Nonprofit Resources


Cybersecurity Month: The Role of Cybersecurity in Your Organization

October is National Cybersecurity Awareness Month. Each week, we’ll provide information and tips to help increase your cybersecurity awareness and reduce the cyber risk for you and your organization.


This week, the Department of Homeland Security is focusing on Careers in Cybersecurity. Research firm Cyber Ventures predicts the number of cybersecurity job openings will triple over the next five years, due to the rise in cybercrime.

The increase in the frequency and sophistication of cyber threats means it’s now a necessity to have a dedicated cybersecurity professional supporting your organization. See below for tips to help ensure cybersecurity is receiving adequate focus and resources in your organization.

Review the role of IT versus cybersecurity

Having strong IT support, whether through an internal department or a vendor, no longer guarantees cybersecurity. IT and cybersecurity require very different skills and resources.

  • Understand the differences between IT and cybersecurity, and why your organization needs both.
  • Determine which resources are dedicated solely to information system security versus information technology support and implementation.
  • Assess whether you have the resources to provide an ongoing dedication to security that is not interrupted by technical support needs and adjust as necessary.
  • Take this short Cyber Fitness Self-Test to check the strength of your organization’s cybersecurity controls.
Appoint an Information Security Officer

It’s important to have an individual within the organization who is responsible and accountable for ensuring the security of your systems and data. This vital role may include:

  • Oversight or an active role in assessing your organization’s areas of risk.
  • Making sure controls are implemented, monitored, and operating as intended.
  • Ensuring enough  resources are devoted to cybersecurity.
  • Ensuring third-party relationships are managed adequately.
  • Acting as a liaison to the board and providing the board with periodic cybersecurity updates.
  • Helping to foster a culture of awareness and security within your organization.
Build support at the highest levels

Due to the ever-changing cybersecurity risk landscape, even the most controlled environment is at risk of a breach. Given the extent and severity of the risk, it’s vital to have upper management’s support for cybersecurity, including your board.

  • Make sure management understands the risk. In Episode 21 of the AICPA’s Beyond Disruption podcast, CapinTech partner Lisa Traina explains common cybersecurity pitfalls and the top five areas organizations should focus on.
  • Know that many of today’s current threats, such as CEO fraud, capitalize on employees applying a different set of security rules to the top executive or higher-level employees. It is vital for the “tone at the top” to support consistent adherence to security practices, for all situations.
  • Involve your board or an appropriate management oversight committee to ensure cybersecurity remains a top priority.
  • Review ways to take your cybersecurity to the next level.
  • Plan for the unexpected by investing the time to create an incident response plan. It doesn’t have to be elaborate — a small measure of planning can go a long way in timely responses. Be strategic about business continuity and disaster recovery planning and set aside additional funding for emergencies that may occur due to a cyber threat.


Cyber Ventures predicts that global cybercrime will cost $6 trillion a year by 2021. That’s double what it was in 2015.


Access additional cybersecurity articles and blog posts here.

Leave a Comment