ts governance™ was designed to help executive directors, board members, and senior staff manage cyber risk within nonprofit organizations. The introduction helps nonprofit leaders understand the risk landscape and their role in managing cyber risk, part one explains how to lead the organization toward an improved cybersecurity posture, and part two introduces The National Institute of Standards and Technology’s Cybersecurity Framework1, which is a widely used, free methodology for managing cybersecurity.
Because It’s the law. Because it is the law. The Federal Trade Commission has found unreasonably poor cybersecurity practices to be an unfair trade practice that can be fined. Many states have given their citizens the right to sue organizations engaged in unfair trade practices, with punitive damages often being on the table. And despite not operating for a profit, many states include nonprofits in these laws.