Cybersecurity for Nonprofits Resource Hub

Cybersecurity impacts nearly every aspect of your nonprofit and is something that many organizations may not consider until they need to respond to an incident.

This resource hub is designed to be a repository for nonprofit staff offering a wide range of materials to assist with improving the cybersecurity posture of your nonprofit. You are welcome to share the resources here with your team and board and we’ll keep on updating the hub based on your feedback.

Cybersecurity for your nonprofit: video series

Cybersecurity can feel overwhelming—but it doesn’t have to be. In this video series, nonprofit technologist Jason Shim walks you through the essential concepts, tools, and practices your organization needs to understand and improve its cybersecurity. Whether you’re just getting started or looking to strengthen your existing practices, these short videos will help you build a strong foundation to protect your data and your community. Once you finish the entire series, you can request a certificate of completion below.

Assessing your security priorities

Many nonprofit staff tell us that they are worried they don't have strong security practices, tools, or policies in place but their fear of just how bad things could be keeps them from taking a clear look at it. We can't let fear stop us from securing our systems though. The following assessment tools and resources help you learn where you have priority areas for improving your organization's security in approachable ways.

Tech Accelerate

NTEN's Tech Accelerate is a free assessment tool for nonprofits. Users with a free NTEN account can complete assessments as often as they like, receiving a custom report that provides scoring and risk assessment for every question answered. Every report also includes resources for further learning specific to each question to support users in improving their scores right away. Tech Accelerate is available in English, French, and Spanish.

KnowBe4

KnowBe4 is a simulated phishing platform and security training company. They have a number of free assessment or testing tools that can help identify areas of needed training or vulnerabilities in your team's use of technology.

• Phishing security test: Find out what percentage of your employees are Phish-prone with your free phishing simulator test.
• RanSim: A free ransomware software tool to determine how vulnerable your network is to common ransomware and cryptomining attacks.
• Social media phishing test: Find out which of your users are vulnerable to social media phishing attacks.
• Tech Impact is a nonprofit managed services provider that offers various security and managed IT resources and services. Their Data Privacy Assessment provides an understanding of the risks a nonprofit faces with data collection and storage.

Digital First Aid Kit

The Digital First Aid Kit is a free resource to guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed. Start your assessment by the situation you are facing, including:

• You lost access to your account.
• You received a suspicious message.
• The organization's website is down.
• You've lost your data.

Security tools and software

Policies and practices are an important part of keeping your organization's staff, systems, and data secure. For many organizations, security-related software or tools are also a critical piece of investment. The following resources may be relevant for your organization in acquiring low-cost or nonprofit-specific security tools.

TechSoup - TechSoup is a nonprofit that equips changemakers with transformative technology solutions and skills they need to improve lives globally and locally, including offering product discounts for a diversity of technology services. Browse the security products available to qualifying nonprofits through TechSoup. Most nonprofits qualify.

Cloudflare offers cyber security protection for at-risk sites. If you are an organization working in human rights, civil society, journalism, or democracy, you can apply for Project Galileo to get free cyber security protection from Cloudflare.

Additional tools and service providers to consider

• Umbrella from Security First: a security handbook available in a free, open source app.
• Nonprofit Computer Security Consultancy from Radically Open Security is a nonprofit consultancy that provides incident response, training, and security audits.
• Cyber Peace Builders from Cyber Peace Institute provides training, insights, and tabletop exercises for nonprofits and foundations.

Cybersecurity insurance

Cybersecurity insurance can mitigate risk by covering the financial losses associated with ransomware attacks, data breaches, and other instances of cybercrime.

Nonprofit cybersecurity insurance is a valuable resource that hopefully you'll never to use. Tech Impact has created an insurance checklist to provide information to guide your insurance choices.

More ways to learn

We’ll keep adding security-related resources throughout the year. Check out more ways to learn below, and feel free to let us know if there’s a specific topic or resource you’d like us to include!

Digital Safety Strategies

Learn how nonprofits can address anti-2SLGBTQIA+ online hate and create digital safety plans. These free videos and resources were developed in collaboration with ODLAN and can be accessed at any time individually or completed in full for a certificate of completion.

Online courses on security

NTEN’s professional development courses offer a fantastic opportunity to enhance your expertise. With our flexible, self-paced format, you can learn at your convenience. All courses are online and feature captions and transcripts to ensure an inclusive learning experience. Plus, they count toward CFRE and CRE credits, as well as NTEN certificates, helping you advance your professional development while gaining practical skills from expert-designed content.

Check out our security-related courses below, or explore our full range of courses on various topics.