Abstract:
Information system security managers (ISSM) in nonprofits face increased cyberattack cases because nonprofits mostly use basic technology due to their desire to save costs. It is important for nonprofit owners and managers to solve this problem because it exposes their organizations to hackers. Grounded in the general systems theory, the purpose of this qualitative multiple case study was to explore strategies ISSMs at nonprofit organizations employ to protect against cyberattacks. Participants included five IT managers and directors of information technology in charge of security management in nonprofit organizations in Maryland, the District of Columbia, and Virginia. Data was generated through interviews and review of archival documents. The data analysis technique used was thematic analysis. Three themes emerged from the analysis: cybersecurity awareness, cybersecurity strategy, and third-party dependence. The nonprofits should consider the following recommendations: first, evaluate cybersecurity health by assessing the existent cyber threat environment. Second, develop and execute a comprehensive strategic plan on cybersecurity, including policies and procedures targeted at protecting sensitive and likely sensitive data. Third, evaluate in-house IT capacities and consider hiring third-party vendors’ expert skills. Fourth, create cybersecurity awareness by training the employees on data protection. The implications for positive social change include the potential for ISSMs conveying effective cybersecurity strategies for nonprofits to mitigate and prevent potential cybersecurity attacks, thus furthering the nonprofits’ missions.
Read More https://scholarworks.waldenu.edu/cgi/viewcontent.cgi?article=11421&context=dissertations
