Services
Fixed fee engagements sized for nonprofit budgets, or a pre-agreed hourly rate. Eligible charities and educational institutions may qualify for our pro bono program.
Cybersecurity Maturity Coaching
Our flagship nonprofit service — we teach your team to fish. Hands-on coaching on Microsoft 365 security configuration, including Intune, and security governance using the Cloud Security Alliance's CCM Lite, until your team can run its own security program.
Cyber Insurance Readiness
Get renewal-ready in three months with a policy obligations assessment, business impact analysis workshop, security posture assessment and costed premium-reduction one-pagers.
Download our security testing services flyer or our security governance services flyer.
| Service | Description | Benefits |
|---|---|---|
| Cybersecurity Maturity Coaching | Hands-on coaching for your IT staff and volunteers on Microsoft 365 security configuration (including Intune) and security governance using CSA CCM Lite. | Builds lasting in-house capability — your security maturity keeps improving after the engagement ends. |
| Security Charter Development | In consultation with your board and senior stakeholders, develop a set of principles to direct your information security function. | Risk appetite of your organisation enshrined in a document agreed by board and management alike. |
| Security Policy and Standard Development | Creating security policies and technical standards right-sized for small teams and volunteer workforces. | Sets strategic direction to desired risk appetite and provides repeatable, standardised security. |
| Security Procedure Development | Development of security procedures such as user access management for staff and volunteer onboarding and offboarding. | Provides step-by-step repeatable processes so high risk security activities are done correctly — even with volunteer turnover. |
| Web Application Security Testing | Automated and manual security assessment of authentication, session management, input validation and authorisation — including donation portals and member self-service sites. | Identifies issues for remediation before they put donor or member data at risk. |
| Firewall Configuration Examination | Examination of firewall configuration to check if only approved communications are permitted. | Identifies improvements to firewall configuration that can be completed by your IT provider. |
| Network Security Testing | Automated security assessment of network listening services complemented by manual investigation. Can be performed from the Internet or your local network. | Helps you meet the "annual penetration test" requirement in cyber insurance policies and grant conditions. |
| System Configuration Examination | Comparison of your system configuration against industry consensus benchmarks or vendor deployment guidance. | Identification of improvements that can be made to your system security. |
| Virtual Chief Information Security Officer | Designated personnel will act as your Information Security Manager. | Cost effective for nonprofits with high security obligations but no budget for a full-time security hire. |
| Virtual Security Architect | A CyberShield Nonprofit consultant can work as your security architect on your new IT project — a CRM migration, donation platform or student management system. | Anticipate and avoid common security issues and reduce time to delivery. |
| PCI-DSS Advice for Donations | Advice on credit card security and compliance with the Payment Card Industry Data Security Standard for donation and membership payment channels. | Protects donor payment data and keeps your payment facilities compliant and low-cost to operate. |