster risk and cybersecurity
management communications amongst both
internal and external organizational stakeholders.
9. o Asset Management
o Business Environment
o Governance
o Risk Assessment
o Risk Management Strategy
o Access Control
o Training and Awareness
o Data Security
o Information Protection Processes
o Maintenance
10. o Anomalies and Events
o Security Continuous
Monitoring
o Detection Processes
o Response Planning
o Communications
o Analysis
o Mitigation
13. Resources
• National Cyber Awareness System bulletins from the
Cybersecurity and Infrastructure Security Agency.
• Both Google and Microsoft update their security-
related blogs frequently and are a great resource
even if your organization does not use these
platforms.
• Security-focused firms that have excellent technical
coverage of cyberthreats include Volexity, Rapid7,
and Trend Micro. KrebsOnSecurity is a very well-
known and respected leader in journalistic coverage
of cybersecurity. Zero Day, from the journal ZDNet,
and Threatpost are other excellent online resources
for staying informed about the cybersecurity threat
landscape.
• https://www.techsoup.org/security Leverage your
engagement with Techsoup through the generous
partnership of our Corporate Donors such as Cisco,
Microsoft, Norton, Avast, and Bitdefender.