Cybersecurity NPOs Form ‘Nonprofit Cyber’ Coalition
Cybersecurity NPOs Form ‘Nonprofit Cyber’ Coalition

Nonprofit cybersecurity organizations have launched Nonprofit Cyber, a coalition of 22 global nonprofits pledged joint action to improve cybersecurity. All coalition members are nonprofits that serve the public interest by developing, sharing, deploying, and increasing the awareness of cybersecurity best practices, tools, standards, and services. 

Coalition members must be a 501(c)(3) or 501(c)(6) nonprofit if organized under U.S. law or hold an equivalent status if organized under the laws of another country. More information is available at the coalition’s website NonprofitCyber.org and on Twitter at @NonprofitCyber

Nonprofit Cyber, based in New York City, will initially focus on two priorities: building awareness of the work of cybersecurity nonprofits globally and aligning their work to achieve the greatest effect. Envisioned as a “collaboration-of-equals,” each member organization has committed to work in coordination to better serve Internet users globally, according to a statement from the organization.

As it grows, the plan is to expand operations to include:

  • Achieve visibility and understanding of the efforts nonprofits are making in cybersecurity; 
  • Facilitate shared understanding, alignment and de-confliction of activities; 
  • Encourage the leadership, sharing, and celebration of volunteers; 
  • Provide a forum for sharing roadmaps of product development and release; 
  • Enable and encourage synchronization of product releases where appropriate; 
  • Create opportunities for joint or coordinated projects and products among members; 
  • Provide a forum for alignment of threat and/or attack models that drive security practice selection; 
  • Provide a forum for coordination of joint (by supporting members) public statements and joint communications to authorities on issues of mutual interest, and on the importance of shared and voluntary industry best practices; 
  • Prepare and deliver joint presentations to stakeholders; and,
  • Submit joint proposals for work and funding.

“I applaud that this consummate consortium of nonprofits has formed to actively protect us against security threats to our digital infrastructure and uphold our open Internet, combining their knowledge, skills, and tools for the greatest effect,” Govind Shivkumar, director of responsible technology at Omidyar Network said via a statement. 

The 22 founding members of Nonprofit Cyber are: the Anti-Phishing Working Group, the Center for Internet Security (CIS), the Center for Threat-Informed Defense, the Cloud Security Alliance, Consumer Reports, CREST International, the Cyber Defence Alliance, the CyberPeace Institute, the Cyber Readiness Institute, the Cyber Threat Alliance, the Cybercrime Support Network, the CyberGreen Institute, the FIDO Alliance, the Forum of Incident Response and Security Teams, the Global Cyber Alliance (GCA), the National Cyber Forensics and Training Alliance, the National Cybersecurity Alliance, the Open Web Application Security Project, SAFECode, the Shadowserver Foundation, Sightline Security, and #ShareTheMicInCyber. 

Tony Sager of CIS and Philip Reitinger of GCA will serve as co-chairs as the organization begins operations. Nonprofit Cyber seeks new members that work to implement best practices and solutions at scale. Nonprofit Cyber is focused on these organizations, rather than lobbying or policy development and advocacy organizations, or industry associations. 

“A large number of nonprofits that focus on cybersecurity implementation are working within their own areas of action toward the joint goal of improving cybersecurity, but the lack of coordination and communication among them can lead to inefficiency and duplication of effort.” said GCA President & CEO Philip Reitinger, president and CEO of the GCA, with operations in the U.S., U.K. and Belgium. “Better communication and collaboration among these groups will enable programmatic and opportunistic action to improve cybersecurity.” 

“Cybersecurity nonprofits create and sustain essential resources that touch every enterprise and every person. And many are natural ‘integration engines,’ bringing together people and ideas across the public and private sectors, technical disciplines, industry sectors, and national borders.” said Tony Sager, senior vice president and chief evangelist at CIS in East Greenbush, N.Y. “Our goal with Nonprofit Cyber is to collaboratively align our individual strengths into a collective force for good, taking positive action for the entire cyber ecosystem.” 

“Nonprofits have an important role to play in helping set expectations in cyber security hygiene and providing tools that can help organisations of all sizes,” said NCSC (UK) Technical Director Ian Levy via a statement. “I’m really happy to see these great organisations coming together under ‘Nonprofit Cyber’ to be better coordinated and to maximise the impact they can have in helping the global cyber security mission.”