SlideShare a Scribd company logo

NPOs and Information Security

Download as PPTX, PDF
M
M Dalton
TechnologyNews & Politics
1 of 10
Miranda R. Dalton 511C 10.18.11 NPOs and Information Security An analysis of the factors that contribute to the vulnerability of NPOs and best practices in combating criminal activity.
Agenda Recommendations Securing Information Vulnerability of NPOs Responsible Factors The Interest in Nonprofits
Research Approach • Articles disseminated over a three year period (2007-2010) • Similarities and discrepancies among articles explored • Nonprofit Organizations will be referenced as NPOs
Nonprofit Sector A growing sector in our nation’s economy 1.5 Million NPOs in 2008 A Target For Cyber Criminals
Why the Interest in Nonprofits? Cyber Criminals see tremendous financial gain •Nonprofit budgets are growing • If successful, cyber criminals can gain access to organization’s financial accounts and personal/financial information of donors • Cyber Criminals are finding new and innovative malware to penetrate networks • New malware is not easily stopped • Development of new malware has morphed into a multi-billion dollar global enterprise
The Vulnerability of NPOs Responsible Factors Human Carelessness Financial Constraints Underestimating the Risk • Accidentally posting • Anti-virus software costly • NPOs have versatile information online and quickly become out payments options for of date donors • Discarding information in an unsecured dumpster • Majority of funding is for • In the process, program services and information security is • Stolen hardware & delivery lost information by temporary employees • Difficult to allot money to • Larger NPOs more purchase current security security measures, but software and employ IT greater financial staff transactions -TARGET
Securing Information A comparison of strategic approaches Install latest antivirus Undergo cultural change Back up and redundant software and employ IT staff related to information systems security • McAfee • Securing information is the • The issue – reactive in nature responsibility of all • Norton • Only relevant once networks • Security Awareness Programs have been compromised • Latest security versions - training in information should be installed in security • Should not become the computers prevailing IT strategy • Adoption of proper • Expensive protocols/procedures in securing information • Budgetary Issues – organization can’t afford IT • Buy in needed of all key staff or to contract out to stakeholders third partyies
Recommendations to Nonprofits • Information security must become a key component of strategic planning * Will assist in changing the culture of an organization * NPOs will begin to dialogue concerning matters of information security and the adoption of security initiatives • Training must occur on an ongoing basis * Argument: NPOs are already stressed and further training would add to the frustration of NPOs * Counter Argument: If IT and security matters are not a priority, it could harm contributions if donors feel that their information has been compromised
Recommendations to Nonprofits Five Steps in Creating an Information Security Plan 1. Develop information security policies 2. Communicate the information security policies 3. Indentify critical information assets and risks Five Steps in Creating an Information 4. Test and reevaluate risks Security Plan 5. Obtain stakeholder support
Security and the Internet - Fighting Malware. (2008, July). OECD Observer, 10-11. Six ID Theft Trends for 2010. (2010, February). Credit Union Magazine, 42. Baltzan, Phillips, & Haag. (2009). Information Technology and Management. (third, Ed.) McGraw- Hill. Dinerman, B. (2009, July 21). Security Threats: A guide for small and mid-size nonprofits. Retrieved October 10, 2011, from TechSoup: http://www.techsoup.org/learningcenter/techplan/page11904.cfm Meron, J. (2009, January 26). NP Tech News. Retrieved October 10, 2011, from http://www.nptechnews.com/management-features/increasing-data-security-in-an-increasingly- insecure-world.html Popa, C. (2007, February). Information Security for Nonprofits. CMA Management, 19-21. Sherstobitoff, R. (2008, April 21). How to Make Sure You Aren't the "Low-Hanging Fruit" for Fraud. 8.

Recommended

Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
sosorry
 
Seminar Hacking & Security Analysis
Seminar Hacking & Security AnalysisSeminar Hacking & Security Analysis
Seminar Hacking & Security Analysis
Dan H
 
Linux Exploit Research
Linux Exploit ResearchLinux Exploit Research
Linux Exploit Research
Dan H
 
Basics of C programming
Basics of C programmingBasics of C programming
Basics of C programming
avikdhupar
 
Career planning presentation
Career planning presentationCareer planning presentation
Career planning presentation
kesiamargot
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Marketing to the African American Community
Marketing to the African American CommunityMarketing to the African American Community
Marketing to the African American Community
M Dalton
 
Chrysler After Bankruptcy
Chrysler After BankruptcyChrysler After Bankruptcy
Chrysler After Bankruptcy
M Dalton
 

Recommended

Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
Taiwan’s Information Security Policy Enhancement: An Analysis of Patent Indic...
sosorry
 
Seminar Hacking & Security Analysis
Seminar Hacking & Security AnalysisSeminar Hacking & Security Analysis
Seminar Hacking & Security Analysis
Dan H
 
Linux Exploit Research
Linux Exploit ResearchLinux Exploit Research
Linux Exploit Research
Dan H
 
Basics of C programming
Basics of C programmingBasics of C programming
Basics of C programming
avikdhupar
 
Career planning presentation
Career planning presentationCareer planning presentation
Career planning presentation
kesiamargot
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Marketing to the African American Community
Marketing to the African American CommunityMarketing to the African American Community
Marketing to the African American Community
M Dalton
 
Chrysler After Bankruptcy
Chrysler After BankruptcyChrysler After Bankruptcy
Chrysler After Bankruptcy
M Dalton
 
NC-Puerto Rico Workforce Pipeline Part II
NC-Puerto Rico Workforce Pipeline Part IINC-Puerto Rico Workforce Pipeline Part II
NC-Puerto Rico Workforce Pipeline Part II
M Dalton
 
NC-Puerto Rico Workforce Pipeline
NC-Puerto Rico Workforce PipelineNC-Puerto Rico Workforce Pipeline
NC-Puerto Rico Workforce Pipeline
M Dalton
 
Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?
M Dalton
 
Contributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit BoardsContributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit Boards
M Dalton
 
Rockingham County Head Start Community Assessment Report, 2012- 2013
Rockingham County Head Start Community Assessment Report, 2012- 2013Rockingham County Head Start Community Assessment Report, 2012- 2013
Rockingham County Head Start Community Assessment Report, 2012- 2013
M Dalton
 
Five Year Strategic Plan
Five Year Strategic PlanFive Year Strategic Plan
Five Year Strategic Plan
M Dalton
 
Annual Campaign
Annual CampaignAnnual Campaign
Annual Campaign
M Dalton
 
Financial Analysis
Financial AnalysisFinancial Analysis
Financial Analysis
M Dalton
 
Succession Planning
Succession PlanningSuccession Planning
Succession Planning
M Dalton
 
A Case for Support
A Case for SupportA Case for Support
A Case for Support
M Dalton
 
Community Service Project
Community Service ProjectCommunity Service Project
Community Service Project
M Dalton
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
CzechDreamin
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
UXDXConf
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
ChristopherTHyatt
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
IoTAnalytics
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
UXDXConf
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
Zilliz
 

More Related Content

More from M Dalton

Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?
M Dalton
 
Contributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit BoardsContributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit Boards
M Dalton
 
Five Year Strategic Plan
Five Year Strategic PlanFive Year Strategic Plan
Five Year Strategic Plan
M Dalton
 
Financial Analysis
Financial AnalysisFinancial Analysis
Financial Analysis
M Dalton
 
Succession Planning
Succession PlanningSuccession Planning
Succession Planning
M Dalton
 

More from M Dalton (11)

NC-Puerto Rico Workforce Pipeline Part II
NC-Puerto Rico Workforce Pipeline Part IINC-Puerto Rico Workforce Pipeline Part II
NC-Puerto Rico Workforce Pipeline Part II
 
NC-Puerto Rico Workforce Pipeline
NC-Puerto Rico Workforce PipelineNC-Puerto Rico Workforce Pipeline
NC-Puerto Rico Workforce Pipeline
 
Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?Can the Intranet Take Business Processes to the Next Level?
Can the Intranet Take Business Processes to the Next Level?
 
Contributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit BoardsContributing Factors That Lead to Ineffective Nonprofit Boards
Contributing Factors That Lead to Ineffective Nonprofit Boards
 
Rockingham County Head Start Community Assessment Report, 2012- 2013
Rockingham County Head Start Community Assessment Report, 2012- 2013Rockingham County Head Start Community Assessment Report, 2012- 2013
Rockingham County Head Start Community Assessment Report, 2012- 2013
 
Five Year Strategic Plan
Five Year Strategic PlanFive Year Strategic Plan
Five Year Strategic Plan
 
Annual Campaign
Annual CampaignAnnual Campaign
Annual Campaign
 
Financial Analysis
Financial AnalysisFinancial Analysis
Financial Analysis
 
Succession Planning
Succession PlanningSuccession Planning
Succession Planning
 
A Case for Support
A Case for SupportA Case for Support
A Case for Support
 
Community Service Project
Community Service ProjectCommunity Service Project
Community Service Project
 

Recently uploaded

Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
UXDXConf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
UXDXConf
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
UXDXConf
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
UXDXConf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 

Recently uploaded (20)

10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Intelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdfIntelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdf
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 

NPOs and Information Security

  • 1. Miranda R. Dalton 511C 10.18.11 NPOs and Information Security An analysis of the factors that contribute to the vulnerability of NPOs and best practices in combating criminal activity.
  • 2. Agenda Recommendations Securing Information Vulnerability of NPOs Responsible Factors The Interest in Nonprofits
  • 3. Research Approach • Articles disseminated over a three year period (2007-2010) • Similarities and discrepancies among articles explored • Nonprofit Organizations will be referenced as NPOs
  • 4. Nonprofit Sector A growing sector in our nation’s economy 1.5 Million NPOs in 2008 A Target For Cyber Criminals
  • 5. Why the Interest in Nonprofits? Cyber Criminals see tremendous financial gain •Nonprofit budgets are growing • If successful, cyber criminals can gain access to organization’s financial accounts and personal/financial information of donors • Cyber Criminals are finding new and innovative malware to penetrate networks • New malware is not easily stopped • Development of new malware has morphed into a multi-billion dollar global enterprise
  • 6. The Vulnerability of NPOs Responsible Factors Human Carelessness Financial Constraints Underestimating the Risk • Accidentally posting • Anti-virus software costly • NPOs have versatile information online and quickly become out payments options for of date donors • Discarding information in an unsecured dumpster • Majority of funding is for • In the process, program services and information security is • Stolen hardware & delivery lost information by temporary employees • Difficult to allot money to • Larger NPOs more purchase current security security measures, but software and employ IT greater financial staff transactions -TARGET
  • 7. Securing Information A comparison of strategic approaches Install latest antivirus Undergo cultural change Back up and redundant software and employ IT staff related to information systems security • McAfee • Securing information is the • The issue – reactive in nature responsibility of all • Norton • Only relevant once networks • Security Awareness Programs have been compromised • Latest security versions - training in information should be installed in security • Should not become the computers prevailing IT strategy • Adoption of proper • Expensive protocols/procedures in securing information • Budgetary Issues – organization can’t afford IT • Buy in needed of all key staff or to contract out to stakeholders third partyies
  • 8. Recommendations to Nonprofits • Information security must become a key component of strategic planning * Will assist in changing the culture of an organization * NPOs will begin to dialogue concerning matters of information security and the adoption of security initiatives • Training must occur on an ongoing basis * Argument: NPOs are already stressed and further training would add to the frustration of NPOs * Counter Argument: If IT and security matters are not a priority, it could harm contributions if donors feel that their information has been compromised
  • 9. Recommendations to Nonprofits Five Steps in Creating an Information Security Plan 1. Develop information security policies 2. Communicate the information security policies 3. Indentify critical information assets and risks Five Steps in Creating an Information 4. Test and reevaluate risks Security Plan 5. Obtain stakeholder support
  • 10. Security and the Internet - Fighting Malware. (2008, July). OECD Observer, 10-11. Six ID Theft Trends for 2010. (2010, February). Credit Union Magazine, 42. Baltzan, Phillips, & Haag. (2009). Information Technology and Management. (third, Ed.) McGraw- Hill. Dinerman, B. (2009, July 21). Security Threats: A guide for small and mid-size nonprofits. Retrieved October 10, 2011, from TechSoup: http://www.techsoup.org/learningcenter/techplan/page11904.cfm Meron, J. (2009, January 26). NP Tech News. Retrieved October 10, 2011, from http://www.nptechnews.com/management-features/increasing-data-security-in-an-increasingly- insecure-world.html Popa, C. (2007, February). Information Security for Nonprofits. CMA Management, 19-21. Sherstobitoff, R. (2008, April 21). How to Make Sure You Aren't the "Low-Hanging Fruit" for Fraud. 8.