Topics: Cyber Liability
There are several ways that nonprofits are prime targets for cyberattacks. Here are three of the most common risks associated with the business of charity:
While technology has made it much easier for nonprofits and charitable organizations to accept donations online, it has also made it that much simpler for a digital pickpocket to steal from the organization. While payment is easy for the customer, having an unsecured website could mean leaving an open avenue for a cyberattack.
Communicating with donors, partner organizations, and clients is a simple process today. Automated emails and newsletters keep interested parties aware of what's going on in the organization. But as you're responding to emails, you could be putting the organization at risk. Clicking a bad link, downloading a seemingly safe Word, Excel, or PowerPoint file, or even just opening a PDF file could put your hard-won funds at risk. Cybercriminals use phishing emails, a type of social engineering scam, in an attempt to obtain sensitive information. They may also install ransomware, or ransom malware, on a nonprofit's computer system, blocking access until they receive a sum of money or another action has been completed.
Volunteers share their time for many reasons, from being a surviving family member to wanting to give back to the local community. And while many volunteers have good intentions, there are a few that may volunteer their time to gain access to your data stores. Training time is short, onboarding an on-the-job process, and the bad guys can sometimes slip through the cracks, leaving your organization at risk for a cyberattack.
Nonprofit organizations are often a risk for cyberattacks because they may have fewer cybersecurity measures in place than other business types. Additionally, they collect a treasure trove of information on their volunteers and donors, from addresses and phone numbers to credit card details. While nonprofit cybersecurity risks cannot be avoided altogether, many cyberattacks can be prevented. Here are three of the best ways you can lower nonprofit cybersecurity risks:
Using encryption and a secure website helps protect information during online financial transactions. Whether accepting donations or accepting payment through an online store, protecting customer and company data should be a top concern for nonprofit cybersecurity
Using a secure server and network to collect, sort and transmit important donor information can help you keep your email communications secure. Email addresses, physical addresses, and other personal identification information can be used in a nonprofit cyberattack.
Starting the onboarding process with a criminal background check is one of the best ways to ensure your volunteers are there for good will. In addition to making sure you have the right people, be sure to train employees on cybersecurity at the beginning of their safety training to make sure there isn’t an accidental cyber breach.
Nonprofit organizations face unique risks, and that's why AmTrust Financial provides a variety of lines of insurance coverage specifically tailored to their needs. Our Nonprofit Management Liability policy, for example, includes D&O Liability, EPLI, Fiduciary Liability and Cyber Liability coverage. Our agents are able to address the specific challenges that nonprofits and government employers face. For more information about our nonprofit insurance, please contact us today. This material is for informational purposes only and is not legal or business advice. Neither AmTrust Financial Services, Inc. nor any of its subsidiaries or affiliates represents or warrants that the information contained herein is appropriate or suitable for any specific business or legal purpose. Readers seeking resolution of specific questions should consult their business and/or legal advisors. Coverages may vary by location. Contact your local RSM for more information.