Don't let your NFP be a target for cybercriminals

October is National Cybersecurity Awareness Month. Baker Tilly is raising awareness about current cybersecurity threats and ways to proactively protect and address your cybersecurity and IT risks.

What’s holding you back from improving your online security habits? Staying informed about the latest trends in cyber threats and security can help protect your organization. Discover insights from Baker Tilly’s dedicated professionals that will help you navigate the ever-changing cybersecurity landscape:

1. Network security is an important layer in your cybersecurity defense playbook. Brian Nichols discusses the missing piece of your network security. It’s not enough to simply set up a system and install a lock. Those locks and protocols should be tested regularly to make sure they work and that they can hold up to the latest threats. Once you’ve set up your security system, penetration testing is a key way to embrace a ‘never trust, always verify’ approach to network security. If you are looking to learn more about what it takes to implement a zero trust security model, read our Never trust, always verify. But how? article.
2. Benjamin Quigley, Anthony Casey and Jim Kearney discuss the rise of proactive assurance and why it’s here to stay. The focus typically has been on the past, on assessing and reacting to what has already taken place within an organization – and senior leaders and audit committees have agreed with this mindset. But that perspective is changing. The movement of proactive assurance has been coming for years, and it’s already making a major impact in the world of internal audit, spanning virtually every industry, and it’s likely to stay. Organizations of all size and scope can implement internal audit leading practices.
3. The SEC’s latest cybersecurity disclosure is a significant development in the regulation of cybersecurity risk management and reporting. And while only SEC filing organizations are required to comply with the new requirement, all organizations can benefit from understanding the framework. Joe Shusko, Jim Kearney and Jeff Maffitt created a quick guide in new SEC cyber incident disclosure marks first-time cybersecurity disclosure requirement across the capital markets. To ensure compliance with the new requirement (Release No. 33-11216) published in July 2023, organizations need to evaluate their current cybersecurity governance and incident response practices, and ensure they are appropriately considered in their disclosure procedures. Our team has also touched on strategies to address the new SEC cyber disclosure rule (and how to do it!).

Sound overwhelming?

The information provided here is of a general nature and is not intended to address the specific circumstances of any individual or entity. In specific circumstances, the services of a professional should be sought. Tax information, if any, contained in this communication was not intended or written to be used by any person for the purpose of avoiding penalties, nor should such information be construed as an opinion upon which any person may rely. The intended recipients of this communication and any attachments are not subject to any limitation on the disclosure of the tax treatment or tax structure of any transaction or matter that is the subject of this communication and any attachments.