Home » cyber security » Social Enterprises: A Hacker’s Favorite Target

Social Enterprises: A Hacker’s Favorite Target

Organizations whose primary goal is social good may seem like unlikely targets for hackers. After all, who would want to attack the tech resources, networks, and data repositories of these groups when there are so many for-profit organizations and government agencies to prey upon?

Unfortunately, the answer is a lot of people.

The reality is that social enterprises are at particularly high risk for security breach. The reason, as recently stated in a Forbes.com editorial, is because hackers’ typically infiltrate their victims’ networks by searching for the weakest link as the initial point of entry to their ultimate target.

This means that social enterprises, which often have remote connections to NGOs’ and government agencies’ networks, are an ideal starting point for cyber criminals who intend to ultimately attack a larger partner entity.

This dynamic holds true in the private sector, too. Several high-profile security incidents have been initiated through the remote connections of small vendor partners or non-profit organizations. The most notable example is the Target breach, where attackers first gained entry through the remote connection system of a small HVAC partner.

With the publicity surrounding the Target breach and others, it’s likely that large public sector entities will now be carefully evaluating their partners to validate compliance with cyber security regulations and best practices for privacy protection. This means that, even without any indication of a potential breach, social enterprises may find themselves in a difficult position with their partners — unable to secure contract renewals or new partnerships — unless they meet compliance standards and enhance their security positions.

For a small organization that may not have previously put much consideration in to cyber security, the reality of this situation can be overwhelming. Fortunately, social enterprises don’t need to rely solely on their internal resources to ensure they can achieve regulatory compliance, strengthen their networks, and train their personnel for privacy protection.

Lunarline has a long history of assisting both public and private sector organizations with exactly these goals, and from that experience, we have developed processes, tools, technologies, and efficiencies that help put cyber-security solutions within reach for organizations of all sizes.

If you’re a part of a social enterprise that’s looking to strengthen its cyber security posture, we invite you to learn more about Lunarline’s consulting services, innovative products, and training programs. Please visit us online at Lunarline.com or contact us for an initial consultation.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.