Between ongoing cybersecurity threats, rapidly changing technology, the shift to hybrid work, new data privacy laws, and increased cybersecurity requirements from insurers and partners, cybersecurity best practices have moved from nice-to-have to must-have for nonprofits and NGOs.

The word “reasonable” comes up in many data privacy laws and cybersecurity frameworks. This session will help you think about what “reasonable” cybersecurity means for your organization.

We will help you understand how to think about what information is important to protect and how much protection is appropriate given your organization’s risks and capacity. Over the course of the session we will make sure you have the tools, skills, and templates to help you with the next steps that are most appropriate for your organization.

In this session, you'll learn about:

• How to think about “reasonable” cybersecurity
• How a “defense in depth” cybersecurity program protects your organization
• The core elements needed for a “reasonable” cybersecurity program
• The components of threat modeling and risk analysis
• Free and low cost tools and resources
• Three things your organization can do to immediately improve cybersecurity