Continuing a theme mentioned in another recent post, this article emphasizes that nonprofits errĀ in thinking they are necessarily immune from cyber threats and related litigation.

[N]onprofits remain as vulnerable as their for-profit and governmental brethren. As more nonprofits are targeted, it is critical for organizations in this sector to understand the risks posed by cyber breaches and data hacks, to engage their boards and leaders on these issues, and to allocate funds and resources to cybersecurity. Equally important, and as part of this process, nonprofits need to understand how the many issues and aspects of cybersecurity play out differently in the charitable sector.

No doubt, as the authors note, it may be possible to treat nonprofits more leniently because they are serving the public good, rather than the private interests of owners. But that would be a difficult distinction to attempt to draw if a nonprofit failed to take basic steps to even make itself aware of the risks posed by its cyber activities.

Please share this post if you found it valuable.