Features

#ASAE 2018 Cybersecurity Risk Management: Steps to Protect Your Association

By Brian Lynch • August 27, 2018

Being an insurance broker at the ASAE 2018 annual conference, I was drawn to the Express Talk on Cybersecurity Risk Management to see what the speakers would have to say on the subject. In my experience, a lot of nonprofits and associations are under the assumption that a cyberattack or cyber breach cannot happen to them – or even affect them. I can assure them that this thought process is very far from the truth, being in insurance and dealing with cyber policies daily. In fact, I would almost go as far as to say that cyber-attacks are becoming more of a certainty than a possibility.

The Steps to Address Cybersecurity Risk Express Talk at ASAE 2018.
The Cybersecurity Risk Management Express Talk at ASAE 2018.

Despite all of this, nonprofits and associations are still balking at the idea of purchasing a cyber liability & network security policy to protect themselves, as well as not taking the necessary measures needed to protect their data as well as the data of the third parties they work with. The bottom line is that any nonprofit/association with a computer can be the subject of a cyberattack.

In this short presentation about cybersecurity, the speakers did a great job showing the audience how easily it is for a hacker to get into an organization’s system, take control of their data and steal their information. While times have definitely changed and the tools for hacking are more sophisticated, they pointed out that there are a lot of layers of defense available to prevent such attacks. The steps to protecting your network can and should include:

  • Prioritizing data security;
  • Password management;
  • Training employees to be aware of scams and phishing attacks;
  • Making sure your software and technology are up to date and;
  • Data encryption

The hard truth is that by not purchasing cyber liability insurance – the costs go far beyond just being financial. Without being able to provide the necessary services, your nonprofit/association won’t be able to satisfy its mission for those who depend on it. The costs associated with an attack usually are not thought of and can bring an organization down. Costs such as; lawyers’ fees, notification fees, regulatory concerns, public relations, forensic investigations, and so on.

A cyber liability & network security policy is something every nonprofit and association should consider and purchase. If you take the necessary steps to protect yourself from a cyber breach, implement those actions, and insure yourself against an attack – you set your nonprofit and its reputation up to continue being successful.

Contact Brian for more information about cyber liability and network security insurance.

About The Author

Brian C. Lynch is a Client Executive at Ames & Gough and the leader of the association/non-profit division, located in the Washington, DC office. He joined Ames & Gough in 2016, having more than eight years of insurance industry experience and bringing an in-depth understanding of executive liability exposures and coverages, providing insurance placement, renewal planning, carrier negotiations and related client support services. Previously, Brian was a vice president with Boston Insurance Brokerage, Inc.  Brian holds a Management Liability Insurance Specialist (MLIS) designation. Additionally, Brian is a consultant member of ASAE as well as an ASAE Young Professional member. Brian earned a B.A. degree in broadcast communications from Elon University in 2006.