Category: Risk & Advisory

Keeping it simple provides more protection than you might expect By Mac Lillard, CPA, CFE, CISA, CRISC, CITP | Manager, Audit and Risk Advisory Services During 2020, the Federal Trade Commission (FTC) received more than 2.2 million reports of fraud, up 500,000 from the 1.7 million reports filed in 2019. The significant increase in fraudulent…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Securing the privacy of your organization’s employee and customer data is critical for maintaining the trust of members and donors – and is increasingly becoming a legal requirement. What is information disclosure?  Information disclosure occurs when an application reveals sensitive information about its users. Depending on…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Social media has allowed organizations to connect with customers around the world, but the wide reach of your social network also presents opportunities for hackers and bad actors to launch attacks or damage your organization’s reputation. Properly understanding and managing your social media presence allows you…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Hackers and malicious attackers will often publicize their targets in various forums or on the dark web, so they can gather support and intelligence for taking down a website or finding vulnerabilities within an organization. Hacktivists are hackers who are politically and/or socially motivated. Their targets…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Simply put, Identity and Access Management (IAM) is the discipline of allowing the right individuals to have access to the right resources at the right times for the right reasons. As hackers have gotten more sophisticated, organizations must take steps to ensure that users attempting to…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Most organizations have secured their data with encryption, but security protocols are evolving rapidly in response to sophisticated cyberattacks. Ensuring your organization has the latest SSL/TLS protocols enabled is necessary to help establish trust, ensure data privacy for your users, and to prevent data breaches. Risks…

Read more ›

Remote work has exposed existing cybersecurity vulnerabilities and created new ones. How is your organization responding? The GRF Cybersecurity Risk Assessment and Scorecard provides a baseline diagnostic to help you analyze your organization’s risk and develop an appropriate compliance strategy. You may be surprised to discover you already have the right tools – you just…

Read more ›

Both the COVID-19 pandemic and the preceding great recession presented serious challenges for organizations eager to develop an annual budget and stick to it. In fact, many businesses and nonprofits alike found themselves with reduced revenue, additional expenses, and worst yet, no contingency plan. Without a crystal ball, the best any organization can do is…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     Web applications are a top target for attackers. Hackers are constantly searching the web to find common vulnerabilities that they can use to exploit your website and data. Not having the proper security controls in place can result in an attacker bypassing authorization controls to steal…

Read more ›

GRF Cybersecurity Risk Assessment and Scorecard Blog Series     It’s crucial for your organization to have an online presence to effectively communicate your brand and your mission. However, you may not be aware of everything that people can see. If end-users are not able to find your organization online – or they find misleading, incorrect,…

Read more ›