Providing security audits for small nonprofits

Posted on Jun 23, 2016 in Uncategorized

This August, GWOB staff and volunteers will be getting together in Las Vegas to talk about a new project we have in the works to provide security audits for small nonprofits at RHoKSec events. We want to build on the program we already have that brings cybersecurity students together with professionals for a weekend of volunteering at RHoKSec hackathons around the globe.

openbadgesOpen BadgesThe new RHoKSec program will include an certification that a nonprofit can attain if they pass the security audit at a RHoKSec weekend, but it’s not just about a certification. We want to improve on the self-assessment idea that’s in the UK Cyber Essentials certification with a questionnaire that nonprofit IT manager can work through together with RHoKSec volunteers. By making it a collaborative assessment instead of a self-assessment, we hope to increase capacity at the nonprofits for protecting their security into the future. We’re also looking to improve the “pentest corner” at RHoKSec events with a well delineated set of tests and reporting that every nonprofit that comes through the program can expect. At the end of every RHoKSec, the nonprofit participants will either leave with an open badge certifying that they’ve passed or a clear set of steps that they need to take so that they can complete the certification.

You can help us by weighing in on the developing standards for this program. We’ll be holding conversations a suite near BSides Las Vegas and Defcon, and we’ll also be at a table at BSidesLV.

Oh, yeah, and we have a fun announcement coming up about BSidesLV, so we’re wondering who among our friends is going to be there. If you are, let us know!