In my recent Not-For-Profit newsletter, Questions and Concerns Board Members Should Consider in the Current Environment, I shared some items and questions that not-for-profit organizations should consider in 2021.

This blog focuses on one area that has, and continues to be, a prime area of concern for all organizations — cybersecurity. Mishaal Khan, Cybersecurity Practice Leader and Solution Architect at Mindsight, provides his thoughts on the items organizations should consider regarding cybersecurity:


  • New laws and regulations;
  • Limiting collection and sharing of information to minimize the impact of a breach; and
  • Safeguarding personal privacy to minimize social engineering scams.

2. Security Controls

  • Continuing a layered approach in security;
  • Proactive monitoring; and
  • Planning and creating a cybersecurity budget based on risk.

3. Financial Risk Analysis

  • Prioritizing security spend based on high risk and high impact for the business — consider non-technical and soft dollar costs.

4. Education

  • Video-on-demand-style educational videos may not be creating a significant impact on employee security awareness — consider other means of education and awareness.

5. Embracing and Securing the Cloud and Remote Workers

  • Weigh the pros and cons.

Originally Published by Ostrow, February 2021

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.