Okta to Spend $1M Helping Nonprofits Improve Their SecurityGrants Will Link Nonprofits with Key Talent to Configure and Manage Security Tools
Identity titan Okta has awarded slightly more than $1 million in grants to groups focused on connecting nonprofits with the talent needed to configure and manage security technology.
See Also: Assessing Threats Outside the Perimeter
The San Francisco company seeks to fill a void left by most donors, who typically direct contributions toward programs and services. That leaves nonprofits with limited access to the infrastructure and human capital needed to address their cybersecurity needs, says Erin Baudo Felter, Okta's vice president of social impact and sustainability. Many nonprofits struggle to hire employees with security acumen, she says.
"The talent war is really difficult, especially when you look at that next to the funding challenges that organizations have to grapple with," Felter tells Information Security Media Group. "We're really focused on this people problem."
Knowledge and Money Are Impediments
The security challenges for nonprofits are amplified by executives and board members who mostly don't pay attention to technology and cyber risks, Felter says. The few top-level conversations that do occur mostly focus on keeping the lights on rather than how technology and security can further the impact and mission of the organization, according to Felter (see: Okta CEO: Hack Didn't Have Quantifiable Impact on Business).
"Organizations lose out on seeing the bigger picture," she says.
It's little surprise that threat actors see nonprofits as soft but lucrative targets, especially given the highly sensitive donor and client information they hold.
"Nonprofits support some of the most vulnerable populations in the world, including those who are susceptible to politically motivated attacks," Felter says. "If you think about refugees or those seeking reproductive health care or LGBTQ individuals calling crisis hotlines, there's really incredibly sensitive data that nonprofits hold. And in some cases, it's life and death in terms of who holds that information."
Solving the Human Capital Problem
Okta is allocating grant money to organizations focused on solving nonprofit's human capital problem in cybersecurity. The grants will be paid out over two years to six organizations pursuing different models to address the lack of human capital in the cybersecurity space, Felter says. The company is looking for initiatives that not only produce results but also are easily scalable, she says.
Felter says Okta is particularly interested in awarding grants to organizations that have the potential to teach the company's security and product folks something valuable that they're then able to apply across the rest of the business. Aside from that, Felter says Okta is focused on the track record, strength of leadership, and amount of impact a program is making when deciding which groups should get grants.
McLean, Virginia-based NetHope received $375,000 to establish a "Dial-a-CISO" program, with the money being used to hire one dedicated CISO that can serve the more than 60 humanitarian aid and development organizations in the NetHope portfolio. This model allows a single human to positively affect the millions of individuals served by nonprofits in the NetHope portfolio.
"The talent and expertise of CISOs is desperately needed in the nonprofit sector," Felter says. "And they have a tremendous opportunity to use what they know to help organizations that are serving some of the most vulnerable populations in the world and doing us all a service."
The University of California-Berkeley's Center for Long-Term Cybersecurity was awarded $25,000 to link graduate students in computer science, public policy and human rights with high-risk NGOs to provide pro bono security support. This initiative provides nonprofits with more human capital and also should help create a broader and more diverse pipeline of talent entering the cybersecurity space, Felter says.
For initiatives focused on providing human capital to nonprofits on a pro bono basis, she says Okta will track the number of organizations served, the impact of the engagement on students and volunteers, and the impact on the nonprofit when it comes to implementing best practices. Metrics for the other awards will be developed on a case-by-case basis in consultation with the grant recipients, Felter says.
Felter says there aren't enough tech leaders serving on the boards of nonprofits or assisting them in an advisory capacity. Many nonprofits would benefit tremendously from better leveraging the insights of CIOs and CISOs to inform where the organization goes and how it uses technology more strategically, according to Felter.
"This is an area we're going to be working in for a very long time," Felter says. "This is our first big step into it. We're going to learn a lot and we're going stick with this for the long term."