The financial costs of managing a data breach are well documented and growing, with a recent study estimating an average of $221 per lost record, and $7 million average total cost.1These costs may include legal guidance, breach notification, forensics, credit monitoring and other crisis services.
而无形的、非营利性的失去了信任s can experience from donors, volunteers and the community also can be significant and harder to restore, and can affect fundraising activities, volunteer engagement and partnerships with other organizations.
“Nonprofit organizations often work so closely with a dedicated group of volunteers and a loyal donor base who entrust the nonprofit with their personal data,” says Tim Francis, Enterprise Cyber Lead at Travelers. “Nonprofits should take steps to protect that data and to prepare themselves for a potential data breach.”
Understand Your Data, Systems and Network
Understanding your network infrastructure.
After you understand the data, systems and network that you are trying to protect, focus on security controls that would be the most effective based on your specific needs and resources. Consider implementing stronger controls for storing and transmitting your most sensitive data, such as the Personally Identifiable Information (PII) of donors and volunteers, or the Protected Health Information (PHI) of current and past employees.
Prepare for the Unexpected
每个组织都需要一个计划，以防数据泄露。一个incident response plancan help organizations plan to comply with applicable laws and regulations, and launch a rapid and coordinated response that can help reassure donors, volunteers, staff and the general public that your organization takes the breach seriously and has the incident under control, to maintain the organization’s strong reputation, which can be one of the organization’s strongest allies. It’s worth protecting by guarding against data breaches.
1Ponemon Institute 2016年数据泄露研究成本是针对经历过违规的调查公司，该公司要求公司根据州法律通知受害者。