By Eric Spacek, Assistant Vice President – Risk Control, at Church Mutual Insurance Company, SI
GivingTuesday was created 10 years ago to encourage people to do good. During this annual celebration on the Tuesday after Thanksgiving, Americans give to the charities they believe in.
In 2021, the GivingTuesday Data Commons estimates that 35 million adults participated in GivingTuesday, donating $2.7 billion. This year, Whole Whale estimates that GivingTuesday will bring in $3.2 billion and surpass the record year of 2021.
The expected increase in donations is good news for churches. However, since more than 90% of large churches accept donations online, cyber theft becomes a risk.
Eric Spacek, Assistant Vice President – Risk Control at Church Mutual Insurance Company, SI (a stock insurer)1offers ways to protect your congregation’s finances.
Cybersecurity can seem overwhelming, how can organizations hold it all together?
Places of worship and other nonprofit organizations are prime targets for thieves seeking access to members’ personal and financial information. Luckily, if you remember “CESA,” you’ve taken the first steps toward cybersecurity.
- Communication – How many of your members know about all the methods people can use to give to your church? Communicating frequently and repeatedly can increase donations, and members will be more likely to identify a potential scam.
- Education – Designate a point of contact for donations. Educate your members on how to spot fraudulent claims and report them.
- Smart – Keep up to date with the most common cybercrime tactics. Phishing (email) and smishing (text message) – sending what appear to be trusted messages to collect credit card or other personal information – remain among the main methods used by attackers. They feed on emotions to get an answer. Ransomware will hold your computer files for ransom and you will have to pay the attacker to regain access to your information.
- Action – Practice cybersecurity measures with existing tools and vendors.
Are there any easy action steps churches can take right away?
There are many ways for places of worship to combat cybercrime.
- Password Protection – Easy-to-guess passwords make it easy to hack into your system. Do NOT use easy-to-find information, such as a date of birth or address. Instead, use a series of words with symbols and numbers replacing the letters.
- Restrict access to your network – When an employee or volunteer leaves, immediately disable their access and change their passwords. Only people who need to use the system should have access credentials.
- Maintain network security – Require guests to request permission to use your network with a password. Configure your network to lock accounts after multiple failed attempts and use firewalls and encryption to restrict data access.
- Back up critical information – Ransomware can destroy your data. Back up your data regularly and separate the backup of your online data and files.