As if operating an NFP entity is not tough enough, a whole new challenge has appeared on the scene. Recent coordinated cyber-attacks on over twenty Texas cities show how vulnerable municipal governments and NFP entities can be to ransomware attacks. The targets of these attacks have generally been small rural towns not having the sophistication or budget to secure their information processing systems. Sadly, this description could apply to many smaller NFP entities as well. Put another way, the next round of targets could be your NFP organization. Hospitals have already been targeted, so it is just a matter of time before other NFPs are. This is an appropriate time to make sure your systems are backed up and your disaster recovery plans are up to date. Board members and trustees, it is your responsibility to make sure your organization is protected against these attacks. Could your organization survive such an incursion? How long would it be before business would grind to a halt? How would regulators view a data breach of medical records or the inability to provide services your organization is contracted to perform? These are all questions your executive director needs to provide answers to. Waking up one morning and finding your organization’s systems have been hacked or shut down due to ransomware is not what wise trustees or directors do.
Published by Mark Koscinski
I am an assistant professor of accounting practice at Moravian University in Bethlehem PA, after a long and multifaceted business career. I am a CPA in the State of New Jersey, and hold a doctorate from Drew University in Madison NJ. I also served as a Byzantine Catholic deacon, hence the religious articles included here. Moravian University is a liberal arts college, encouraging the complete formation of a person. View all posts by Mark Koscinski
Mark Koscinski CPA D.Litt. 