You are doing a great job. You manage, support a small charity, not for profit organisation and love what you do.
Your primary focus is to get as much done for your charity. It could be donations, volunteers or grants but all for your primary charity focus.
Your whole role is to make sure that as much money goes through to the people in need.
Now I want you to step back and answer a couple of questions.
- What would happen to all those good intentions if you got hacked?
- How many of your supporters would you lose if you got hacked?
- What would happen to your reputation if you got hacked?
But, it would not happen to you, would it?
Let me tell you a not so secret secret!
You are a target!
Maybe not a target of a full-blown black hat attack but you are a target none the less. The analogy that I use is “what is the chance that a black belt martial arts person is going to beat you up?” Probably very remote!
When it comes to a cyber event, the black hat attacker is not the problem.
The problem is the hugely available and easy to use automated systems that are available for any person with an inclination to use them.
These automated systems create malware, deliver it, track it, monitor it, manage the stages of an attack and manage and control the money being made. All a “ hacker” has to do is be willing and ethically capable and pull that trigger.
The risk to your charity organisation is significant.
Our attitude to the digital world as it is just a tool and anyone can use it is having a huge negative impact on business because it is not.
I can guarantee that your charity has a board, it has used a legal company for the structure and has an accountant to look at the books, but the most essential component of the organisation is what you put into the digital world.
From desktop computers to smart devices and cloud-based systems and services, the digital world is all around us.
We treat it like the normal world, that is bad. Theft in the real world is seen and actioned, in the digital world it is not. I could have access to all of your data and you may not even know it is happening.
You need to talk to a MBSSP to bring your organisation to a level where your business security will protect the organistion, the data, the users but most importantly your clients, volunteers and supporters.
Without them you cannot function as a charity, and all your good intentions will disappear