What’s New and What’s Not in Cybersecurity?

by | Facilities, Leadership, Operations, Security

By Johnathan Barnes

Keeping current with what’s happening in the world of cybersecurity can be a daunting task for many. Here are some things you should be aware of now to help keep your ministry safe.

What’s New?

Microsoft recently launched its Security Program for Nonprofits, a set of security offerings, built to complement Microsoft’s security suite, to provide proactive monitoring and notification, assess organizational and infrastructure risk, and streamline security training for IT professionals and end-users. 

Justin Spelhuag, Vice President of Tech for Social Impact of Microsoft Philanthropies, writes, “We’ve seen an incredible number of crises arise and persist over the past year – ranging from the global to the deeply personal. Nonprofit organizations have been a lifeline to some of our most vulnerable communities, engaging with complex needs and working to make a difference.”

The Figuera Wu Family Foundation – Pilsen Food Pantry, Chicago, IL

He goes on to say, “But nonprofits themselves are increasingly at risk due to a worldwide rise in cybercrime. While this impacts all sectors and organizations, nonprofits are often perceived as vulnerable because they may not have adequate resources to safeguard the data they need to operate – impacting everyone from donors to program participants to volunteers.”

Microsoft’s objective is to support 10,000 organizations in the first year, with a three-year goal of providing these services to 50,000 organizations worldwide.

Here are the services qualifying organizations can leverage as part of this new program:

  • AccountGuard for Nonprofits: The AccountGuard program notifies organizations when their Microsoft 365 organizational accounts, or the Outlook and Hotmail personal accounts of staff and board members are targeted or compromised by sophisticated nation-state actors. Microsoft is offering AccountGuard to all eligible nonprofits at no additional cost. Eligible organizations can learn more and get started by claiming the offering in their nonprofit hub.
  • Free security assessments:  Microsoft is offering free security assessments to nonprofit organizations to help them better understand the vulnerabilities in their existing endpoints, identity access, infrastructure, network and data with the objective of supporting and prioritizing an immediate action and remediation plan to better protect their environment from any imminent risk with support from Microsoft’s partner ecosystem. To sign up for an assessment sign up here.
  • Free training pathways for IT administrators and end-users: Microsoft has cultivated training pathways to streamline the top recommended trainings for nonprofits, regardless of role. Employees from any background now can learn the latest strategies to protect themselves from online scams and attacks, and work from home more securely. IT administrators have access to the Security Skilling Hub and Microsoft 365 Administrator’s Security Toolkit, all available through the Security Program for Nonprofits page.

What’s Not New (But Still Relevant)?

Cybersecurity awareness training for staff and volunteers is still the number one defense against a cybersecurity attack because social engineering, a threat that involves human interaction (like clicking a link or opening an attachment) to obtain or compromise information, is still the top tactic used by cyber criminals in cybersecurity attacks.

Cybercriminals may not be targeting your organization specifically, but they are targeting the donor data and information you store and process.  It is unlikely, that a cybercriminal is proactively targeting your church or nonprofit, but the automated tool they use to roam the internet, seeking who it may devour, is no respecter of person…or organization. While you may not be a target, you could become a victim if your staff and volunteers are not properly trained.

Reciprocity can greatly reduce the financial investment churches and other nonprofit organizations invest in cybersecurity training

The great thing is there is immense opportunity for reciprocity when it comes to cybersecurity awareness training. For instance, if the part-time youth director at your church receives cybersecurity awareness training from their employer, it would be less likely the church would need to pay for training for the youth director again. The youth director could simply provide proof of training and cybersecurity awareness training credit could be granted.

For More Information:
Johnathan Barnes serves as Chief Ministry Cyber Professional (MCP). He is a cybersecurity subject matter expert and holds the following cybersecurity certifications: Certified Ethical Hacker (CEH)GIAC Certified Incident Handler (GCIH)Certified Information Security Manager, and Certified Information Systems Security Professional (CISSP). 

Johnathan is the Executive Director of Virtual Ministry Assistants, a consultant with Ministry Architects, and adjunct cybersecurity instructor for Augusta Tech Cyber Institute located at the Georgia Cyber Center.

Sign Up for the Worship Facility Newsletter!

NEW THIS WEEK

Worship Facility Podcast: Leadership and Tech Teams

David Leuschner talks to Nicole Lucas, author of "Leadership Frameworks" about how leadership skills, social skills, and emotional intelligence apply to leading a tech team.Other topics include: What to do with your used production gear What churches need to do to...

Intro to House of Worship Production with Vectorworks

As houses of worship embrace modern technology to enhance their services, the demand for production tools is increasing.  This article covers, first, what’s meant by “house of worship production” and “church production,” and then explores how Vectorworks can...

Green Hippo Previews Hippotizer MX Series at LDI 2024

Green Hippo, an industry leader in media manipulation and 3D mapping, was thrilled to preview its new Hippotizer MX Series with ACT Entertainment at Live Design International 2024. The Hippotizer MX Series offers five new customizable, dependable, and future-proofed...

Deadly Shooting at Abundant Life Christian School in Wisconsin

How Should Christian Schools Respond to the Threat of Gun Violence? Only three weeks ago, I was sitting in the head of school's office at a private Christian school in Minnesota discussing gun violence and their response to such a threat. There were three real options...

7 Key Security Trends Churches Should Prioritize in 2025

As we step into 2025, church safety and security leaders face an ever-evolving landscape of challenges and opportunities. From technological advancements to addressing the rising tensions in society, this year brings a renewed focus on critical areas of improvement....