Nonprofit Data Retention Policy and Cybersecurity Basics with Ian Gottesman episode artwork

EPISODE · Apr 4, 2025 · 34 MIN

Nonprofit Data Retention Policy and Cybersecurity Basics with Ian Gottesman

from Community IT Innovators Nonprofit Technology Topics · host Community IT Innovators

Ian Gottesman is CEO of a coalition of 200+ NGOs and 20 major IT companies working together to improve cybersecurity for the nonprofit sector (NGO ISAC). He has decades of experience in executive roles in nonprofit cybersecurity in a variety of organizations.In these challenging times for the nonprofit sector generally, many nonprofits are taking a harder look at their cybersecurity policies to better protect their organization and staff. Community IT recommends getting to a foundational level of basic cybersecurity, and you can download our free Cybersecurity Readiness for Nonprofits Playbook to learn what that means and how to put those basics in place. Three cybersecurity basics to think about: manage your identity, patch your hardware and software, and look out for phishing – train your staff. You will get 80% protection from just doing those three low cost things – why would you want to get 0%?When your cybersecurity basics are in place, Ian recommends strengthening your nonprofit data retention policy and compliance as your first next step. Again, this is low cost in terms of your budget, but will have costs to your organization in terms of staff time and energy. So let this challenging moment motivate your team to take on a sorting-and-retaining-or-deleting project.Some Key Takeaways:Cybersecurity Basics are not difficult and protect you from 80% of hacks.Manage your identity. Accounts must be protected, your staff should be verifying they are who is supposed to be logging in.Patch your hardware and software. The easiest way to do this is reboot – log out, restart, and log back in periodically. Your IT provider or internal IT staff should be patching as part of your cybersecurity strategy.Look out for phishing – train your staff. More than 90% of attacks start out tricking a user into clicking a link. For more information on anti-phishing training, check out this webinar on Cybersecurity Awareness Training Tips.Cybercrimes are crimes.Don’t feel that you were responsible for your own victimization. Clicking on links happens. Huge companies fall for scams. Encourage a culture of openness and sharing around cybersecurity best practices and incident response planning.Make sure your nonprofit culture embraces a team approach to cybersecurity, and that everyone on your staff knows to tell someone when they see something suspicious or make a mistake, and who to tell. Holding cybercriminals accountable in every country should be a bigger goal for our governments and our laws. Nonprofit Data Retention Policy is a valuable project now.Remind your staff not to put in writing in any device or app something they would not want to be public about your organizationCreating and monitoring compliance with a nonprofit data retention policy does not require expensive tools but it does require the time and energy of your staff. Avoiding unnecessary reputational risks is worth it. Make sure your nonprofit data retention policy covers emails and messaging in addition to documents and files. _______________________________Start a conversation :)Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/email Carolyn at [email protected] LinkedIn on reddit/r/nonprofitITmanagementon the Community IT websiteThanks for listening. 

Ian Gottesman is CEO of a coalition of 200+ NGOs and 20 major IT companies working together to improve cybersecurity for the nonprofit sector (NGO ISAC). He has decades of experience in executive roles in nonprofit cybersecurity in a variety of organizations. In these challenging times for the nonprofit sector generally, many nonprofits are taking a harder look at their cybersecurity policies to better protect their organization and staff. Community IT recommends getting to a foundational lev...

NOW PLAYING

Nonprofit Data Retention Policy and Cybersecurity Basics with Ian Gottesman

0:00 34:11

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Community IT Innovators Nonprofit Technology Topics?

This episode is 34 minutes long.

When was this Community IT Innovators Nonprofit Technology Topics episode published?

This episode was published on April 4, 2025.

What is this episode about?

Ian Gottesman is CEO of a coalition of 200+ NGOs and 20 major IT companies working together to improve cybersecurity for the nonprofit sector (NGO ISAC). He has decades of experience in executive roles in nonprofit cybersecurity in a variety of...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this Community IT Innovators Nonprofit Technology Topics episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!