Skip to main content

Today all organizations, including NFPs (not-for-profits), are driven by data – and much of it is personally identifiable. That data has become both a key driver of success and a potential risk for organizations. The characteristics of the not-for-profit sector create distinct risks and related governance challenges that need to be addressed. NFPs have valuable data, such as employee or volunteer information, credit card numbers, donor details and private health information, which are attractive to cyber criminals. However, not-for-profit organizations may be challenged to have the resources and governance protocols to defend against, and respond to, these threats.

This session will provide NFP board directors with an understanding of the common and unique cybersecurity risks faced by NFPs. It will give practical advice in the areas of cyber-risk mitigation, response protocols, and considerations such as cyber insurance to ensure the organization has the resources and knowledge to deal with threats. We will also discuss how cyber risks have multiplied during the pandemic.

A cybersecurity breach in today’s world is not so much a question of “if” it will happen, but “when.” It is critical for not-for-profit organizations to have measures in place to both minimize cyber risk and act swiftly to control financial and reputational damage in the event of a cyberattack.



Michael Foulkes Headshot
Kevvie Fowler Headshot
Helen Polatajko Headshot