Managing Cyber Risk in Online Communications

Man at iPad

by the Nonprofit Risk Management Center

Many nonprofit leaders equate cyber risks with the work of unknown third parties who prey on defenseless IT systems. The fact is that most cyber missteps reside closer to home and are within reach of those who manage a nonprofit’s systems and websites.

One important area that should be subject to review is the nonprofit’s website. The public’s understanding of what a nonprofit does must be the actual, factual, transparent view. The mission of a nonprofit is more often than not seen through the filter of the organization’s website. Data gleaned from current and prospective stakeholders may include information about the nonprofit’s services and programs, membership or consumer eligibility criteria, requirements for volunteer service, recent success stories or milestones, financial reports and the identity of those behind the nonprofit’s cyber curtain—the members of the board and the executive staff.

Posting outdated, inaccurate or misleading information on your nonprofit’s website will erode stakeholder confidence in your mission. Take some time this month to review your nonprofit’s website and determine whether changes are in order to improve the accuracy of the site. Common missteps include:

  • exaggerating the service area or number of clients served;
  • describing aspirations in a way that suggests ongoing activity;
  • failing to provide contact information for the nonprofit’s key personnel;
  • poorly written descriptions of core programs and services; and
  • out of date listings of donors or other supporters.