Understanding Nonprofit Liability: Basics of General Liability Insurance
If you think your nonprofit’s data isn’t a target because it’s not bank or credit data, you’re making a potentially costly mistake. Nonprofit liability insurance typically does not cover cyber threats, which can expose you to significant financial and reputational risks. Hackers break into networks for many reasons, and most of them have nothing to do with credit cards. A few critical pieces of data can go a long way in creating a whole new identity or spoofing your organization in a phishing attack. That phishing attack could lead to bank fraud, fake wire transfers, or a total network failure.
Your data is still your responsibility, even if it’s stored elsewhere.
Even if your data is securely stored in the cloud using a third-party client, you might still be liable for the fallout. Don’t assume you’re off the hook because your data lives elsewhere. In Sarasota, FL, where digital security is a growing concern among local nonprofits, ensuring robust cybersecurity measures is essential.
Consider your fundraising efforts. Fundraising has gone digital. More than ever, donors and clients in Sarasota need to know they can trust you. And while no system is fail-safe, you can show good faith by having a cybersecurity risk management plan. That plan should include cyber insurance. Even if you don’t do a lot of fundraising online, you probably store your client data on a network. Smartphones and smart appliances are easy targets for hackers. Once in, they could send fake emails on your behalf to donors, volunteers, clients, or employees. The email might ask for money donations using a fake link, resulting in thousands of dollars being diverted from your organization to a thief.
What would you do once you’re hacked?
You need to respond. There’s never a good time to send a “you’ve been hacked” email, especially on the heels of a successful fundraiser. Depending on the severity of the hack and the state you operate in, you might have to:
● Defend yourself in a lawsuit
● Pay for credit monitoring for all affected donors, clients, and employees
● Issue a public statement explaining the cyberattack
● Shut down all affected networks (social media, websites, or others) until the compromise is corrected
● Pay a ransom to have your computers unlocked
● Reinforce your network security
● Report the data breach to law enforcement and your state
● Inform all affected donors, clients, and employees
● Reassure the community that their confidentiality is secure
● Tell vendors in case their systems have been compromised, too
Hackers improve their games and return with more imaginative ways to infiltrate systems. That means you need all the help you can get.
Cyber insurance should be a part of the response plan
Cyber liability insurance doesn’t prevent your data from being stolen, but it can provide unique coverage options, including:
● Notifying donors and clients of the breach
● Restoring the personal identities of donors and clients
● Recovering the compromised data
● Reconstructing network systems
● Paying the ransom request
● Repairing damaged computer operating systems
● Providing free credit monitoring to donors and clients
● Crafting your PR response
● Proactively mitigating risks
● Minimizing the cost of business interruptions (if the breach requires you to shut down temporarily)
Let us help you with a cyber liability quote
Contact us for your custom cyber liability quote. We want to make sure you’re protected so you can continue the important work you do, without worry.