mission Matters Protect Against Cyber Threats: Why Every Nonprofit Needs a Written Information Security Plan October 10, 2024 October is Cybersecurity Awareness Month and now is a perfect time for nonprofit leaders to revisit their security practices. Do you have a WISP in place? If not, you should. Read on. Attention nonprofits…Cybersecurity Awareness Month is here! Every nonprofit organization should have a Written Information Security Plan (WISP) in place to comply with state regulation and meet insurance requirements. A WISP will incorporate procedures to protect digital and physical sensitive information which is critical to safeguard your reputation and minimize potential financial losses. What goes into a solid WISP? We explore below. What is a WISP? A Written Information Security Program (WISP) is essentially a “roadmap” that defines the administrative, technical and physical safeguards you have in place to protect physical and digital data. Check out our blog, Does Your Nonprofit have a WISP? for the details. Why is it crucial for nonprofits to have WISPs? Nonprofits face so many risks when it comes to cybersecurity, and many do not understand the impact of a breach. "When I think about the key challenges nonprofits face, funding risks are always top of mind, but cyber threats are the ones that truly keep them up at night. A breach doesn’t just affect one area-it impacts the entire organization. In my experience, many nonprofits have cyber coverage that falls far short, barely covering the remediation costs needed to get the organization back on its feet." - Sandy Ross A well-structured WISP helps an organization: mitigate security risks,protect sensitive information,maintain compliance with relevant regulations, andrespond effectively to security incidents. It serves as a roadmap for data security and ensures that everyone within the organization understands their part in safeguarding critical data. Additionally, it can be a valuable document for demonstrating commitment to information security to donors, community you serve, and regulatory authorities. Do you want to get started with a WISP? We can help guide you in the right direction.
