mission Matters Is Your Board’s Cybersecurity Up to Par? April 13, 2023 Cybercrime is on the rise and continues to plague organizations across the world. In 2022 alone, there were over 1,800 reported data breaches. How can boards prevent an attack? Read on. Board members…are you prioritizing cybersecurity? It is critically important to understand what your responsibilities are as a board member to ensure your organization is protected. Check out our affiliate, Envision Technology Advisors’ latest blog, Ignorance is no longer an excuse. Here’s a sneak peek. What are the consequences of a data breach? When data is stolen, the consequences are devastating. On top of the disruption of business, fines, and bad publicity for the Organization itself, we are also starting to see senior leaders, including Board of Directors named in data breach lawsuits. What should boards do to be proactive? All organizations, nonprofits, and for-profits alike, have an obligation to abide by applicable statutory regulations and legal precedent. Directors must uphold their fiduciary duty by swiftly addressing data privacy vulnerabilities or breaches and maintaining strong cybersecurity measures. Here are a few suggestions to incorporate into your plan to reduce your cybersecurity risk: Train Your Staff: Training users on best practices and online hygiene can go a long way to reducing the risks of a cyberattack. User negligence and poor computer hygiene, such as weak passwords, are the leading cause of cyberattacks and data breaches. Document Your Protocols: Many nonprofits don’t have any cybersecurity documentation in place, leading to chaos if an attack occurs. Documenting protocols can provide teams quicker access to information that can help minimize the effects of an attack.Create and Test Backups and Redundancies: You should create multiple instances of your organization’s crucial data. System redundancies both in a physical server and the cloud, so if one instance gets compromised, you have backups ready to be deployed. Update Your Operating System and Patch All Software: Conduct regular updates to ensure you’re not vulnerable to hackers.Have a Dedicated IT Expert or Consultant: Having someone monitoring your system and network can help detect and fight threats as they arrive. There are new SEC requirements for public companies that are coming soon. Those changes are expected to include disclosure requirements regarding the organization’s cybersecurity governance capabilities and whether the entire board, a specific board member, or a board committee is responsible for the oversight of cyber risks. We will keep you posted as things develop. For now, check out Envision’s blog for helpful information and case studies. Do you need help implementing a cybersecurity program in your organization? Our Nonprofit Team can help. Contact us.