Sign up to save your podcasts
Or
Share How to Respond to a Cybersecurity Incident at a Nonprofit with David Dawson
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How to Respond to a Cybersecurity Incident at a Nonprofit with David Dawson
Does your nonprofit know what to do when a staff person clicks on a suspicious email and instantly regrets it?
David Dawson is a Senior Engineer at Community IT on the escalation team for our help desk. Recently he led the response to a cybersecurity incident at a nonprofit client. In this Community IT podcast, he answers Carolyn’s questions about the flow of the response, best practices, and gives tips on how your nonprofit can be prepared to respond to phishing or hacking attempts.
Knowing who to call and how to respond to a cybersecurity incident at a nonprofit can be the difference that makes a quick and complete recovery.
The takeaways:
- When staff know what to do and who to call it saves valuable time and leads to more confidence in your response. Cybersecurity Awareness Training – particularly anti-phishing training – is a crucial part of your nonprofit cybersecurity defense.
- Having a single point of contact handling the communication at the nonprofit was important both to provide helpful information back to the IT provider quickly and to communicate effectively with 100+ staff that the incident was being resolved and what they needed to do.
- Of course, if your single point of contact is on vacation it can complicate your response. Having an Incident Response Plan with multiple backups will help guide your response.
- If you haven’t reviewed your Incident Response Plan recently, you should! Better yet, gather the stakeholders and hold a tabletop exercise to run through some scenarios and see how your team would handle them. This kind of an exercise doesn’t cost anything to run except your stakeholders’ time, and can help identify single points of failure or areas where the plan is good but your staff need training on what is in it.
- Many nonprofits initially handle their IT management internally. As your nonprofit grows, consider when it becomes appropriate to call on a trusted partner like Community IT to help with cybersecurity, help desk, and strategic planning. Are your cybersecurity investments up to date? What does your cyberliability policy cover? Could you resolve and recover from a cybersecurity attack?
_______________________________
Start a conversation :)
- Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
- email Carolyn at [email protected]
- on LinkedIn
Thanks for listening.
View all episodes
By Community IT Innovators
5
44 ratings
Does your nonprofit know what to do when a staff person clicks on a suspicious email and instantly regrets it?
David Dawson is a Senior Engineer at Community IT on the escalation team for our help desk. Recently he led the response to a cybersecurity incident at a nonprofit client. In this Community IT podcast, he answers Carolyn’s questions about the flow of the response, best practices, and gives tips on how your nonprofit can be prepared to respond to phishing or hacking attempts.
Knowing who to call and how to respond to a cybersecurity incident at a nonprofit can be the difference that makes a quick and complete recovery.
The takeaways:
- When staff know what to do and who to call it saves valuable time and leads to more confidence in your response. Cybersecurity Awareness Training – particularly anti-phishing training – is a crucial part of your nonprofit cybersecurity defense.
- Having a single point of contact handling the communication at the nonprofit was important both to provide helpful information back to the IT provider quickly and to communicate effectively with 100+ staff that the incident was being resolved and what they needed to do.
- Of course, if your single point of contact is on vacation it can complicate your response. Having an Incident Response Plan with multiple backups will help guide your response.
- If you haven’t reviewed your Incident Response Plan recently, you should! Better yet, gather the stakeholders and hold a tabletop exercise to run through some scenarios and see how your team would handle them. This kind of an exercise doesn’t cost anything to run except your stakeholders’ time, and can help identify single points of failure or areas where the plan is good but your staff need training on what is in it.
- Many nonprofits initially handle their IT management internally. As your nonprofit grows, consider when it becomes appropriate to call on a trusted partner like Community IT to help with cybersecurity, help desk, and strategic planning. Are your cybersecurity investments up to date? What does your cyberliability policy cover? Could you resolve and recover from a cybersecurity attack?
_______________________________
Start a conversation :)
- Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
- email Carolyn at [email protected]
- on LinkedIn
Thanks for listening.