Artwork

Community IT Innovators에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Community IT Innovators 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!

Nonprofit Data Retention Policy and Cybersecurity Basics with Ian Gottesman

34:11
 
공유
 

Manage episode 475229077 series 2810457
Community IT Innovators에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Community IT Innovators 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.

Ian Gottesman is CEO of a coalition of 200+ NGOs and 20 major IT companies working together to improve cybersecurity for the nonprofit sector (NGO ISAC). He has decades of experience in executive roles in nonprofit cybersecurity in a variety of organizations.

In these challenging times for the nonprofit sector generally, many nonprofits are taking a harder look at their cybersecurity policies to better protect their organization and staff. Community IT recommends getting to a foundational level of basic cybersecurity, and you can download our free Cybersecurity Readiness for Nonprofits Playbook to learn what that means and how to put those basics in place.

Three cybersecurity basics to think about: manage your identity, patch your hardware and software, and look out for phishing – train your staff. You will get 80% protection from just doing those three low cost things – why would you want to get 0%?

When your cybersecurity basics are in place, Ian recommends strengthening your nonprofit data retention policy and compliance as your first next step. Again, this is low cost in terms of your budget, but will have costs to your organization in terms of staff time and energy. So let this challenging moment motivate your team to take on a sorting-and-retaining-or-deleting project.

Some Key Takeaways:

  • Cybersecurity Basics are not difficult and protect you from 80% of hacks.
    • Manage your identity. Accounts must be protected, your staff should be verifying they are who is supposed to be logging in.
    • Patch your hardware and software. The easiest way to do this is reboot – log out, restart, and log back in periodically. Your IT provider or internal IT staff should be patching as part of your cybersecurity strategy.
    • Look out for phishing – train your staff. More than 90% of attacks start out tricking a user into clicking a link. For more information on anti-phishing training, check out this webinar on Cybersecurity Awareness Training Tips.
  • Cybercrimes are crimes.
    • Don’t feel that you were responsible for your own victimization. Clicking on links happens. Huge companies fall for scams. Encourage a culture of openness and sharing around cybersecurity best practices and incident response planning.
    • Make sure your nonprofit culture embraces a team approach to cybersecurity, and that everyone on your staff knows to tell someone when they see something suspicious or make a mistake, and who to tell.
    • Holding cybercriminals accountable in every country should be a bigger goal for our governments and our laws.
  • Nonprofit Data Retention Policy is a valuable project now.
    • Remind your staff not to put in writing in any device or app something they would not want to be public about your organization
    • Creating and monitoring compliance with a nonprofit data retention policy does not require expensive tools but it does require the time and energy of your staff. Avoiding unnecessary reputational risks is worth it.
    • Make sure your nonprofit data retention policy covers emails and messaging in addition to documents and files.

_______________________________
Start a conversation :)

Thanks for listening.

  continue reading

249 에피소드

Artwork
icon공유
 
Manage episode 475229077 series 2810457
Community IT Innovators에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Community IT Innovators 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.

Ian Gottesman is CEO of a coalition of 200+ NGOs and 20 major IT companies working together to improve cybersecurity for the nonprofit sector (NGO ISAC). He has decades of experience in executive roles in nonprofit cybersecurity in a variety of organizations.

In these challenging times for the nonprofit sector generally, many nonprofits are taking a harder look at their cybersecurity policies to better protect their organization and staff. Community IT recommends getting to a foundational level of basic cybersecurity, and you can download our free Cybersecurity Readiness for Nonprofits Playbook to learn what that means and how to put those basics in place.

Three cybersecurity basics to think about: manage your identity, patch your hardware and software, and look out for phishing – train your staff. You will get 80% protection from just doing those three low cost things – why would you want to get 0%?

When your cybersecurity basics are in place, Ian recommends strengthening your nonprofit data retention policy and compliance as your first next step. Again, this is low cost in terms of your budget, but will have costs to your organization in terms of staff time and energy. So let this challenging moment motivate your team to take on a sorting-and-retaining-or-deleting project.

Some Key Takeaways:

  • Cybersecurity Basics are not difficult and protect you from 80% of hacks.
    • Manage your identity. Accounts must be protected, your staff should be verifying they are who is supposed to be logging in.
    • Patch your hardware and software. The easiest way to do this is reboot – log out, restart, and log back in periodically. Your IT provider or internal IT staff should be patching as part of your cybersecurity strategy.
    • Look out for phishing – train your staff. More than 90% of attacks start out tricking a user into clicking a link. For more information on anti-phishing training, check out this webinar on Cybersecurity Awareness Training Tips.
  • Cybercrimes are crimes.
    • Don’t feel that you were responsible for your own victimization. Clicking on links happens. Huge companies fall for scams. Encourage a culture of openness and sharing around cybersecurity best practices and incident response planning.
    • Make sure your nonprofit culture embraces a team approach to cybersecurity, and that everyone on your staff knows to tell someone when they see something suspicious or make a mistake, and who to tell.
    • Holding cybercriminals accountable in every country should be a bigger goal for our governments and our laws.
  • Nonprofit Data Retention Policy is a valuable project now.
    • Remind your staff not to put in writing in any device or app something they would not want to be public about your organization
    • Creating and monitoring compliance with a nonprofit data retention policy does not require expensive tools but it does require the time and energy of your staff. Avoiding unnecessary reputational risks is worth it.
    • Make sure your nonprofit data retention policy covers emails and messaging in addition to documents and files.

_______________________________
Start a conversation :)

Thanks for listening.

  continue reading

249 에피소드

모든 에피소드

×
 
Loading …

플레이어 FM에 오신것을 환영합니다!

플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.

 

빠른 참조 가이드

탐색하는 동안 이 프로그램을 들어보세요.
재생