Tag Archives: training

Nonprofit Radio for March 13, 2023: Beat Back Cyberattack

 

Michael EnosBeat Back Cyberattack

Cyberattacks against nonprofits are on the rise. While you cannot avoid them, you can make them a lot less likely to cost you big money, your data, your reputation, your donors, and your employees. Michael Enos from TechSoup helps us out.

 

 

Listen to the podcast

Get Nonprofit Radio insider alerts!

 

 

Apple Podcast button

 

 

 

We’re the #1 Podcast for Nonprofits, With 13,000+ Weekly Listeners

Board relations. Fundraising. Volunteer management. Prospect research. Legal compliance. Accounting. Finance. Investments. Donor relations. Public relations. Marketing. Technology. Social media.

Every nonprofit struggles with these issues. Big nonprofits hire experts. The other 95% listen to Tony Martignetti Nonprofit Radio. Trusted experts and leading thinkers join me each week to tackle the tough issues. If you have big dreams but a small budget, you have a home at Tony Martignetti Nonprofit Radio.
View Full Transcript

Transcript for 631_tony_martignetti_nonprofit_radio_20230313.mp3

Processed on: 2023-03-11T01:00:20.020Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2023…03…631_tony_martignetti_nonprofit_radio_20230313.mp3.38068433.json
Path to text: transcripts/2023/03/631_tony_martignetti_nonprofit_radio_20230313.txt

[00:01:26.42] spk_0:
And welcome to Tony-Martignetti non profit radio big, non profit ideas for the other 95%. I’m your Aptly named host of your favorite abdominal podcast. Oh, I’m glad you’re with me. I’d suffer the embarrassment of a phone. Yah. If I had to speak the words you missed this week’s show, beat back, cyber attack, cyberattacks against non profits are on the rise while you cannot avoid them, you can make them a lot less likely to cost you big money, your data, your reputation, your donors and your employees, Michael Enos from Techsoup Global helps us out on tony steak too. Get in people’s faces again. It’s a pleasure to welcome Michael Enos to non profit radio He is senior director of community and platform for Techsoup Global. He began his professional career in technology in 1996 and has since led team, tech teams at the national and individual office levels in increasing responsibilities on Mastodon. He’s at Michael underscore Enos at public good dot social and tech soup is where you’d expect them to be at techsoup dot org. Michael, welcome to non profit radio

[00:01:42.03] spk_1:
It’s great to be here. Tony Thank you for having me.

[00:01:46.69] spk_0:
My pleasure. My pleasure. Let’s please explain the work of tech soup. I think it’s so valuable, so many billions of dollars of software and hardware transferred to nonprofits. Make sure, let’s make sure everybody knows what techsoup is doing,

[00:02:52.57] spk_1:
you know? Absolutely. I mean, essentially our, our mission is to help civil society, organizations worldwide um better leverage technology to create impact in the missions um that they serve and to build communities. Um You know, that, that then can then foster that, that, that, that impact globally. Um We do that through a number of different ways. We do that by facilitating philanthropy from large tech donors. Um And you know, most of which are the ones that are just, you know, household names. Um We also do it through uh courses, services, consultations, um and through connecting organizations with each other and through also through engagements like this where we try to really uh to blogs, webinars and other facets where we help organizations understand how they could use tech um and protect their tech to uh enable uh and further have impact for their, their communities. They serve,

[00:03:17.12] spk_0:
I saw on tech soups website today, Microsoft Office or Microsoft 3 65 for a dollar. So

[00:03:18.55] spk_1:
that’s an example, right? And if you were to go to uh you know, Microsoft for nonprofits or Google for nonprofits, for example, um you know, the data validation platform that validates organizations worldwide is managed by Texas So, ultimately, we, we, we do many things but we’re also sort of a, I guess, data leading partner for, for a lot of these organizations that want to understand and make sure that their philanthropy is going into the right hands.

[00:03:48.25] spk_0:
You have, you have local uh connect groups to techsoup, connects groups.

[00:03:54.10] spk_1:
That’s great. That’s right.

[00:03:56.21] spk_0:
Yeah. You know, I know, I know you’re, well, you’re director of community and platform. So is that, is that part of your work

[00:04:42.76] spk_1:
director? I mean, you know, you know, I support that, that organization that we um we have, we have lots of different um areas and, you know, and, and in my role, I support them all um platform is a lot of the, you know, I oversee our enterprise, infrastructure and security as one of my fundamental sort of roles. I mean, obviously with the, with their expansive amount of technology that we have, that runs our platforms that, that consumes a lot of my time, but also the community side because of my background working in the tech for good space, you know, since, you know, for the length of my vocation, um you know, I have, I’ve accessed as a resource for a lot of other groups, including the connect group for when they need, you know, to understand, you know, how to, you know, for, for things like this and for, for other things um to help our communities um better leverage to the tech that they use. I mean, it’s one thing to, to uh provide the technology. It’s another thing to actually help people, you know, provide them the enablement to be able to use it and optimize it.

[00:05:08.91] spk_0:
Are there local meetups are the group’s going back

[00:05:50.06] spk_1:
to? Exactly. There are, there, there are, you know, communities within the regional and our, and that’s part of our connect program. Um And eli, the guy who runs that and, and the group that runs that are very, very energetic and it’s very community driven, which, which is fantastic and we’re sort of an enabler and facilitator in that work, which is wonderful. And that stems from the early days of us being part of the early groups that were involved with the, you know, tech for good space way back when technology was first getting launched, you know, and the internet was first launching different

[00:05:51.33] spk_0:
types of work. I mean, you know, n 10 doesn’t do consulting, which I wanted to ask you about very shortly. But, you know, they don’t do tech grants necessarily, but all, all very parallel with, with N 10.

[00:06:26.73] spk_1:
Yeah. Correct. And, and we, we have a close partner to put 10, 10 and, and we attend the events and such and we’ve long been sort of affiliated with that demand and other and other groups like like 10, 10. Um and we have partnerships that sort of expand throughout the different communities. Um And, and we try to be involved globally as well. You know, so there’s this sort of, you know, there’s the U S side of it, but then there’s also the everything that we’re doing outside of the U S and abroad because, you know, it’s um civil society is international and so, and tech soup is really involved with, with things not just within our own borders but, but outside of them um globally.

[00:06:50.58] spk_0:
Are you going to 23 NTCC the conference?

[00:06:51.42] spk_1:
Um myself. No, I’m not the, I know we have some, some other representatives that are there. I’ve been to many of those uh this year. I’m not specifically going, but we will have some representative from Texas there. I’m

[00:07:03.64] spk_0:
sure. Yeah. And non profit radio will be there as well. We’ll be on the exhibit floor.

[00:07:07.67] spk_1:
Excellent. That’s fantastic. Yeah. Yeah. Well, I’m sorry, I’m not going to be there to be in person to meet

[00:07:12.61] spk_0:
you. That’s all right. There. There are others every, every spring and

[00:07:17.31] spk_1:
virtually, by the way,

[00:07:18.97] spk_0:
that’s true. There is hybrid this year. That’s right. Um And, and texture is also consultants to consultants to nonprofits. Let’s make sure folks understand that too.

[00:08:46.84] spk_1:
Yeah, I mean, we, we provide, essentially, we help organizations connect with other organizations that then provide consultant services. We do some ourselves, but it’s very specific to some of the um because we, we provide a lot of, you know, what we’re doing to, to skills. So to speak what we, what we have is we’ve partnered with other organizations through our platforms to, to align organizations depending on exactly what type of consultation they need to inappropriate sort of resource for them. Um And that’s more uh our, our model in terms of we’re sort of a connector. So for example, if somebody needs, you know, specific sort of technology assessment uh for implementing uh Microsoft, we may do some, but then if it’s more advanced, we may work for them to, to impact or an organization that we partner with and then they provide that as a service to that organization. So, and we have other partners like that, who provide those similar sorts of services that are more hands on and direct than what tech soup can provide at this moment. And we may may expand that more and do some of that um more, more stuff ourselves and, and we are developing that and some of our customers success programs. Um and we do run a lot of sort of in the office programs where people could have webinars. And I’ve spoken in a few of those where we do it in in depth dive of a particular technology so that organizations can learn how to use them.

[00:09:00.19] spk_0:
I’ve always considered the big three to be Tech Soup N 10 and tech impact in terms of technology for nonprofits and, and all three of those of course, are nonprofits themselves. Right.

[00:09:12.87] spk_1:
Exactly. Yeah. All right,

[00:09:15.44] spk_0:
let’s talk about cyber attacks. Uh They are on the rise against nonprofits. What, what, what are you, what are you seeing? We’re going to get into the details, of course, but overall general, you know, kick us off. What are you seeing on this front?

[00:11:31.28] spk_1:
What, what we’re seeing is a lot more, um, targeted attacks, which, which is, which is unique because there’s, you know, speaking broadly about cyber activity, you know, there’s a lot of noise on the internet. There’s, you know, just all these robotic sort of in these bots that are flying around trying to find targets, right? And they’re sort of just, you know, you know, I guess, you know, they’re, they’re doing drive by sort of evaluations to see of anything, you know, just to see if there’s anything that they could get a finger in or, you know, just to explore and see if there’s sort of a, you know, something that they could find in there. What we’re seeing now is more targeted attacks, meaning there’s a specific purpose to it. Like somebody’s like, well, you know what we think that, you know, this is a, you know, a specific type of organization, they’re involved with a particular type of activity and we’re interested in knowing who’s donating to that activity and whether or not we could possibly have access to that information because that might be valuable or perhaps to the constituents that they’re serving because maybe that information is valuable as well, maybe for either financial reasons or, or, or or political reasons. And so we’re seeing a little bit more of that or, or perhaps because we really want to cause disruption in critical infrastructure. And one thing that um this is sort of a broader trend in cyber security around targets towards critical infrastructure and myself and and others in this space believe that civil society, organization data is part of critical infrastructure and critical infrastructure. So I mean, people are targeting things like, you know, we’ve we’ve heard about the target on power grids and uh gas pipelines and such. And you know, if you think about data that’s relative to communities that are specifically vulnerable in certain context or, or have access to information about others, then that’s critical infrastructure because we need these organizations to function in society. And so, you know, there could be other actors who say we want to disrupt that particular critical infrastructure for some reason and that reason could be varied just like it is for why people would disrupt any sort of critical infrastructure.

[00:12:55.08] spk_0:
I have an example that is pretty close to home. I I I own two homes in North Carolina. One of them was affected by that shooting at uh at the electrical substation in that was, that was in Moore County, North Carolina. Um And there’s a, there’s a possible correlation that, that that attack was to prevent a drag queen show from going on in the little town of Southern Pines, North Carolina, which is served by that substation that got shot at. Um So, I mean, it sounds like you’re saying, it’s not that far a leap like, you know, 11 cadre of bad actors uses guns. Another cadre of miscreants could be hackers that are looking for data at that maybe at that theater or, uh you know, among a nonprofit that may have been involved with

[00:13:45.30] spk_1:
maybe maybe the intent at the attendance list or the people who are donating to that event. And so, you know, this is the type of data and like I said, there’s, there’s different reasons why somebody might be targeting certain data. But this, these are the, this is, you know, this is like bingo on the nose, this is the kind of stuff that, that we’re seeing more and more and we’re very concerned about and why we’re really like soup is really sort of launching this um effort to help educate organizations on how to improve uh and understand what cyber security means in this space and how to prioritize it, but also how to um sort of get through the sort of complexity of it and, and, and find simple ways to knock off low hanging fruit to make it sort of actually, you know, doable for them with given their budgets and given their constraints that we a lot of smaller organizations in the, in the space you know, have, generally,

[00:14:39.67] spk_0:
it feels like in our polarized culture that there isn’t a nonprofit mission category that would be exempt from, from possible attack. I mean, you know, even feeding, feeding the hungry, you know, I could conceive of that being objectionable to some group of people that feels like why do those folks get food and, and I don’t get food or why are they entitled? And I’m not, or, you know, something that seems innocuous and purely beneficial. I, I can imagine, uh, another cadre of bad actors deciding that it’s, it’s, it’s worthless or worth worse than worthless. It’s detrimental to our culture for some reason and wanting to attack it. It doesn’t, it doesn’t feel like any particular mission would be more vulnerable or less than, than any other.

[00:15:59.15] spk_1:
Um, you’re correct. And one of the other things that is, has changed in, in this, in this sort of, you know, over time that I’ve seen is the availability of the tools to be able to perform exploits before you would actually have to be, you know, pretty well versed in hacking to be able to do any harm right now. It’s, you can, you can buy the service. I mean, you could just go to the market on the dark web and just say, hey, you know, I want to buy this, you know, uh, this hacking kit, you know, and, and, and, and there’s youtube tutorials on how to do it. I mean, it’s becoming, and, and these are, the tools are free and readily available. So what we’re seeing more of is not only just this trend of people wanting to and, you know, and maybe that hasn’t changed, it’s just that it’s more accessible, right? But, you know, people wanting to, you know, target communities and, and, and, and also try to find valuable data within these communities, but also their ability to do so it’s become easier and there, you know, and, and so you combine those things together and that’s why we’re seeing the trends we’re seeing. That’s one of the reasons

[00:16:21.11] spk_0:
you no longer have to be a sophisticated computer user. It doesn’t take a lot of study, you’re saying these things are available for cost or free to cause harm. All

[00:16:29.81] spk_1:
right.

[00:16:39.80] spk_0:
Alright. So how do we, how do we break this down for folks in small and mid sized nonprofits, you know, that, that they can sort of prioritize? I mean, is it as simple as let’s start having universal two factor authentication for everybody on your teams or maybe that’s passe maybe, maybe we’re past that now. I don’t know, how should

[00:19:30.66] spk_1:
we, you know, you, you make a good point. So for example, like the first thing I think people should do is, you know, or, or what you know, uh would be recommended and to think about it is to do the basics. Okay. What things like what you mentioned is like like multifactor authentication, um you know, anti malware on their clients, keeping things up to date and, and making sure you have backups of your data, these are sort of the basics, right? And so apart from the basics, though, you know, the next step above that is to then start looking at what we call privileged access management or role based security, not everybody needs to have access to everything, right? So, so, so let’s say, for example, a system was compromised with somebody’s permissions or credentials, depending on what they have access to, they could only do so much. And so there’s a, there’s a, there’s an important concept in cybersecurity that we call the privilege, the principle of least privilege. So, and that sort of dictates that a person really only needs access to the information that they need to do the role that they’re trained to do in their specific function. So if, if, if somebody is, you know, in I T, somebody who’s familiar with I T systems, uh they understand sort of the complexity involved and they may have access to privileged systems where they can perform things and have access to that sensitive data, but not the entire organization, right? And so we call that privileged access management. And sometimes, especially with today’s as we’ve moved into the cloud more when things get fired up and somebody spins up an app in the cloud, the cloud as well, generally have some basic role based permissions like the admin, you know, maybe a super user and then maybe some groups and then, and then just the regular users, right? You don’t want to give everybody admin rights. And so because then if somebody, if that just, that just provides more exposure and so these are small things that don’t take a lot of time or effort really to just sort of that, that’s a little bit beyond the basics though because um you know, and you know, for, you know, tech soup, for example, provides, you know, office 65 or 65 go for, for, for work space organizations. And once we, they provision, the next step is to really go in there and sort of harden them a little bit and lock them down and to go through that steps and understand what that looks like. So that um as people start doing things like maybe downloading spreadsheets that contain donor data or customer data that it’s not, somebody can’t accidentally just share that with somebody, you know, outside the organization or, or that becomes available on the general public internet.

[00:20:02.06] spk_0:
So how do we execute some of these things that are, that are more advanced, you know, beyond the backing up the multi factor authentication. Alright. So if you move into privileged access management, we need a, we, we either have a C T O which most listeners probably don’t or we need some outside help.

[00:21:13.19] spk_1:
No, actually, I think that a lot of these, you know, cloud based applications will provide guidance. The good news is is that they have an interest in protecting and wanting you as a, as a customer as well as, you know, the fact that it’s a shared data model. And so the the better that they do in terms of providing information about how this works, the better, you know, the, the the, you know, the people who use that product is going to benefit from it. And so generally in these, you know, you know, and these things aren’t if you have somebody who is at least responsible for the deployment of the technology and they don’t have to be an advanced, you know, computer scientists to do the work of the cloud app then. But somebody should be sort of designated within the organization to ensure some of the basics about the way data is handled. And, you know, getting to one of the export points, I wanted to bring up one of the most important things to understand for an organization is what data do they have? Where does it live and what is the value of it? And what is the value of Michael before we, before

[00:21:22.02] spk_0:
before we move to what, what’s our data inventory? I want to emphasize this, I wanna emphasize the value of being in the cloud. So there is there is value to using uh CRM databases that are cloud based versus server based at, in your office anymore.

[00:22:47.49] spk_1:
Correct. And for so many reasons and, you know, uh, and, and moving to that topic because a lot of the ways that systems are oftentimes breached is because what things we mentioned earlier, such as they’re not patched, there’s, um, not, not very good perimeter security on them. These things are taken care of for you, um, and they’re not backed up regularly. Um, those things, these things are taken care of for you in a sassy application. Um If it’s, if it’s a robust SAS application, like the kind that takes provides. And so when we, when we go to, you know, vet an offer that’s going to be in our marketplace, we we, we go through the list to ensure that this is gonna be a product that will serve the pole, the test of time and actually will, will be robust in, in the requirements necessary for our organization to protect their data. And so, and, and so that leads to, you know, also that making it more but maybe a little bit easier for organizations to then lock down their cybersecurity because they don’t have to have experts come into their closet or their data center and, and do this configuration and do all these updates are very technical on their firewalls and all the hardware and everything all the time in their own infrastructure, it can be managed within the cloud by people who are not necessarily have that sort of, you know, the Cisco CCN a sort of certification? Alright,

[00:23:07.85] spk_0:
thank you. I just, I wanted to drill down absolutely. Very

[00:23:11.75] spk_1:
good point.

[00:23:15.98] spk_0:
The value of from a security perspective, the value of the cloud. Alright, so let’s go to what you were, you were headed to what your data inventory, what what do you have? What what do we need to be? What do you want us to think about their?

[00:23:32.71] spk_1:
Yeah, so no data is not all data is not created equal, so to speak, right? So we have, we have data that it’s just things like, you know, my notes when I’m, you know, talking in a meeting or something like that. Okay. There’s nothing valuable with that. It’s, you know, generally not containing anything that’s sensitive. It’s sort of my notes from a meeting. Okay. Now, if that is something that, you know, maybe I don’t want to share, but it’s not something that, you know, if a hacker birds look at that so I can’t sell this and it doesn’t contain anything that’s gonna, I can do any harm with. Right.

[00:24:09.30] spk_0:
Well, it might depend, it might depend who’s leading the meeting. You might have different, you might have different sets of notes depending on who’s leading your meeting. You know, you might be commenting on the commenting on their uh I don’t know their, their capacity. I mean, not to suggest

[00:24:16.36] spk_1:
that people

[00:24:30.71] spk_0:
know, I’m actually, I’m actually having fun with you like, if somebody at tech soup was not a very good, not a very good speaker or supervisor, you know, then those notes you might not want in the public domain. But if the person is carrying their weight and they’re generally a good, good employee, you know, you have a brighter set of notes that you wouldn’t feel bad about getting exposed. That was my, my point. I guess I wasn’t, I wasn’t coming, I was coming across so dry. It was, it was desert, it was desert dry.

[00:27:18.46] spk_1:
No, I’m glad you brought into it. The, the, yeah, the types of data that you know, we think about when we think about the difference between data privacy and data protection to me, they’re very linked, right? So we, we have a responsibility to protect people’s data and the privacy of their data, but also to protect the security of that data. And so, you know, fundamentally speaking, generally in organizations in the sector, there’s gonna be some, you know, information that’s sensitive or may have some value and if we identify that and identify where that lives and then focus our energy on securing that, making sure that that data is backed up. Um and, and testing access to it, that’s, that’s, you know, if you have limited resources, that’s the place to really focus your attention. And then the other stuff is great. I mean, and use using robust tools like we provide um in our marketplace such as box for document repositories or even sharepoint, those can all be really configured for. So any type of theater, like even my notes from, you know that, you know, or my supervisor notes about me or your notes about me can be secured, you know, um you know, in a very robust way or shared. And one of the things we’re seeing, for example, especially the document collaboration software, it’s very easy to share things. They make it very easy to share with anybody, right? Just click and it always says like share with anybody with link, you know, you know, and so if you, if it’s something like, oh, you know, um uh oh somebody just sent me, you know, or they told me to put in my, you know, take a picture of my passport or something and, and stick it in here, right? And, and I, and the somebody has in the human resources once said, oh, I’m just gonna share this link and make it copied everybody. Now everybody has access to your past potential, everybody has access to your passport photo and I D so, you know, these are the things that we just have to sort of like start thinking twice, which brings me up to my next point. Um Security awareness within organizations, cybersecurity awareness, I cannot stress enough how important it is for organizations to have a cyber security awareness program within the organization. This these programs don’t cost a lot of money. They don’t take a lot of time and they go a long ways to prevent Uh an internal mistake that could lead to something 80% of cyber attacks happen from the inside.

[00:27:27.33] spk_0:
What does this cyber security awareness program look like?

[00:28:34.34] spk_1:
So essentially, so for example, um they’re usually conducted on point of like orientation for an employee that comes into an organization and they go through a video, you know, provided by a platform like no before which is in our marketplace. And, and what they do is they sort of go through this, this methodical sort of, you know, force to teach somebody about fishing about sensitive data about ways that people try to get access to information, either through cell phone, fishing through text fishing through um email phishing or through other means to or even on Slack to say, to try to fool you into providing some information um that they, that they can use a huge trend in this arena is what we call impersonation fishing. It’s a specifically targeted phishing email that looks like it’s coming from somebody within your organization such as your CEO, your CFO or uh the human resources director asking you to provide or update your banking information. And it’s very carefully crafted, crafted, it looks just like that and you really have to do a lot of due diligence to really go through there and say, oh, did this really come from our CEO having

[00:29:03.26] spk_0:
Haven’t there been cases where like a spoof email like this says, you know, wire $50,000 to this vendor account. You know, we’re, the payment is overdue. We need to wire this payment ASAP. And of course, it goes to the Bad Actors account. Isn’t there? Stuff like that? It looks like it’s like the treasurer saying, send a wire or the CEO saying, send, make a payment.

[00:29:40.35] spk_1:
That’s right. Exactly. And, and, and we’ve, um, and if you have an organization and people haven’t been trained to recognize that, you know, if somebody’s asking you for something and it’s something of value, double check it, you know, and, and to contact that individual in a different channel and say, did you really need me to send $50,000 in this wire transfer? I just want to check is this actually came from you? There’s other ways that they teach you in these orientation platforms or in these um security awareness platforms to check the email headers and, and the simple things, but essentially that’s the gist of it. And that’s why security awareness training is so important. So, so people are on their toes when they’re actually doing their work,

[00:30:03.43] spk_0:
do you recommend then ongoing training? You talked about orientation,

[00:30:51.51] spk_1:
there’s, there’s an orientation training and then, you know, most organizations will have it mandatory that they do an annual training and, and this just as a refresher course and also things change. So, you know, the space changes. Sometimes people are doing it now because of the trends more often like every six months. And then specifically for people who are in jobs where they’re doing data handling for, let’s say they’re doing data processing, they work in the donor uh services program or something where they’re managing sensitive data all day long. They’ll be specialized courses for people who are, are actually dealing with data on a day to day basis. So that’s a little bit more involved in terms of actually how to understand and, and that goes into things like, don’t download, you know, a C S V file on your computer and stick it onto a, you know, um, a thumb drive on your computer or transported or, you know, don’t, you know, send out, you know, via email to, to a coworker and, and these sorts of things that are specific to handling sensitive data.

[00:31:04.59] spk_0:
Okay. Interesting. Yeah. So even, even just emailing internally from employee to employee can be risky,

[00:31:37.20] spk_1:
yes, it can be stiff. It’s, and, and there’s because, for example, if, because that’s actually it’s going to stay within that email store wherever that is located. And it’s, um, if it’s unencrypted, it’s gonna be, it’s gonna be encrypted during transit, for example. Um, and, and encrypted at rest. But if somebody else had access to that access to your email server or a privileged access in your system, they could potentially go in and, you know, take over that account, log in as the CEO and have access to the deed and actually browse emails for, you know, and actually do queries and look for credit card information or, or look for email addresses and then they could potentially find information about donors or, or, or, or constituents that sensitive.

[00:35:08.08] spk_0:
It’s time for Tony’s take two. It’s time to get back in people’s faces. Again. Last month, I did a in person live face to face in person training on Long Island. I was in New York City for several days. What a joy. What a pleasure. What a difference, an improvement, you know, over virtual trainings. I mean, look zoom is, I’m all flustered. Zoom is, is necessary and I’m not saying necessary evil. It’s, it’s, it’s a part of the culture, whether it’s zoom or teams or Google meet, you know, whatever virtual meetings, they’re just a part of our lives now. No question about it. But don’t make those the default if you have the option to get back in front of people in person, I urge you choose that option. Uh You know, I could have passed on the opportunity to do the in person training, but I didn’t want to, I didn’t want to donor meetings to while I was in the city face to face meetings again, coffee lunches. It’s just so much better, so much more real than anything virtual can offer. Um I had a meeting, lunch meeting just about 10 days ago or so with someone from Heller consulting, which is gonna be Team Heller. They’re going to be our 23 NTC sponsors at the nonprofit technology conference coming up in Denver And the woman who works for Heller happens to live within 45 minutes of where I live in North Carolina. So we got together for a, a real lunch. We had lunch together over the same table. Remarkable. You know, it’s yeah, more real authentic. I urge you if you can meet someone in person instead of virtual, do it, do it. It makes the world of difference. It’s time to get back in people’s faces again. Don’t make virtual your your default. If there’s another way first, I urge you to do it. That is Tony’s take two. We’ve got Boo Koo but loads more time for beat back cyber attack with Michael Enos. Talk about not preserving data that you don’t need to preserve. Like credit card numbers, full numbers for instance, or dates of birth or other things that aren’t necessary for you to preserve. Isn’t there, isn’t there value in trimming down sensitive data that you don’t really need?

[00:35:40.17] spk_1:
Yes. And and one of the principal aspects of data handling is an optimization of data. So you know, there’s there’s transactional data that happens. And oftentimes, for example, with credit card things are processed nowadays, you’ll usually use a payment processor. So, you know, hopefully you’re not actually you know that server that actually storing that information is not on your box anymore because there’s, you know, you know, you can use an API and a web site and then it happened somewhere else and they take care of all that stuff for you. So, if your systems were hacked, they wouldn’t have access to the credit card data

[00:35:55.19] spk_0:
or,

[00:39:00.73] spk_1:
or Braintree or one of these sorts of services, you know? Exactly. And, and, and so those go to those payment processors and they manage all that, um, which is great because then you, it reduces the amount of exposure on your e commerce site or fundraising donor donation site. And if you’re using a donation software program, like, you know, donor perfect or one of these sites, that’s what they’re doing as well. You know. So they, you know, because, because they, they want to use because that you really have to have the best of breed technology to be able to make sure that that stuff gets that, that’s really super secure and they have higher standards and compliance standards by which they attest to the. Um, and so however though, let’s say you’re, you’re doing an email list to your constituents, right? Um You know, you’re gonna need some marketing data, you’re gonna, you know who to send this, this information to, but you don’t need everything about that individual. You don’t need things like that really. I mean, you may need the basics but you should be using a marketing provider that is secure and you should, you should transfer, get that information to them in a secure way and you should ensure that if that individual wants to opt out. Um and they, all these things should be an organization’s privacy policy so that people understand how their data is being used if they sign up for a newsletter or things of that nature. However, you know, I think your point specifically um oftentimes reports about, you know, activities, engagement, you know, that go into reports for executive or for things that are put into a PDF or in another format, the data should be anonymized. So the only thing that’s there is, you know, aggregated information about, you know, the engagement and not all they shouldn’t be able to drill down and see, oh who is this exact individual? Now if they need to know if it, if they want a donor report about, you know, I want to know exactly to see who um are the top donors and, and such, you know, there should only be limited people within the organization who have access to that data, to be able to see that information that goes back to my other point about um privileged access management. There are gonna be some, there’s gonna be some reason why people aren’t gonna wanna know specifically about, you know, who’s engaging with the community. And also oftentimes on the client level, we need to know that the people who are providing services to communities need to know exactly who these individuals are and more sense of information. And that’s why I was talking about earlier about, you know, understanding where that data lives and, and only having as much as you need to fulfill the function of that, you know, whatever you’re doing. Um and, and having that, you know, and making sure that’s really locked down when I worked in the food down. When I worked in the food and security sector, we had people going out in the communities and helping sign them up for, you know, um cal fresh, you know, essentially benefits, you know, for people to get, you know, you know, government assistance and they had to collect really sensitive information. But what they did is they had ways to you securely transmit that information to the local human resources agencies so that it was all encrypted, it was protected and then once we transmitted that we didn’t have access to it,

[00:39:44.68] spk_0:
what about vetting vendors? You know, if, if you’re offices using a male house, uh you know, some of the data that you just talked about for, for mailing? Um I can’t, I can’t think of other examples of vendors that could be. Well, events, events could have, could event management might have some sensitive data. What, how do you vet your vendors to make sure that they’re taking appropriate actions to prevent theft, fishing, you know, to, to defeat defeat, or at least you can’t defeat them, but at least minimize the threats. How do you, how do you check these third parties that you’re working

[00:41:16.80] spk_1:
with? Well, you know, that’s a big part of my roller tech soup. So whenever we, whenever we work with, with, whenever we’re going to be using a new product or app or something like that, it’s my job to go in and actually check and organizations, these, you know, these application providers will provide um on their site or they should and if they don’t, you shouldn’t use them, but most of them will provide on their site access to their information security program and what they do where their data is located, what they do to protect it, their compliance levels, their certification levels, um whether they do audits, whether or not they do penetration tests And what type of and, and, and everything to that order and that should be vetted by, by somebody before they onboard an aunt. And we do this all the time. We use a lot of different apps to Texas north of 100. And so we, every time we were on board one for some utility within the organization, we make sure that they meet this standard. There’s, and we actually, since we’re a third party vendor for other people, they have the same for us so that a lot of the work I do as well as to, you know, report out periodically to all the people who are using our, our platform to facilitate their data to organizations and you know, what sex, what tech soups information security program like. So this is, you know, because creates transparency, but it also helps people understand what the risks are, which helps when you’re in a situation where I needed to go and advocate for resources to institute a cybersecurity program.

[00:41:47.96] spk_0:
I want to ask you about the board’s role in all this. But, but is there anything more that you want before we get to the board? Anything more you want to talk about threat minimization policies? Anything we haven’t covered that you want folks to know about?

[00:44:14.11] spk_1:
Yeah, I think that one of the things that is, you know, that we haven’t mentioned yet is preparedness for an incident, essentially a security incident, incident response plan. This, you know, is another thing in that sort of list of five that an organization should understand. Um if you have a situation where your data’s been um breached. And, and one thing I do want to do is to describe quickly, even this kind of a dry topic is there is a difference between a security incident and a security data breach. A security incident is could be something as innocuous as somebody just knocking off your website and taking it down with a DDOS attack. Now that sounds in Oculus because it’s just, it doesn’t sound innocuous because it’s disruptive because nobody can get your website, but nobody’s taking the data. And as soon as that denial of service attack is stopped, your website maybe still functioning. Um But that’s an incident and a data breach is different because now you’ve got to do a couple different things. You’ve got to number one, find out how the breach occurred, which you should also do in case of the DDOS attack. Um But above that, you also need to then understand how to respond to, you know, what data was breached. What’s the scope of that data and who are the individuals and, and what’s our plan to reach out to those individuals and notify them about the breach? And was our policy around that? And who do we have to include in terms of communications internally and legally and, and to provide that transparency because for a number of different reasons, number one, it’s the right thing to do. Um and number two, because it actually helps build trust within, within communities because if people understand that, you know, these things happen and they happen to some very, very large organizations, right? We, we know about these, these really large breaches, but the more transparent they are the more the consumers or the constituents who used those products. Think gosh, they really responded well to this and they acted immediately, they communicated appropriately and they remediated, you know what happened and, and that was the responsible thing to do and you don’t wanna be doing that in the middle of a breach. So, having a plan up front helps during that process because otherwise it’s just too much at one time, everything and

[00:44:21.00] spk_0:
the plan is gonna lay out who’s in charge, who makes, what kinds of decisions, um,

[00:44:27.43] spk_1:
notify. Right. And what’s the playbook essentially? Yeah.

[00:44:52.19] spk_0:
Like, I mean, it could even, it could even break down to needing a remote place to work. I mean, go go that far or because we’re because we’re hopefully in the cloud we don’t like like if our physical infrastructure gets um compromised, do we need to go off site? And, and what’s the technology, the technology capabilities in our, in our off site work location?

[00:45:17.93] spk_1:
Well, that’s actually a little different. Um so we usually talk about that in terms of business continuity plan. So and, and that would be the same sort of plan you would enact case of a natural disaster or something like that. I mean, is a business continuity and, and that’s far exceeding the scope of what we can discussed today, although I’d be happy to discuss that. Let’s not let’s not

[00:45:22.65] spk_0:
I don’t want to panic folks. Okay. Alright.

[00:45:25.60] spk_1:
Alright. Alright,

[00:45:27.20] spk_0:
you got me focused on, you got me focused on like I don’t know, natural disasters and terrorism. All right, let’s

[00:48:44.52] spk_1:
go to the board. Okay. Alright. So, so one of the things that boards were all right. So organizations nowadays are let’s put cybersecurity is becoming and, and is becoming as important as sort of financial security with an organization. The two are becoming linked together An organization. And so for many years, as we all know, uh 501 C3 organizations in the us are generally bound to having a financial audit annually. Right. And then they report to the board and the board will make sure that, you know, there’s a financial audit to ensure that the funds are used judiciously. Um there’s oversight and governance over these matters. Cyber security is becoming as important as financial security because the two are linked together. If there’s a because it could affect it. If you have a ransomware attack, it could affect the viability and the business sustainability of an organization. So it’s a very serious matter. It’s becoming a very, very serious matter for organizations to then think about cybersecurity as a compliance issue, not just nice to have. And so helping the board’s understand that this has shifted from a situation where, oh, well, you know, there’s nobody’s going to attack a nonprofit and uh you know, and if they do, you know, it’s, our data isn’t very important. Um It’s things have shifted, right. So I think recently there was a community, um it’s one of these cities, for example, was an entire city was, has been locked down for days because our grants were attacked and so nothing can function within the city because, you know, um that’s going to affect everything within the city, not just their continuity and safety of people, but also um it’s gonna have a financial impact. So cyber security is becoming more like a compliance issue and a governance issue. And so I think if boards understood that, then they would understand the need to prioritize and to provide funding and resources for those within the organization. Whether that if a small organization that the CFO or the C 00 or even the CEO to then say, look, we need to carve out some resources to be able to understand our risk and the best way to do that would be to do a third party risk assessment and with, with somebody to come in and actually do an evaluation and say, because they’ll come in and do, you know and come in and say, hey, look, these are the, you know, we come in and, and these people are vetted, their, this is their job and you know, they’re safe to work with and go in and say this is where you really need to. These are the critical things, these are, you know, not important things and these are the nice to have and they’ll, they’ll lay it out for you and then you can develop as part of your strategic plan as an organization just like it should be part of your business plan and should be linked to the business plan because the strategic plan for the organization and then the funding, the budget resources, the resource planning and all these things should be baked into the operational strategic plan for an organization. That’s where we’re going in the sector.

[00:49:03.09] spk_0:
Okay. It belongs as part of your strategic plan, your business plan. Alright.

[00:49:50.46] spk_1:
Yeah, and, and that’s where I think that it’s um uh it’s just like I said, I think where a board comes in is to helps understand that so that they could then authorize and, and oversee and ensure that an organization is doing this work and it’s hard work because, you know, you may have limited resources where we’re gonna carve where we’re gonna carve this out. And however, the good news is that there are people who want to fund this, there are grantmakers who are super would be super happy to be able to say, look, I’m gonna help, I’m gonna capacity impact um grant to this organization to help improve their cybersecurity because of these trends that we’re seeing. And so, and then you can use that as a mechanism to possibly help fundraise to offset some of the funny. So it doesn’t have to come out necessarily of your operational costs.

[00:50:23.28] spk_0:
Okay. There are foundations that will fund fund this. Yeah. Alright. All right, we’re gonna leave it there, Michael. Thank you, Michael from Montana, Michael Eno’s Senior Director of Community.

[00:50:26.28] spk_1:
And it’s

[00:51:30.65] spk_0:
my pleasure to thank you, senior director of Community and platform for Techsoup Global he’s on Mastodon at Michael underscore Eno’s at public Good dot Social and Tech soup where you’d expect them to be techsoup dot org. Next week, I’m working on it. Uh, and I assure you that there will be a show next week because this is show number 630. And I’ve been producing a show every week for 13 years close to. So I assure you there will be a show next week. I just don’t know what it’ll be about, but don’t bet against me because there is gonna be a show. You know, you’re gonna lose if you bet against there being a show next week. If you missed any part of this week’s show, I beseech you find it at tony-martignetti dot com. Our creative producer is Claire Meyerhoff shows. Social media is by Susan Chavez, Mark Silverman is our web guy and this music is by Scott Stein. Thank you for that affirmation. Scotty B with me next week for nonprofit radio big nonprofit ideas for the other 95% go out and be great.

Nonprofit Radio for July 25, 2022: Cybersecurity 101

 

Matt Eshleman & Sarah Wolfe: Cybersecurity 101

Our #22NTC coverage picks back up with a summary of the tech threat landscape, key policies and procedures to have in place, and how to make the case for devoting resources to IT protection. Our guests are Matt Eshleman and Sarah Wolfe, both from Community IT Innovators.

 

 

 

 

Listen to the podcast

Get Nonprofit Radio insider alerts!

I love our sponsors!

Turn Two Communications: PR and content for nonprofits. Your story is our mission.

Fourth Dimension Technologies: IT Infra In a Box. The Affordable Tech Solution for Nonprofits.

Apple Podcast button

 

 

 

We’re the #1 Podcast for Nonprofits, With 13,000+ Weekly Listeners

Board relations. Fundraising. Volunteer management. Prospect research. Legal compliance. Accounting. Finance. Investments. Donor relations. Public relations. Marketing. Technology. Social media.

Every nonprofit struggles with these issues. Big nonprofits hire experts. The other 95% listen to Tony Martignetti Nonprofit Radio. Trusted experts and leading thinkers join me each week to tackle the tough issues. If you have big dreams but a small budget, you have a home at Tony Martignetti Nonprofit Radio.
View Full Transcript

Transcript for 601_tony_martignetti_nonprofit_radio_20220725.mp3

Processed on: 2022-07-23T23:48:11.167Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2022…07…601_tony_martignetti_nonprofit_radio_20220725.mp3.159997831.json
Path to text: transcripts/2022/07/601_tony_martignetti_nonprofit_radio_20220725.txt

[00:02:05.14] spk_0:
Hello and welcome to Tony-Martignetti non profit radio big non profit ideas for the other 95%. I’m your aptly named host of your favorite abdominal podcast my goodness. Last week’s show was great fun. They’re all fun. But the last weeks 600 show was great fun. Oh I’m glad you’re with me for this week’s fun show I’d be thrown into an echo Griffo sis if you clawed me with the idea that you missed this week’s show, Cybersecurity 101. Our 22 NTC coverage picks back up with a summary of the tech threat, landscape key policies and procedures to have in place and how to make the case for devoting resources to IT protection. Our guests are matt Eshelman and Sara Wolfe, both from community I. T. Innovators, non tony steak too. My boys just cracked like I’m 14 years old, please start your plan giving with wills. We’re sponsored by turn to communications. Pr and content for nonprofits. Your story is their mission turn hyphen two dot c o and by fourth dimension technologies I. T infra in a box. The affordable tech solution for nonprofits. tony-dot-M.A.-slash-Pursuant four D. Just like 3D but they go one dimension deeper Here is cybersecurity 101. Welcome to Tony-Martignetti non profit radio coverage of 22 NTC. The 2022 nonprofit technology conference hosted by N 10. Our coverage brings me now Matt Eshelman chief technology officer at community I T innovators and Sara Wolf sales

[00:02:15.50] spk_1:
manager

[00:02:16.64] spk_0:
Also at Community I. T. Innovators. Matt serra. Welcome to non profit radio

[00:02:23.14] spk_1:
Thanks. tony It’s good to be here.

[00:02:25.34] spk_2:
Thank you. Glad

[00:02:42.84] spk_0:
to have you. Pleasure to have both of you. Um Your session topic is defending against Bogart’s and boogie men understanding and pitching cybersecurity for the accidental techie sarah. Why don’t you get us started? Let’s define accidental techie. I think we have a lot of them listening but they may not know it.

[00:03:13.44] spk_2:
Yeah so accidental techies are the people at an organization that are not necessarily somebody who’s been trained in I. T. But is relatively tech savvy and so they end up being the ones who help their coworkers with tech issues or are the ones that end up wearing the I. T. Support hat even though they might necessarily have they haven’t necessarily gone through professional training for it?

[00:03:32.14] spk_0:
Okay. Right so they know enough that they know more than others but they’re not they’re not professionally trained in technology. Okay and and matt why are why are Bogart’s and boogie men your your description says an accidental techies biggest nightmare what’s lurking there?

[00:03:38.23] spk_1:
Well I think yeah

[00:03:51.34] spk_0:
I don’t even know. Yeah I’m not even an accidental techie. Okay there’s the first problem you like you’re suffering a lackluster host obviously. Okay. Alright

[00:04:28.24] spk_1:
so they I think the takes the form of kind of your your biggest fear and so yeah whenever it appears it it shows up as as what you’re most afraid of um you know and I think for for folks that are supporting nonprofit organizations. Yeah there is this fear of of kind of what could be lurking out there, What kind of threats could impact your organization. Uh and for many folks, especially the accidental techies, they don’t have that background training and experience in terms of how to protect their organization. And so that’s why we wanted to to have that session to help provide some tools and equipment so that people that, you know, have that responsibility, but maybe not the training can pick up a few, a few tips.

[00:04:40.74] spk_0:
Okay. Why don’t you, why don’t you start us off? What would uh what would you like folks to know about that? They don’t know well enough, but they ought to.

[00:05:30.74] spk_1:
I mean, I think the biggest thing for for folks to understand is just I think the importance of what’s called multi factor authentication. So M. F. A. It’s often referred to uh it’s something that, you know, which is your password and then something that you have and for most folks that would be an app on their smartphone. Um and what this gives is an extra layer of protection, you know, we all know people’s passwords get compromised and and kind of stolen all the time. But if you can add that extra layer of, you know, an app on your phone to protect that login, then you’re much much less likely to have your account compromised. And kind of, what we see is that most compromises then, you know, will then lead to other things that you know have significant damage in terms of, you know, emailing, you know, all of the contacts in your organization’s database, uh sending out malicious links, you know, sending out updated payment information so that can kind of lead to a lot of other bad things. And so if we can protect that account with M. F. A. Then the organization becomes a lot more secure.

[00:05:46.54] spk_0:
Okay. And you’d like to see this mandatory? Not opt in

[00:06:16.74] spk_1:
that is exactly right. You know, Microsoft and the other big Um you know, tech providers are starting to enforce that now as a as a requirement, but if you’ve been in office 365 or if you’ve been in Google apps for a long time, uh it’s not required and it’s something that organizations need to take a couple of steps in order to set it up and roll all their staff provide training uh just to make sure that it’s set up and working correctly.

[00:06:27.54] spk_0:
Okay. So we should be doing it, we should be opting in where it’s optional and we should make make it mandatory if we’re the we’re wearing the hat of the uh the accidental techie,

[00:06:32.04] spk_1:
yep. Exactly. Right.

[00:06:37.94] spk_0:
All right. All right. Sarah, what else, what else can you share for? Are these folks

[00:08:13.14] spk_2:
I think for the next biggest thing uh is, you know, making sure that your staff, you know, are actually aware of the different security risks and things like that? Having a security awareness training program is one of the best ways to make sure that even if something, you can have all of the fancy tools in the world, every single like filter and everything, something’s going to slip through. And if you have staff that know what to look for and know not to click on something or not to go on that website or not to, you know, enter their information in various different places. Them having the knowledge is going to be one of the biggest returns on investment in terms of security, antivirus. Uh, we only, we had so few um, issues with antivirus last year, out of the 696 security incidents that we were dealing with, Only seven of them were viruses and only 45 of them were malware. And so it’s much more important for staff to be able to identify what’s a spam email, what, spearfishing. How can I tell if I’m looking at an email from somebody else whose account has been compromised and having the training to make them aware of. That is definitely worth the investment. And there are great tools out there, like, no before that, you know, are really easy to use.

[00:08:31.84] spk_0:
Okay. And so, uh, no, first of all, it was no before like K N O W K N O W before. Okay, I didn’t know about this, but I figured out no. Before. All right. But that’s not that’s not really saying much but any case. Um So is that a security training? Like is that online security training that folks can get it? No before or like how is this accidental techie gonna push this and and offer the training in their in their non profit

[00:10:02.94] spk_2:
That’s great. Yeah. So uh that’s a learning management software and that’s specifically for cybersecurity behaviors and tools. The way that you’re going to pitch this for your organization is to first gather your data, get your plan of attack. And a lot of times you know that involves one Looking for friends in the company to support you to getting data and you know trying to make sure that if you are able to um like find partners either within the organization or maybe even reach out to your board governance committee, um those people are going to be able to you know, help leverage some of the existing requirements that you have, if an organization needs to apply for cyber liability insurance a lot of times multifactor authentication is going to be one of the requirements. A staff security training is going to be one of the requirements. And so being able to leverage those and then putting it putting your plea into terms that people understand if your E. D. Is looking at, you know, what is the comparing the cost of of security, education software versus you know, financial compromise. Like there is a definite argument to be made there

[00:11:03.94] spk_0:
it’s time for a break. Turn to communications, media relations and thought leadership. Peter pan a pinto, a turn to partner was on last week. He’s a former journalist at the Chronicle of philanthropy. His partner scott is also a former journalist so they know what to do and what not to do to build relationships with journalists. Those relationships are going to get, you heard turn to communications, your story is their mission turn hyphen two dot C. O. Now back to cybersecurity 101 you mentioned cyber liability insurance. Is that is that something else? We should be flagging for these for these poor accidental turkeys.

[00:11:08.54] spk_2:
The

[00:11:08.75] spk_0:
beleaguered, beleaguered, accidental techies.

[00:12:16.64] spk_1:
Yeah. I think we’re seeing more and more organizations go through a cyber liability insurance kind of renewal process. Typically that’s something that’s handled by the, you know, the finance department of the organization. What we’re seeing is that, you know, for cyber liability insurance or even for financial audits, they’re becoming a lot more technical. And so it’s likely that if you’ve got any any tech aptitude at all, then you’re being enlisted to help fill out these applications to provide the detailed information that’s being requested. And so yeah, we’re seeing a lot more sophistication being, you know kind of demanded by these insurance companies in terms of, you know understanding which controls are in place because we’re seeing even cases where if you have not turned on multi factor authentication for all your your systems you won’t even be eligible for coverage. Uh and so it’s pretty dramatic that you know organizations are now being, you know, it’s a good idea to protect the organization, you know, for these cyber security controls. But there’s this also this extra layer of requirement from you know, insurance carriers now to say hey like you have to have this so we’re not gonna provide you insurance.

[00:12:40.94] spk_0:
Okay, okay. Sarah, let’s go back to you. I’d ask you about cyber liability insurance and then matt usurped unceremoniously uh usurped your your your your platform. So let’s go back to you what else, what else can you contribute for these for these folks?

[00:13:53.94] spk_2:
Yeah. So with with cyber liability insurance it’s something that oftentimes is getting you know much more of a top down decision making process. Somebody will have, you know, these things like the ransomware and and wire fraud and issues like that have been, we have bubbled up more inter in like the public awareness and so there’s a lot of top down pressure for these things to get adopted and you know there one of the things that they’re also going to ask for is you know, what are your plans? Do you have an acceptable use policy for your I. T. Do you have a plan for when something does go wrong, you know what do people know what to do, who to reach out to, what steps to take? You know because you know you you hope for the best to plan for the worst. And there are a lot of really good resources out there for developing these sorts of acceptable use policies for for creating incident response plans and you know you can um really it can get overwhelming sometimes the number of you know different resources that are available and what to use and what not to use. So you know partnering with somebody who does know you know a little bit more about cybersecurity or is providing that knowledge to the community. Um

[00:14:43.94] spk_0:
Let me guess that that that’s the work of community I. T. Innovators. Am I going out on a limb taking a taking a stab in the dark? Yes. Okay well we’ll get I’ll give you a chance for this for the shout out. Alright explanation. But I’m gonna ask you first what are what are some resources for folks? I mean I’m you got me feeling bad now for these people because we’re like we’re enhancing their to do list but this isn’t even their job that they’re paid for. But yeah we’re talking about looking into insurance and having policies and now now now they are now realizing they are beleaguered because it’s not even their job, they’re just got foisted on them because they know more than all the baby boomers in the

[00:14:53.77] spk_1:
office.

[00:14:56.64] spk_2:
Sometimes it is baby boomers who are accidental techies.

[00:14:59.85] spk_0:
All right. It’s probably not too often. Thank you for that, but probably not not too often. All right. But so what are some resources that folks can can rely on? You said there’s there are many, where can we look?

[00:15:14.44] spk_2:
So I’m going to start with the the self interest pitch first. Uh community I. T. Has a great um library of publicly available resources on our website and our Youtube channel um that are really great for digging into these kinds of things. Um A great

[00:15:30.38] spk_0:
places website. The website

[00:16:00.74] spk_2:
is uh community I. T. Dot com. Um and the one of the other places that I know that matt has as our cybersecurity expert has a lot of people start is with the cybersecurity framework by nest the um and that website have a link to it. It’s N I S T dot gov two slash cybersecurity framework.

[00:16:03.65] spk_0:
Okay. And I S T dot gov slash cybersecurity framework. So N I S. T. Obviously is a government agency, National Institute

[00:16:11.61] spk_1:
of Standards

[00:16:12.97] spk_2:
and Technology

[00:16:24.44] spk_0:
Technology. Thank you. So. Okay. Um Alright, so there’s a couple of resources um including community I. T. Innovators. Anything else you’d like to share with that folks can rely on?

[00:16:47.44] spk_1:
I’d say that there’s no shortage of resources out there. Techsoup is also a great resource. So in addition to the donations that I think we’re all familiar with Techsoup also has a courses and training and so they have some free resources that I would encourage folks to check out there. Um, so I think, yeah, there’s, there’s no shortage of resources that are out there to help people learn. I think, you know, the big, the big challenges is really putting it into action.

[00:17:16.24] spk_0:
What about a little uh, can we give some uh, psychological support to these beleaguered folks? Now? I’m telling you, you have me feeling very badly for them? Um, what we’ll get back to the to the bog arts and boogie men, I promise. But but uh, let’s let’s take a little digression to how we can support these folks other than recommending things for them to be aware of just like how can how can we support them otherwise.

[00:17:25.34] spk_2:
So I think that, you know, I’m trying not to turn this into a pitch for joint for having an MSP come in and like do you own this stuff for you? Because

[00:17:33.45] spk_0:
what’s an MSP

[00:17:34.70] spk_2:
MSP is a managed service provider.

[00:17:38.13] spk_0:
Thank you. That’s what you are

[00:17:40.09] spk_2:
support, we have

[00:17:41.20] spk_0:
drug in jail on non profit radio So yeah, but I, I saved you from from any any lengthy sentence. Okay, a managed service provider. Okay,

[00:18:35.14] spk_2:
so that is that is one of the ways you know that you can get support. The other thing is you know, really leaning on the rest of the community Text suit is a great place to look for resources and you know, the entire community is a place to ask questions. Um There are also you know on linkedin and facebook and places like that. There are communities that you can reach out to for wanting to event looking for ideas, looking for recommendations. Those are all um possibilities. I uh definitely enjoy seeing how many you know how ready people are when people post on the N 10 forums like I need help with this and like there are definitely people jumping on,

[00:19:12.74] spk_0:
it’s an enormously supportive community. Yeah I I fear that even though I say it a lot because amy sample Ward is on the show very often. She’s our technology contributor. Um and so she’s often saying it to that intent is not only for technologists but I I still think people have that misconception. Um It can be for folks who are not even you know not even responsible for technology in their office but they’re just using it. You know you’re just using it in your non profit and In 2022 like who is not using technology? I don’t think we’re running everything by index cards even if you’re on an excel spreadsheet, you’re still using technology. So.

[00:19:22.64] spk_2:
Yeah.

[00:22:28.84] spk_0:
Yeah. Well that yeah and line printers now you’re talking about when I went to college so be careful Sara it’s time for a break. Fourth dimension technologies. You heard the four D. Ceo jug in last week. Talk about I. T. As a service for nonprofits. They know they’re in a service business. Their I. T. Infra in a box. The I. T. Buffet. If you will is structured around service, take what you need and what fits your budget, leave the rest behind. They know their work is to serve your I. T. Needs comes from the Ceo directly fourth dimension technologies tony-dot-M.A.-slash-Pursuant D. Just like three D. But they go one dimension deeper It’s time for Tony’s take two. This is my silver jubilee in planned giving and august is national make a will month next month. So let’s start talking about your planned giving program launch with wills wills. Why should you start your planned giving program with wills This week? three easy reasons. First they are the most popular planned gift by far expects 75-90% of your planned gifts forever to be the most simple planned gift. The gift by will. So it just makes sense to start with what’s gonna be At least three quarters of your gifts anyway Behind door number two there’s no donor education. Everybody knows what a will is. Everybody knows they need a will and everybody knows how will’s work. You don’t have to spend time and money educating donors explaining to them the concepts of life insurance as a planned gift or charitable gift annuities or remainder trusts. You’re sticking with the basics, something that everybody understands and Behind door number three there’s no staff education, everything I just said applies to your staff to everybody knows what wills are, everybody knows how they work and everybody knows that they need one. So you don’t have to train your staff on life insurance and gift annuities and charitable remainder trusts completely unnecessary. You’re starting with the basics and you may never ever decided to go further and that won’t matter. But the place to start is gifts by wills for those three reasons, three reasons for today in any case. And that is Tony’s take two. We’ve got just about a butt load more time for cybersecurity 101 with Matt Eshelman and Sara Wolf Matt.

[00:22:29.94] spk_2:
What

[00:22:30.17] spk_0:
else? Um, let’s go back to

[00:22:32.94] spk_2:
what,

[00:22:33.16] spk_0:
what we can the rockets and the boogie men that

[00:22:36.24] spk_1:
we want

[00:22:36.47] spk_0:
to help these folks look out for.

[00:23:01.04] spk_1:
Um, yeah, I would maybe also just kind of come back in terms of what’s good about investing in this training is that it’s, it’s good to see progress And I think that’s one of the benefits as Sarah mentioned the know before platform. It’s great. You know, spend a little bit of money to invest in a platform because then you can actually see the progress of, you know, how many people are taking and passing these little trainings and then know before does a little thing called test fishing and you can actually see the percentage change of how many people in your organization are kind of clicking on stuff that they shouldn’t. And so, you know, whenever you test, yes,

[00:23:34.04] spk_0:
it’s great test phishing emails to your enemies in the office, report them when they click, when they click after two days after the training and they click, you can, you can turn them in. Now organization advantage. Now there’s an advantage to being an accident that you’re no longer beleaguered. You’re empowered. Yes, send, send, send a, send a test phishing email to my boss who just turned me down for getting the day after christmas

[00:23:46.84] spk_1:
off. So

[00:23:47.30] spk_0:
yeah, so it’s great.

[00:24:31.44] spk_1:
You can, you know, you can see, you can see progress and so not all of cybersecurity is kind of like doom and gloom and you know, battening down the hatches, you know, against the onslaught. I think it can be fun. It can be engaging. You know, uh, you know, I think organizations that yeah, do elevate it. And it’s something that, you know, people can talk about and talk about openly as opposed to, you know, being being silenced and kind of feeling bad about themselves. If they, if they clicked on one of those messages, right? Like that’s not the approach you want to take. You want to take the approach of encouraging that learning because, you know, if you got caught by a suspicious message, uh, you know, it’s likely somebody else got that too. And so having this kind of culture of openness and engagement. Yeah, is really successful,

[00:24:37.54] spk_0:
right? I agree. Unless it’s your boss who turned you down for the day after christmas, that then it’s then it’s vindictive reported

[00:24:40.64] spk_1:
to the board.

[00:24:49.24] spk_0:
Yes. Oh, without a doubt. So All right, well let’s stay with you matt. What else? Um what else can we? Yeah,

[00:26:00.74] spk_1:
I think the other thing that we started to see more of would be kind of financial fraud or what’s kind of called in the, I think the official terminology wire fraud. So you know, it could be something as simple as those messages people get, you know, that look like they’re coming from the executive director saying, hey, I just need you to buy these gift cards. Call me real quick. I got something for you to do. You know, we’ve seen people get caught up by that, you know, even to more sophisticated cases where people are getting tricked by well crafted emails that say, oh, I need to update my payment information or hey, we’ve got a grantee and they had a problem with their bank account and here’s the new bank account information. So uh you know, that kind of falls into an area where it’s, it’s not just a technology control. You know, there isn’t some product that you can buy that’s gonna magically make that go away. Um but it’s a combination of having training, maybe having some good spam filtering tools in place, but then also having some policy and procedures so that you’re talking about that with your finance department, uh, so that you, you have good processes in place. So it’s payments aren’t made just by one person making a change, but there’s some some review and some betting maybe we need to call somebody. So I think again, it’s it’s not just technology solutions, but really that that kind of the people in process comes in into these equations as well.

[00:26:22.74] spk_0:
It seems like they’re getting more sophisticated. Uh, the little savvy er like uh your your account renewed for $399, you know, click here to see the invoice. You know, I don’t know, they just seem, they seem like they’re improving

[00:27:35.94] spk_1:
well. And I think you’ve identified a key understanding is that uh this is this is a cyber crime. This is a criminal enterprise, right? This is financially motivated. And the bad guys are doing it, you know, not just to kind of go in and wreak havoc on your network, but they’re doing it to make money. Uh and so I think that’s also helpful for organizations to keep in mind, right? You know, you can be the greatest nonprofit in the world and be, you know, have the most noble mission. No, they’re not attacking you because of your mission. They’re attacking you because you have money and, and you might get tricked into yeah, doing that $399 renewal or maybe you updated a payment information and and that was $25,000. And so uh, you know, the mission, you know, does not matter For those, uh, you know, cyber criminals who are financially motivated and it’s a lot easier to, to kind of trick somebody into giving you $400 than it is to, you know, write some super sophisticated virus that’s gonna go on to your computer and encrypt all your files. Then you’re gonna have to try to figure out how to pay them in Cryptocurrency. Yeah. It’s just, it’s a lot easier to try to trick people into giving you money than it is to write, write a new virus. Yeah.

[00:27:49.14] spk_0:
Okay. And then of course there is the community of nonprofits that, that are at risk because of their mission. And because you know, we’re living in a polarized time. It’s, it’s no longer

[00:27:54.27] spk_1:
just

[00:27:55.34] spk_0:
um, hot button issues, you know, like gun rights or, or abortion.

[00:28:00.21] spk_1:
I mean,

[00:28:06.74] spk_0:
it seems like a lot of missions could trigger someone to do something malicious, you know, technology wise. Uh,

[00:28:27.94] spk_1:
yeah, I would say so. We really see that, um, primarily for organizations that are in the space kind of like government think tanks, policy groups, you know, kind of good good government. Those tend to be the kind of attack attract the most attention. Um, and then I think organizations that work on, you know, human sexuality and uh, you know, family planning and abortion services like are in that category as well. Right,

[00:28:39.24] spk_0:
Sarah, let’s turn back to

[00:28:40.94] spk_1:
you, what,

[00:28:41.21] spk_0:
what, what more can you share with us?

[00:31:26.84] spk_2:
Well the one of the things that you know in in that theme of you know it is financial, these these this has become a business enterprise and it’s become you know not necessarily organized crime but it has become something that is a multibillion dollar business. And um That is something that we’ve definitely seen. We’ve seen an increase in the number of incidents that we end up responding to like from 2018 to 2021. The number of cybersecurity incidents is that that community I. T. Was able to track tripled. And so you know there isn’t a way to really fly under the radar anymore and you’re right, these people are getting smarter. It’s not just all Nigerian princes looking for for oil or gold or whatever. It’s you know, there have been times where you know, we’ve seen examples that have been caught in the tools or that did get through and did nearly create an issue. And I sat there and looked at the email chain and I was like, I can’t tell where this jumped in and then you like have to like really highlight and look in and look in the details and you go, oh, oh okay. Like there was just like a one letter change in somebody’s email address, you know, or and like that can you know if if you don’t have the training and you’re not necessarily aware of that stuff and then the redundancy that that matt was talking about um making sure that, you know, it isn’t just up that that all of the keys to the castle aren’t in one person’s hands. Uh so that you can, you know, make sure that there’s additional eyes to see, you know, what you missed or to make sure that this is the real deal is, you know, really important. Um you know what, it’s, it’s definitely a frame of mind thing. You don’t want to be constantly consumed with worry and you know, be paranoid about everything and because that just takes, we’ve got a whole lot of other things going on in the world right now that we don’t need to be panicking about cyber security all the time and just doing a few relatively low cost things can really help with peace of mind. And you know, it’s worth taking the time, you know, penny wise, pound foolish is one of the other sayings that comes around a lot, you know, just to make sure that, You know, you don’t end up having to deal with a $25,000 wire fraud

[00:31:30.01] spk_0:
issue sarah. What were some of the questions that you got from the accidental Tuckey folks who were watching,

[00:31:38.84] spk_2:
they

[00:31:38.91] spk_0:
were with you?

[00:32:14.44] spk_2:
Yeah, there were some questions on like where do we start, like how do I like uh we, we pointed people to the Nist Nist framework has a chess checklist um of things that you can start thinking about and looking at as you know, places to start. There were also um questions about how do I how do I make sure that I can, you know, convince my my edie about this and

[00:32:18.14] spk_0:
leadership by in

[00:33:06.84] spk_2:
leadership buy in and you know, we really for that we really said, you know, try if if if if you’re, if you’re leadership isn’t necessarily into it, you have to get like there’s no right or wrong way to go about things that can be top down, it can be bottom up but making sure that if it’s something where your leadership isn’t as invested, making sure you gather allies, you gather allies and you gather financially focused um data to back you up. You know, cyber security is getting more frequent and it is getting more costly to have to address issues after the fact. And so, you know, those were, you know, some of the really big questions and focuses

[00:33:34.34] spk_0:
you and you had mentioned allies early on the value of having having friends uh sympathetic to the to the cause all you know, making this case together to to the ceo or wherever it needs to go. Um All right, matt you want to leave us with some well matt, let me ask you any questions that you uh that that Sarah didn’t mention that you, that that hit you as particularly interesting important.

[00:34:43.34] spk_1:
Um I think it’s important for for folks to to realize that, you know, just because their data in the cloud doesn’t necessarily mean that it’s, it’s backed up or it’s protected in a way that they, that they think it is. And so I think, you know, nonprofits have done a really great job of getting their data in the cloud platforms. You know, there’s been a lot of great donation programs and discounts and so non profits, I think have done a really good job of technology adoption. Um, but what we see is that they haven’t been maybe as strict on kind of the policy and the governance and some of the other supporting, you know, processes. So we think it’s really important that you understand where your data is and understand how it’s protected and just make sure that that lines up with what you, you know, your organization expects, you know, is it okay if somebody downloads all of your organization data on their personal computer? Like is that an okay thing to have happened? Let’s make, let’s make sure that we talk about it and understand that, uh, you know, and I think the same thing goes again, you know, if somebody deletes a file today, do we need to be able to recover it, You know, a day from now, 30 days from now, a year from now. And so I think just having some of those baseline settings and kind of testing them is a really important step to take

[00:35:01.54] spk_0:
backup recovery. You know those are not necessarily covered by just being in the being in the cloud and how what’s the time to recover?

[00:35:22.44] spk_1:
Right. Yeah. So I think a lot of those, you know quote unquote old school you know security methods or techniques are still important even if you’ve got your date in the clouds again having that third party backup, having an offline copy. Uh those are all really important steps to take to make sure that your organization’s data is well protected.

[00:35:24.94] spk_2:
Okay.

[00:35:26.14] spk_1:
All

[00:35:29.04] spk_0:
right. Why don’t we leave it there then? I feel like we’ve covered this.

[00:35:31.14] spk_2:
I

[00:35:31.51] spk_1:
think we’ve got the foundational element. Is

[00:35:41.34] spk_0:
there anything alright, is there anything on your mind just like oh wait I gotta get this in. Is there anybody, I

[00:35:41.67] spk_1:
mean I’ll put in a plug for multi factor authentication again I think it’s worth saying at least a couple more times

[00:35:46.63] spk_0:
because

[00:35:47.47] spk_1:
it’s the it’s the most important step that that that many organizations can take.

[00:35:54.74] spk_0:
Okay Sarah parting thought

[00:36:16.33] spk_2:
just gonna emphasize what matt said about the managed backup just now um you know it’s really important to know your settings and to discuss them because you know a lot of times data loss is actually accidental and so if you have a way to get it back that can save you a whole lot of heartache and headache.

[00:36:20.38] spk_0:
Okay we want to avoid

[00:36:22.00] spk_1:
both. Thank

[00:36:34.53] spk_0:
you that’s Sara Wolf sales manager at community I. T. Innovators and also matt Eshelman Chief technology officer at community I. T. Innovators. Sarah matt, thank you both very much.

[00:36:37.33] spk_2:
Thank you so much.

[00:36:38.26] spk_1:
Thanks tony it’s good to get to talk to you.

[00:36:39.97] spk_0:
All right, pleasure and thank you for being

[00:36:42.51] spk_1:
with

[00:38:02.03] spk_0:
nonprofit radio coverage of 22 N. T C. The 2022 nonprofit technology conference. I’m glad you’re with us next week tech policies to reduce toxic productivity. If you missed any part of this week’s show, I beseech you find it at tony-martignetti dot com. This is # 601 by the way, I don’t know if you’re counting. We’re sponsored by turn to communications pr and content for nonprofits your story is their mission turn hyphen two dot C. O. And by 4th dimension technologies I. T. Infra in a box. The affordable tech solution for nonprofits tony-dot-M.A.-slash-Pursuant four D. Just like three D. But they go on to mention deeper. Our creative producer is claire Meyerhoff. The shows social media is by Susan Chavez, marc Silverman is our web guy and this music is by scott stein yeah thank you for that. Affirmation scotty be with me next week for non profit radio Big non profit ideas for the other 95% go out and be great. Mhm. Mhm

Special Episode: POC Underrepresented In Nonprofit Leadership

My Guest:

Sean Thomas-Breitfeld: POC Underrepresented In Nonprofit Leadership

Sean Thomas-Breitfeld

The willingness and skills of people of color aren’t represented in leadership circles. That’s the main message coming out of Building Movement Project’s report, “Race To Lead Revisited.” We visit the report’s conclusions and recommendations with BMP’s co-director, Sean Thomas-Breitfeld.

 

Listen to the podcast

Subscribe to get the podcast
Apple Podcasts | Spotify | Google Podcasts | Stitcher

Get Nonprofit Radio insider alerts!

I love our sponsors!

Turn Two Communications: PR and content for nonprofits. Your story is our mission.

 

Dot Drives: Raise more money. Change more lives.

We’re the #1 Podcast for Nonprofits, With 13,000+ Weekly Listeners

Board relations. Fundraising. Volunteer management. Prospect research. Legal compliance. Accounting. Finance. Investments. Donor relations. Public relations. Marketing. Technology. Social media.

Every nonprofit struggles with these issues. Big nonprofits hire experts. The other 95% listen to Tony Martignetti Nonprofit Radio. Trusted experts and leading thinkers join me each week to tackle the tough issues. If you have big dreams but a small budget, you have a home at Tony Martignetti Nonprofit Radio.

View Full Transcript
Transcript for 506_tony_martignetti_nonprofit_radio_20200914.mp3

Processed on: 2020-09-14T16:06:51.665Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2020…09…506_tony_martignetti_nonprofit_radio_20200914.mp3.110759374.json
Path to text: transcripts/2020/09/506_tony_martignetti_nonprofit_radio_20200914.txt

[00:01:48.24] spk_1:
Hello and welcome to tony-martignetti non profit radio big non profit ideas for the other 95%. I’m your aptly named host. This is a special episode of non profit radio to help you be the change around racism, people of color underrepresented in non profit leadership. That’s the main message coming out of building movement projects Report. Race to Lead Revisited We visit the report’s conclusions and recommendations with BMPs co director Sean Thomas Brett felled, responsive by turn to communications, PR and content for nonprofits. Your story is their mission. Turn hyphen two dot CEO and by dot drives, raise more money, changed more lives for a free demo and free month. It’s my pleasure to welcome to the show. Sean Thomas Bright Felled. He is co director at the Building Moving Building Movement Project. He previously worked in various roles at community change, developing training programs for grassroots leaders and worked in the communications and policy departments where he coordinated online and grassroots advocacy efforts and lobbied on a range of issues including immigration reform, transportation, equity and anti poverty programs. Building movement project is at building movement, or GE, and at B L. D. I N G movement. John Thomas Bright felt Welcome to non profit radio

[00:01:51.64] spk_0:
Thank you so much for having me.

[00:01:53.33] spk_1:
It’s supposed

[00:01:53.87] spk_0:
to be here with you.

[00:01:54.83] spk_1:
It’s good. It’s a pleasure. Thank you. So why don’t you start by describing the work at Building Movement Project?

[00:02:02.44] spk_0:
Sure, so building movement projects been around for over 20 years, and from our founding we’ve had three main areas of focus. One is what we call movement building, looking at how organizations collaborate, how nonprofit organizations can be part of movements for social change and social justice, and what it takes for organizations and non profit leaders to really be on the forefront of making big leading some big structural changes in our society. We’ve also looked at what we call a non profits and social change or service and social change because we think there is a particular role for human service organizations in bringing about structural and systemic change in our society and that that’s really important to support on. Also encourage organizations like that to get involved in advocacy. Listen to an uplift, the voice and on power of the communities that are being served, and then the third bucket of work has always focused on leadership, so recognizing that leading a nonprofit organization is a very hard job we’ve always looked at What does it take for leaders? But also, what does it take for non profit leadership? Thio really have aligned both the practices of leadership with the values that organizations hold. And so over the last several years, we’ve been particularly focused on issues of race and leadership in non profit organization. That’s what the race to lead work comes out of.

[00:03:41.14] spk_1:
Okay, right? And the This race to lead revisited report is really comparing a 2016 survey for the original race to lead with a 2019 survey for this report. Exactly.

[00:04:04.84] spk_0:
Yeah, so we surveyed people working in the nonprofit sector both in 2016 and 2019 on these issues of race and leadership. So this report race to lead revisited at some comparisons between the findings from 2016 and 2019 to see how the sector’s been evolving

[00:04:55.34] spk_1:
and you did have some new questions as well. We’ll have time to get to some of those, um, you talk about Well, first I got to say, I realize the contrast here I have long white hair and you have short, dark hair. We are. We know in the hair. We are. We’re not similar in hair. My God. Uh, yeah, OK, Sorry I couldn’t help notice. Um, you talk about we’re gonna have fun on non profit radio. I mean, it’s a serious subject, but we have fun nonetheless. So you talk about white advantage in the report versus white privilege? You mentioned white privilege once or twice, but predominantly. Talk about white advantage. What’s the What’s the difference there? What? What? What are you trying to say? A little different than the the more seems more common, you know, white privilege.

[00:05:05.24] spk_0:
Yeah. So what’s the term white advantage? What we’re trying to focus on is some of the structural advantages that accrue to non profit organizations based on, you know, multiple people in positions of power being white. So particularly thinking about the composition of boards and the composition of senior leadership teams. Um, because, you know, I think oftentimes the analysis is very individualistic, right? So, like, there’s an individual white person in the executive director role of the organization that only paints part of the picture on DSO we wanted to have a more complicated and nuanced analysis of what’s actually happened. An organization s O, that it became less about, like, the it one person at the top of organizational hierarchy. And think about it, uh, in a way that encompasses both the board leadership and senior staff.

[00:06:04.44] spk_1:
Okay. And then the structures as well, it seems thio less focused on an individual or individuals and mawr, uh, levers of power and processes policies.

[00:06:27.04] spk_0:
Exactly. And it also became a way thio understand and sort of unpack. Um, how, uh, sort of whiteness of organizations that, like in our sample, right, like, 45% of respondents work for organizations where both more than 75% of the board is white and more than 75% of staff and top leadership are white on. And, you know, I think that for me, that was actually somewhat startling in surprising um, And then we also saw that those organizations tend to have bigger budgets at least was being reported by the staff. Um but then, at the same time, we’re seeing that staff were reporting more negative experiences in those types of organizations compared to organizations with more diverse leadership on both the board and senior staff levels.

[00:07:29.64] spk_1:
And so the overall message that I got from this is that the power remains in boards and at the sea levels of nonprofits, and those are predominantly white. And that and that that really hasn’t changed from 2016 to 2019.

[00:07:35.24] spk_0:
Yeah, that hasn’t well, it’s hard to know because we actually didn’t ask the question in this way back in 2016. But I think that this, um, sort of puts our data in the context of some of the research that board source has done that shows that boards are overwhelmingly the majority of non profit boards are overwhelmingly white

[00:07:59.14] spk_1:
and also not reflecting the communities that they’re serving. Absolutely. Yeah,

[00:08:01.54] spk_0:
yeah, because I think what has happened is that the function of non profit boards very often is less a function of accountability to the organization’s constituency and mission on, because organizations often have a lot of responsibility for fundraising and raising the resource is for the organization to do its work. Um, that as a result of that sort of demand, organizations often have, um, prioritized recruiting from people who holds wealth in their communities and because of racial wealth gaps that tend to be white people

[00:08:41.04] spk_1:
on dhe. That’s recruiting for both leadership and volunteer position board with talking about boards and you make it very clear we’re talking about boards as well as C suite. You know, CEO, executive director level.

[00:08:54.14] spk_0:
Absolutely.

[00:08:56.24] spk_1:
So let’s go into the three. I guess main conclusions that the report identifies first one is that things really haven’t changed that much. We’ve already alluded to it. Things haven’t changed that much in the three years.

[00:09:14.44] spk_0:
Yeah, and you know, I’m not sure how surprising that should be. Um, for our sector. You know, I think the change is often particularly in organizations. When we’re talking about organizations where we’re talking about the composition of the staff, that kind of change is incremental, right? I think that what has shifted is that, particularly in the last year is much more consciousness raising much more awareness on the part of organizations that these imbalances, these inequities exist and needs to be addressed. Um, but recognizing that there is a problem is not the same thing is taking action to address the problem.

[00:10:18.34] spk_1:
So you are seeing mawr alright, consciousness raising awareness. It seems like predominantly because of the diversity equity and inclusion work that Ah lot of organizations have done. But it’s just sort of, you know, I’m I gleaned from the reports, just sort of scratching the surface. I mean, ah, lot of it is trainings that raise awareness, but we’re not seeing much action flowing from that consciousness raising.

[00:10:23.84] spk_0:
Yeah, And so one example of the increased consciousness was that in both 2016 and 2019 we asked survey respondents what impact to their race had had on their career advancement. And, uh, for white respondents back in 2016 roughly half indicated that their race. They recognize that the race had a positive impact on their career advancement. So this sort of classic recognition of white privilege that increased to two thirds of the white sample in 29 so one from half to two thirds. So you know that is e think progress, right? In terms of like people having a recognition and understanding that white privileges riel and that it’s positively the benefits of that privilege are accruing to white people in nonprofit organization. Um however, the same question also revealed that back in 2016 a third roughly of people of color felt that their own race have negatively impacted their career advancement, and that then increased almost basically half off the sample of people of color in 2019. So the increased consciousness is both, you know, I think leading people to recognize the ways that they have been disadvantaged as well as for white people the way that they have been advantaged on DSO. You know, we’re still left with this challenge. This problem. That race is clearly having an impact on people’s advancement. And so it needs to be addressed in organizations in ways that I don’t think training is sufficient. Thio thick

[00:12:04.14] spk_1:
right? But you acknowledge consciousness, raising an awareness that that is the first step. But we have a lot more, a lot, a lot further to go. I mean, you know, it’s just

[00:12:14.61] spk_0:
absolutely

[00:12:50.24] spk_1:
widely recognized that, you know, you don’t just do trainings a couple of trainings over six months and then check your box. You know d e. I is covered. Let’s move on, Thio. Let’s move on to the gala. You know it za process. It’s a journey, you know we’ve had other guests say the same thing. It takes time. Thio, uh, change the policies, the practices, the traditions Even if they’re not written down, that our advantage ing white folks over people of color, This takes time. But you gotta You’ve got to start somewhere.

[00:12:52.74] spk_0:
Yes, and I think consciousness raising is is an important and legitimate starting point.

[00:13:42.54] spk_1:
Right? And we’re just getting started, okay? It’s time for a break. Turn to communications relationships. The world runs on them. We all know this turn to is led by former journalists. So you get help building relationships with journalists. Those relationships, they’re gonna help you when you want to be heard so that people know you’re a thought leader in your field turn to specializes in working with nonprofits. One of the partners was an editor of the Chronicle of Philanthropy. They know the non profit space they’re at turn hyphen two dot c o. Now back to P. O. C. Underrepresented in non profit leadership. Are you going to do this in three years again?

[00:13:45.94] spk_0:
It’s a very good question. You know, it’s hard

[00:13:48.15] spk_1:
to

[00:13:48.28] spk_0:
know, uh, in terms of, like, capacity funding, all of those things um, but yeah, I think that it seems worthwhile to keep revisiting thes issues, given the pace of change. Um, having been pretty slow just in the time that we’ve been collecting this data.

[00:14:24.14] spk_1:
All right, Um, anything else you want to say about you know, how the the findings from 2016 are pretty similar? Uh, yeah. Continue through to 2019 before we go on to the next. Well,

[00:14:24.49] spk_0:
sure. I think the reason that we felt like it was worth restating on pointing out the similarity in in terms of the findings between 2016 and 2019 was because, um, you know, from our perspective, it was really important to state very clearly to the sector. But there are people of color who are in the pipeline that the pipeline is not necessarily the problem. Uh, there’s, I think, different metaphors that people have used unpack and try to understand what the problem is of why we’re not seeing more representative leadership at the top levels of nonprofit organizations. And our view has just been that it’s not a pipeline issue per se. There are people of color who have the skills training credentials to be in those top roles, but they face racialized barriers to actually moving into those top jobs to being hired for those top jobs. And so we just felt like it was important to remind the sector of that finding, Um and sort of not lapse back into, ah narrative that, like we need to train more people of color because somehow people of color are not ready toe lead. People of color are ready to lead, but are often too often not given the opportunity.

[00:15:38.84] spk_1:
Not only have the skill sets already, but are willing to, in fact, what willing Thio want. Thio want to advance the leadership in greater numbers than the and the white respondents?

[00:15:51.94] spk_0:
Absolutely.

[00:15:53.03] spk_1:
E guess. There’s narrative that, you know there’s a lack of interest in in people of color advancing toe leadership. But you’ve dashed that.

[00:16:01.74] spk_0:
Yeah, absolutely. And I think that part of the reason that’s important is because if people hold this mental model that who wants to be a leader is, uh, not a person of color, then they’re going to ignore the leadership potential of people of color in their organization.

[00:16:26.64] spk_1:
Yeah, it’s very convenient. Well, you know, the folks of color don’t really aspire to leadership. So no need to consider them. So Okay, so you’ve you’ve dashed that it’s not so in two respects. It’s not a pipeline issue. The skills air there and the willingness Is there a ZX? Well,

[00:16:36.24] spk_0:
absolutely

[00:16:42.44] spk_1:
desire Thio advance and to lead. Okay, Um right. So remember your second main main conclusion, I guess, is there is white advantage. We were talking around it. Now we come right out and say there is white advantage in the nonprofit sector.

[00:18:59.24] spk_0:
There is. And, um, you know, I think that the the white advantage takes multiple forms, right? So I think that there have been over the last several months Mawr written about like, what happened? What’s called now? Philanthropic redlining, right, that organizations that are led by people of color, particularly black led organizations, are don’t get access to the same kind of resource is as the white led organizations focused on or serving in communities of color. And so there’s really interesting research both from organizations like Abssi A ZX, well as echoing green and bridge span that really dug into that funding disadvantage. And I think that our data also showed similar findings, particularly when it comes to, for instance, e. D s of color. And this was reported on Maurin a report from based on the 2016 data but E d s of color feeling like they don’t have, they don’t get grants of comparable size to peer organization or that they don’t have access Thio relationships with funders. And so those kinds of advantages in terms of like, who funders trust who funders will give bigger grants thio all of those benefits than accrue to white led organizations that then create this financial gap between organizations, nonprofit organizations based on who’s in positions of power in that institution. And so other ways that the white advantage showed up were in terms of the sort of composition of organizations and the greater comfort that white people, uh, seem tohave in. Those organizations, for instance, on questions like Do people feel like they have a voice in their organization for people working in white, dominant organizations were both the board and senior staff are more than 75% white. That’s where we saw the biggest gaps between people of color and whites in terms of their their agreement with that statement, right? And that gap decreases as you have mawr diverse organizations. And it’s also interesting to note that the average the mean increases. So both people of color and white respondents are more likely to say they have a. They have a voice in their organizations when they work for POC lead groups. So if you know, funders want to invest in organizations that are cultivating that kind of leader full ecosystem inside of their organization that, you know, make it possible for staff to feel like they have a voice and can help to set the direction for the organization, then you know foundations would be wise to really take a hard look at their own investment and the composition of organizations that they’ve been funding on. DSI. You know, like, are these organizations largely white run or are they POC lead on. And if there are largely white one, they should start investing in more organizations that are POC ledge.

[00:20:06.94] spk_1:
You identify five opportunities which we’ll get to, and one of those is put your money where your mouth is. You just say, put your, uh, you

[00:20:08.83] spk_0:
know, money

[00:20:54.04] spk_1:
where mouth is for sure. Yeah, I mean that’s a critical lever of power is funding for any anyone, whether it’s whether it’s corporate or non profit access to capital access to markets. Um, you know, what I thought was really interesting is, um, when you were identifying whether an organization was white lead or POC lead you, you chose as a threshold for white lead, whether more than 75% whether the Board of Leadership is more than 75% white. But then for for people of color lead, the threshold was just 50%. Is that because there just aren’t enough that are that are at the 75% level? So you had to reduce the yet to reduce the threshold to define it as person of color lead? Was that the reason?

[00:21:02.45] spk_0:
Yes. I mean, I think that it reflects the sort of composition of the sector, right. So 45% of respondents reported working for organizations where more than 75% of the board and senior staff were white on then it only 14% of respondents reporting working for organizations where it was over 50% of board and senior staff where people of color, you know, like it’s

[00:21:30.25] spk_1:
hard to have

[00:21:30.98] spk_0:
a comparison between Yeah, exactly.

[00:21:34.02] spk_1:
75% shoulder, 75% for PFC. Lead was gonna be too small a sample You

[00:21:40.57] spk_0:
a

[00:21:41.99] spk_1:
handful of Okay, uh, e suspected. Okay. Um, yeah. The experience was a little more about the experience. How people experience how people of color experience work in a in a white led organization.

[00:21:58.84] spk_0:
Well, I have to say, this was surprised, Not surprising. But it was interesting that the data was so clear, um, that the these racial gaps were so much larger for respondents working for white run organizations compared toa the POC led groups. And, um, you know, I think that it reflects what we’ve been hearing from the focus groups that we’ve been doing across the country in terms of the frustration, particularly on the part of people of color working in organizations that, um, you know, I think often feel somewhat alienating. And where people feel like they, um their leadership potential is not recognized or supported on dso. It was just a really, uh it was nice to have the data show, uh, and really reflect what we’ve been hearing anecdotally through focus groups and interviews around the country,

[00:22:59.54] spk_1:
You mentioned three organizations that have contributed to this work. One of them was bridge span. And then what were the other to save them. Save them a little slower theater, too.

[00:23:03.21] spk_0:
Sure. So a few months ago, bridge span and echoing green partnered on a report that looked at the going echoing green,

[00:23:14.57] spk_1:
echoing green

[00:24:50.44] spk_0:
green. Yeah, they partnered toe look at the funding that had accrued to organization organizational leaders who had gone through echoing Green’s programs. And so they were able to then really track and demonstrate that black leaders compared toa white leaders who had gone through the same kind of leadership development programs were getting very different levels of financial support on So that report came out at, you know, the earlier in the spring and last winter, an organization called Absi, which is the Organization for African Americans in philanthropy. On DSO, the acronym is a B E, and they put out a report looking at what they call the philanthropic redlining, this phenomenon of financial support from foundations accruing to white led organizations rather than to POC lead or black led organizations. So they use this terminology of redlining because it’s evocative of historical policy that led to very dramatic differences in terms of what sort of development and investment was possible, uh, in cities and neighborhoods based on this policy of redlining. And their point is that the imbalances, the inequities and where philanthropic dollars flow leads toa completely different prospects for organizations. And because some organizations grow because they get the funding and other organizations sort of. Whether on the bun

[00:25:06.34] spk_1:
isn’t the large majority of the smaller organizations I think you’re special was under a million dollars aren’t Isn’t the majority of those POC lead?

[00:25:08.44] spk_0:
It was, Yeah, it was striking to see that a much larger share of POC led organizations had budgets under a million

[00:25:30.34] spk_1:
dollars compared to, for instance, what led organizations? And, ah, large, large majority of those are a million dollars or under in funding or annual budget.

[00:25:31.18] spk_0:
Yes, okay, yeah, in terms of the annual budget

[00:26:27.24] spk_1:
annual budget. Okay, time for our last break. Dot drives drives engagement dot drives relationships. Dot drives walks you through donor engagement. It’s a tool that’s simple, affordable and focuses you on building donor relationships and trust. There’s a free demo, and for listeners a free first month. Go to the listener landing page at tony dot Emma slash dot We’ve got but loads more time for POC, underrepresented in non profit leadership. And then the third main point is that d I. Efforts are widespread, you say, and their effectiveness is uncertain, I would say, but but their effectiveness is uncertain. You’re a little more optimistic. Um, so, yeah, we were scratching the surface of this before, but you know, say same or about what’s being done, but what the limitations of it are.

[00:26:35.74] spk_0:
Well, first off, I think it’s important to acknowledge that three quarters of the sample reported that their organizations were doing something related to diversity equity inclusion. And so the ubiquity of D I efforts is, you know, I think good. And I think it’s a relatively new phenomenon, right? Like it’s become the topic at a lot of conferences over the past five years. And so all of which is to say that like organizations are getting started right now, Um, and maybe it’s long overdue, but this is a moment when organizations are getting started. I think that the challenge, the frustration, particularly on the part of people of color. And the younger staff of, you know, diverse diversity of younger staff is that I think for far too often it feels like organizational checklist. It feels like a sort of double. Organizations are saying the right things, but not actually changing anything about their recruitment practices or internal hiring and promotion strategy. So, yeah, I think that that is the the frustrating in that, like the ubiquity does not equal impact.

[00:28:43.94] spk_1:
I just want to remind listeners the report is called Race to Lead Revisited and you can get it at building movement dot or ge. All right, Sean, how do you feel about talking? Oh, there’s there’s a quote. Oh, yeah, yeah, yeah. You You pepper the report with quotes in the margin on Dhe there. Ah, lot of them struck me that. I’m just going to read one that was probably half a dozen or so that, you know, sort of stopped me a little bit. But, uh, Pakistani woman, I don’t believe I’m taking us seriously in the workplace because I am a young woman of color. I often question things which doesn’t always go over well in majority white organizations. I’ve been used as a token brown person that za harsh reality Thio Thio read and for her to admit in a survey that, you know, I’m a token. Um So I thought the quotes were very evocative.

[00:28:55.84] spk_0:
Well, yeah, thanks. I mean, we we really think it’s important to balance the quantitative data with, you know, hundreds upon hundreds of right and responses from survey respondents and then also the focus groups that we do. We also gain a ton of insights from those conversations as well.

[00:29:16.34] spk_1:
You feel OK, go into the five opportunities or is there Is there mawr anything more you wanna bring out about the the report itself? Well, this is part of the report, but about the conclusions, conclusions and findings.

[00:29:40.34] spk_0:
Well, I guess I would just add in terms of the sort of d I and, uh, there’s the both the skepticism, but also the impact, right? I think that, um, there’s, you know, I think there’s a lot of skepticism about training, often times. But our data did show that for reserving respondents that reported that their organization trained on a variety of topics. They had more positive views on the impact of training on their organization. I think that just speaks to the importance and need for organizations have, like, multifaceted well around D. I initiatives so that training is not again, like just the check box on or sort of like. Okay, we did the training on white privilege, and so we’re sort of done that the training is a way of both sparking but also sustaining critical conversations in organizations. And that’s why it’s useful for organizations to do training repeatedly and on a variety of topics.

[00:30:59.64] spk_1:
Yeah, I think it was. It was forearm. Or if organizations had had training on four or more topics than both white, the white respondents and the people, people of color respondents, um, felt it was it was more advantageous. So they got there was more valuable training than if it was three or fewer. Could you just take off a couple of different topics that that folks should be looking to training? I mean, not not exhaustive, but you know, what are some of the some of the topics that people should be thinking about training wise?

[00:31:07.27] spk_0:
Sure, yeah. So eso in terms of the topics that we tested for in the survey people indicated that whether the organization had done training on white privileged, specifically whether they had done training on implicit bias because that is a concept that I think has gained mawr currency in the sector. Structural racism, for instance. Um, like do people think of racism as just about interpersonal dynamics or as or as the result of structural, um, and systemic forces that are being replicated by policy? A. ZX well, as implicitly, um, also racial trauma and healing. I think it’s a training topic that is becoming more popular and developed, so there’s a variety of topics, and I think the important thing is just for organizations to be open to having and doing training on a wide variety of topics.

[00:32:07.74] spk_1:
And again, the more topics, the more valuable people will feel. Three outcomes are, um So let’s go to the opportunities. Then why don’t you once you start us off?

[00:32:19.04] spk_0:
Sure.

[00:32:20.17] spk_1:
I’m sure. Wait. I put you on the spot. Do you know that you may not have him off the top of your head? I have notes I haven’t written down, so I don’t need thio Put you on the spot memorized? I don’t know do you?

[00:32:32.07] spk_0:
Yeah, I’ve got it.

[00:32:33.81] spk_1:
Okay. Okay.

[00:32:47.44] spk_0:
First in the first one was focused on structures as well as the experiences of staff. Right on DSO. You know, I think it’s pretty straightforward, but I think the the reason that we felt felt like it was really important toe lift up lived experience of staff working in organizations is because of what we saw in terms of those experience questions, right? Like, do people feel they have a voice in their organizations or not? Right. We also thought it was important to point out that policies have to actually be in force, right? Like organizations can’t just say this is our policy. But if people don’t see evidence that actual behavior and practices air changing as a result of the policy, um, then you know, I think there are real questions about whether that has real impact.

[00:33:22.08] spk_1:
There is, as

[00:33:23.32] spk_0:
we said earlier,

[00:33:35.84] spk_1:
you’re not walking the talk. Then if you have ah, policy on anti discrimination and someone says something derogatory and it doesn’t get dealt with according to the policy. Yeah, that’s a joke. Absolutely. Yeah.

[00:33:39.94] spk_0:
Um, we also thought it was important toe, you know, really, focus on the funding dynamics, so particularly for grantmaking organizations. But put your money where, like your mouth is essentially right. Like there are increasing number of foundations, that air saying that the I is important. Ah, nde sort of signaling to their grantees. But those organizations need to take d. I seriously need to diversify their boards and staff things like that. But if the foundations have not taken similar steps, if the foundations have not to diversify their own or internal institution, or the foundations have not sort of critically examined their portfolio of grants like are there racial disparities in terms of what the amounts of funding, which organizations get access to funding that sort of thing? All of that is about foundations being very serious on reflect about being reflective in terms of their own commitments to D. I.

[00:35:24.04] spk_1:
And you have reflecting reflecting your community, which we touched on a little bit, that that was really striking, how you know it’s intuitive. I mean, I realized it, but to see the numbers of, um, Whitelighter organizations that are serving POC communities, eyes like two thirds or something, I think, um, it’s startling that leadership does not reflect the communities that they’re serving, and that includes the board. I mean, you you wanna have voices from the from the folks you’re serving contributing to your contributing to your you’re you’re major decisions a ZX the board should be doing

[00:35:28.54] spk_0:
Yeah, and again, like, as I said earlier, like, if organizations see the function of the board as about accountability as about setting the direction for the organization, then I think those organizations will see the need and value of having a board that is reflective of the community that’s being served. But if organizations have the sort of rationale for maintaining the board is to have access to people with wealth and connections, and there’s obvious reasons that organizations go that route. Then they’re going to stack. They’re bored with wealthy people in their communities on again because of racism. Those wealthy people are not likely to be people of color from the constituency that’s being served

[00:36:15.53] spk_1:
and your last one responsibility and results.

[00:36:26.79] spk_0:
Yeah, I think our sense was that organizations air pushed to track a lot of things nowadays and so, like what gets measured is often what then matters. And so our sense was that organizations should be very clear about what their commitments are going to be to race equity. And, um, you know, really track those commitments and then track the results of that come out of, like, what kind of organizational change strategies they pursue. And so, you know, if organizations they’re doing like an annual review or annual reports, are they reporting on their goals and objectives around race equity? That is one way to sort of ensure that organizations are staying on track on dhe, that its multiyear commitment

[00:37:13.58] spk_1:
it’s gonna take

[00:37:14.84] spk_0:
multiple years of change.

[00:37:38.03] spk_1:
Uh, you know, just pay attention. You can move the needle on things. If you start paying attention to them, you’re saying, if you measure it, you’ll you’ll you’ll be. You’ll be accountable to it. So high attention to it. If your If your statements say that you value racial equity, then measure it, hold yourself accountable and commit to those years of change.

[00:37:41.23] spk_0:
Yeah, and I think it’s even better if organizations do that. Make that accountability public, eso that they’re the sort of reporting is to their staff. It’s to their board. It’s to their community so that, like the statements of the organizations stand with. For instance, black lives matter, then backed up with organizations being able to say. And here’s how we lived into that commitment. Here are the things that we did over the past year that made that riel,

[00:38:10.82] spk_1:
Sean, anything, anything at all that we didn’t cover that you want to talk about.

[00:38:16.52] spk_0:
Um, no, I think we covered a lot.

[00:38:34.22] spk_1:
Okay, well, we did. You know, it’s not profit radio. We cover a lot of ground, but, you know, we can only scratch the surface. I mean, we cover a lot, but what you want to read the details, So just get the damn thing. Uh, the report again is, um race toe lead racing. No race race, the lead race, the lead be visiting

[00:38:38.27] spk_0:
the lead revisited.

[00:38:49.92] spk_1:
Used to lead you visited. You’ll find it at building movement or GE. That’s where you’ll find building movement project. And Sean Thomas Bright felled. Who is co director, right, Sean, Thank you very much. Thank you.

[00:38:52.07] spk_0:
Thanks so much for having me

[00:39:32.72] spk_1:
absolutely appreciate your time. Thank you. Reminder were sponsored by turn to communications, PR and content for nonprofits. Your story is their mission. turn hyphen two dot ceo and by dot drives raise more money changed more lives. Tony dot Emma slash dot for a free demo and a free month, Our creative producer is clear, Meyerhoff shows Social Media is by Susan Chavez Mark Silverman is our Web guy. This music is by Scott Stein and with me next week for non profit radio Big non profit ideas for the other 95% go out and be great.

Nonprofit Radio for July 22, 2016: Training Choices & 2Q16 Fundraising Metrics

Big Nonprofit Ideas for the Other 95%

I love our sponsor!

Do you want to find more prospects & raise more money? Pursuant is a full-service fundraising agency, leveraging data & technology.

Get Nonprofit Radio insider alerts!

Listen Live or Archive:

 

My Guests:

Kevin Martone, Debra Askanase & Rene Swink: Training Choices

(From L-R) Kevin Martone, Debra Askanase & Rene Swink at 16NTC

Our panel from the 2016 Nonprofit Technology Conference reveals best practices for training: goals; who participates; successful formats; and working within culture. They also have suggestions for technology and leave you with resources. They are Kevin Martone, from the Harold Grinspoon Foundation; Debra Askanase, Community Organizer 2.0; and Rene Swink with Exceptional Children’s Assistance Center (ECAC).

 

 

Rob Mitchell: 2Q16 Fundraising Metrics

How did 2nd quarter fundraising go and what’s changed in the full year forecast since January? Atlas of Giving has the data and CEO Rob Mitchell shares all. Rob is with me after each quarter for analysis.

 

 


Top Trends. Sound Advice. Lively Conversation.

You’re on the air and on target as I delve into the big issues facing your nonprofit—and your career.

If you have big dreams but an average budget, tune in to Tony Martignetti Nonprofit Radio.

I interview the best in the business on every topic from board relations, fundraising, social media and compliance, to technology, accounting, volunteer management, finance, marketing and beyond. Always with you in mind.

Get Nonprofit Radio insider alerts!

Sponsored by:

 
View Full Transcript

Transcript for 299_tony_martignetti_nonprofit_radio_20160722.mp3

Processed on: 2018-11-11T23:34:18.119Z
S3 bucket containing transcription results: transcript.results
Link to bucket: s3.console.aws.amazon.com/s3/buckets/transcript.results
Path to JSON: 2016…07…299_tony_martignetti_nonprofit_radio_20160722.mp3.672994202.json
Path to text: transcripts/2016/07/299_tony_martignetti_nonprofit_radio_20160722.txt

Hello and welcome to tony martignetti non-profit radio big non-profit ideas for the other ninety five percent on your aptly named host oh, i’m glad you’re with me. I’d come down with a case of bourelly aosis if you infected me with the notion that you missed today’s show training choices, our panel from the twenty sixteen non-profit technology conference reveals best practices for training goals who participates, successful formats and working within organization culture. They also have suggestions for technology and leave you with three sources. They are kevin martin from the harold grinspoon foundation. Deborah askanase, community organizer two point oh and renee swink with exceptional children’s assistance center and two q sixteen fund-raising results. How did second quarter fund-raising go and what’s changed in the full year forecast since january? Atlas of giving has the data and ceo rob mitchell shares at all. Rob is with me at the end of each quarter for analysis. I’m tony steak too three hundredth show next week, we’re sponsored by pursuing full service fund-raising data driven and technology enabled, you’ll raise more money pursuant dot com here is the panel, kevin martone, deborah askanase and renee swink from ntcdinosaur lier. This year welcome to tony martignetti non-profit radio coverage of sixteen ntc non-profit technology conference this is also part of ntc conversations. We’re in san jose, california, at the convention center. My guests are kevin martone, deborah askanase and renee swink. We will meet them very shortly. Right now i have tio take a moment to acknowledge and recognize the swag item for this interview which is from charity dynamics. You have a combination is very well done. Combination sunscreen and lip balm. So you either apply it with this roller on your lips or you take this off and it’s ah it’s a sunscreen applicator that’s a combined and then if those to fail you then cherry dynamics has alot in travel size it’s, hard to get i have never seen alot in travel size so i’m taking this one home with me and this joins our our our swag pile for the day oh, that’s! What? That is it’s. Impressive phone. All right. Okay. Let’s, meet let’s. Meet the panel here. Kevin martone is kevin is the technology program manager for a harold grinspoon foundation. Seated in the middle is debra askanase she’s founder and digital engagement strategist. At community organizer two point oh, and renee swink is technical assistance coordinator at kevin deborah rene. Welcome, thank you, thank you, thank you, non-profit radio pleasure. All right, your session topic was the future of capacity building is collaborative, learning communities, collaborative and cohorts. Okay, so we’re ah, we’re applying. Our learning models are learning model our best process to these different structures, these distant, collaborative structures that right. Okay, i agree with that way. Well, my thanks to rene for explain that to me before that. Before that, like, i turned down because i was a little trouble with the description, but i got it. So why don’t we talk first about what a successful training process is? And then we’ll talk about the different. Form of formats that we can fit into. So makes sense. All right. Makes pretty professional trainers. Is that right? Are you asleep? Part of our in-kind department. Full time job. Okay, your bona fide hyre. Okay. Well, let’s, start with deborah askanase because i’ve known you the longest. Thanks. So what do you think the essential elements are of training? And how do you how do you do it? Best at community organizer two point zero. So there’s a couple of elements that are really important to think about the first thing when you’re designing a training is thinking about the goals. You always start with the goals. What is it that is going to increase capacity and help people to get there to increase their capacity? Because that’s, the whole point of training, and renee khun speak very eloquently about that pay goals goal. Then you think about who needs to be at the table so many times training so designed in the right people aren’t at the table and it’s really important based on your goals. What? What segment of your audience should be there? What segment of your participants does management need to be at the table. Do board members need to be at the table? It’s not a the third thing that you want to think about our learning elements. So how do people learn? And what elements do you want to bring into that so that they can best? What do that mean? Learning elements? Little jargon. E? You know, he’s, john, you know i have jargon. I want them ahead of time. I said, yeah, he’s real big on joining. Well, yeah. You warn you warn them and you’re the one who’s in it. Okay, you know what? The learning elements? What does that mean? So that’s thinking about? Well, when you take any kind of training or you goto workshop procession, you leave and you think, oh, i really learned because these pieces were part of it. So it’s often it’s, participatory, it’s, collaborative there’s, some sort of exercise where you integrated in there’s pierre, learning that takes place and there’s actually a few. If you take our slides, which are in the collaborative notes, you’ll see we kind of list out you could choose what we’re gonna work best for your session that will meet your goals. And then finally, after you thinking aboutthe learning elements then you think about okay who’s, the student and who’s the teacher here. Is it something where it’s going to be best done by pierre learning where there’s no official trainer, facilitator. But we all learn from each other’s expertise or there’s somebody who facilitates with some co learning from the students? This is the format now we’re talking about right? So you think about who’s the student who’s the teacher, a piece of it, and then finally think about and this is really important, something we came to when we were designing this the cultural elements so many times we designed trainings and we don’t think about what’s the culture of the organization, who it’s being the training is being created for and what’s the culture of the people who are attending the training, and all of us have stories about what happens when you don’t understand the culture or how you bring the culture in that’s so important and we actually have culture cards will come will come to those i i’m happy to pass it on the other side. Okay, now. So we just have about twenty five point six minutes together. So and you had at ninety minutes and plus, on top of all the top of the model, uh, we have to talk about our different formats. Communities, collaborative sze and cohorts, right? Of course. I appreciate that because i like a liberation jargon jail. Uh, i send live listener love on every show i do podcast pleasantries for our podcast ten thousand podcast listeners i do affiliate affections for the am and fm stations that are part of the show. I’ve told you. Take to sew a pattern kevin’s going to kill me if i don’t mention there’s also technical stuff to think about like how did you use technology to do the training? Alright way. But that’s like last let’s say we could get teo let’s. Let’s take on each of these elements. But we have to do it a little quicker than you did it in the ninety minute session. All right, so you deferred to rene for goals. So, rene, what about think about goals in training? Well, yeah. I mean, you always want to think about what is it? What is it you want to accomplish? But you also need to look at where our people are with their present levels, what is it? They don’t know? Because if you go in thinking, oh, i think everybody needs to learn this, and if you’re not really aware of what’s going on in your audience, they may go way already know that so we just wasted your time. So really looking at that what you’re running and we really want to increase people’s knowledge, their skills and ultimately they go out and end up doing it, and so they become active learners and active doers. So how do we be good at assessing with the goals ought to be so we’re not we’re not over the heads of the audience, nor are we telling them things that they’ve already learned they already know well, you know, when ideally it’s great. If you are able teo non-profit radio, we deal with the rto so we’ll deal with the ideal and unlimited budgets, right? Exactly. So really it’s great is if you khun survey people ahead of time, do a needs assessment. Really? Hopefully you have a relationship with your audience and you can do that. But even when all of that happens a lot of times, you just have to be really flexible and be able to pivot and kind of go and asking those questions, okay, who’s in the room, and if you have surprised people, you can go oops, we’re going to adjust, we pivoted during ourselves, way did. Okay, okay, you’re tuned to non-profit radio. Tony martignetti also hosts a podcast for the chronicle of philanthropy fund-raising fundamentals is a quick ten minute burst of fund-raising insights published once a month. Tony’s guests are expert in crowdfunding, mobile giving event fund-raising direct mail and donor cultivation. Really all the fund-raising issues that make you wonder, am i doing this right? Is there a better way there is? Find the fund-raising fundamentals archive it. Tony martignetti dot com that’s marketmesuite n e t t i remember there’s a g before the end, thousands of listeners have subscribed on itunes. You can also learn maura, the chronicle website philanthropy dot com fund-raising fundamentals the better way. Duitz who should be in it? Let’s get kevin in the conversation? Sure, who should be participating in this training so so never hinted at it, but there’s, i guess i should say it differently. I’m sorry i’m making it sound like it’s, same for everything. How do you determine who should participate in the training that you are planning, right? And there’s often two parts there’s the people who are actually you’re learning like we’re going to be it you around or whatever the training is, we’re going to be throughout and then never hinted at the the executives, the people decision makers at whatever organization that people are from making sure they have buy-in so, for example, i run this year round communications training and it’s for young communications staff to help them with their overall communication skills around planning i’m that kind of thing, but at the first session that we do, we require that their executive director or a decision maker at that organization come with them so that they can work together to come up with their overall goals, that communication goals at the organization, their overall goals so that it drives what the student is. Doing the entire year and we feel it’s important because if they’re not willing to come to that first session and be part of that it’s it’s not likely that they’re going to buy into change that happens through the course, okay? And can we talk a little more generally about how to determine who should be a participant? Well, i mean, in the training that i’ve run, it’s it’s usually relatives usually clear from the golden goals. So for us, for that communications training it’s to help each of these organizations have better communicate outreach to their stakeholders, and so we’re pinpointing the communications person director, right? Right, exactly. Okay. All right. So it should be apparent from the goals with goals should drive who belongs? Yeah, yeah, yeah. Okay. All right, deborah arms. We’re back to you for learning elements. All right? Well, you really only you pretty much have been described with the learning elements are going to me. It’s and i was a non professional trainer, so i’m the neal fight. I’m the non bona fide on the those on the path, but i’m not on the panel, so i’m not qualified to me. It’s just like how we’re gonna do this what’s going to be? How are we going? What’s our methodology going b but you said he’s going to be pure learning practice, role play. My voice just cracked like i’m fourteen, i’m just puberty neo-sage still awkward, but i missed that part of some well, okay, so we talked about learning elements that people learn by integrating it. And so it’s, really a question of for your training and for your audience. What ways are creative and perhaps applicability for people to really put into practice what they’re learning and and that was a collaborative learning. Okay, okay. Let’s give you another shot, then. So format. What? What? So there’s a different okay, what were we going to say about form out? How are we diving into this little deeper? And i called it format. It came after learning elements. Then you were thinking about the way we’re thinking about this here. This’s your culture card. You know we’ve got we’ve got the format cods for matter-ness wait. Let’s not be unkind. Not probably right? I’m going to remain where you gonna be? All right. One says one primary trainer. When that no. Official facilitator and one says facilitator plus koegler learning and these areas shaded in blue and here they are for our video audience. Okay, so i’ll let you speak through them. Sure. As part of the session, we handed these out and had groups practice. Know why i had to feel like i don’t know what you did a great job by awkwardness. I told you, i never really imagined i could graduate from here. You have a law degree, but i never graduated puberty. All right, um, so during the training we handed these out had people kind of we’re like, okay? And your session there’s only one primary trainer. And if if that’s the right thing to meet the goals and that’s what’s known as a traditional training right. But when we get into the jargon jail of the collaborative and the cohorts in the communities something where there’s no official trainer and people are learning from each other that’s called a learning community that sound like anarchy. It isthe i’ve actually participated in one and helped design one. And i think they’re fabulous not. And it can be as long as it if it’s not intentional it needs to be intentional goal right now. Is that really okay? All right, that’s a possibility. And then there’s elearning collaborative, which is more along the lines of what you do, kevin, and what what you do, rene as well and that’s where there’s a facilitator who sort of guides the overall vision but there’s a lot of peer learning that happens where people are working in groups of twos and skillsets that’s a skill that’s a really maybe an art, actually, to be a successful facilitator, i’ve been in some programs with mediocre facilitators and like, they don’t set the rules. Well, you know, they’re like too dictatorial about the rules. Don’t people participating with the ground rules are theyjust dictate them and it goes downhill from there? Yeah, like nobody feels by boat and they feel like dictated to choose card number one one primary trainer. Exactly what? You’re supposed to be the facilitator. Exactly. Okay, but i haven’t only been in crummy ones, but i’m thinking of becoming well. We did talk about crummy one or we started with what’s. The worst training you have ever been in. Yeah, i think it’s hard to be a good facilitator, i think it’s a lot of practice. Yeah. Is that okay? Yeah. All right. So that’s, the way we say that we covered format pretty well down with that. I think we’re all right. The cultural element you want to just going down the line. Get now that’s where the culture courts because it was fun this week. A lot of fun because actually in the training, folks were given a scenario of something. So we gave them a scenario of a training they had to develop, so they didn’t have to think about that. And then when we dealt the cards out, then that made them really start to apply what we hoped. Where the elements of a good training so the culture cards we passed out, they’re in purple for those folks that aren’t on video and see this. But basically, what if one of your training participant’s death what do you d’oh that’s oneaccord says a training personally handed that car? Yes, exactly. Managing management and staff they supervise are in the same training, management and the staff they supervisor in the same training. Yes, kevin said, but the first right? Right, you’re you’re that’s mandatory. For you, the first for the first time, a man, kevin, you get you also deal with that in a very interesting way with the where? Management’s not in the super secret group that only the trainees. Aaron. Right, that’s. True. Right, then we’ll spend the whole day together. Well, they spend that first day, but then the rest of the year oh, yeah, the participants are allowed to have a safe space where they can bring up issues that kind of thing and not have it first session has to be with management, right? And the whole rest of the year is with the right, the communications director. Right? Right. We’ll bring up a lot more a lot other different issues. If they’re they’re together the whole time, certainly very hard can’t come up. Right? Like i’m understaffed and under resourced. My ceo doesn’t hear me. You’re going to many administrative things that take me away from my communications task, right? I interviewed. Well, we had a communications panel yesterday. Yeah, like miller was great. Then there were two others also, and i got an earful about potential problems. Exact locations, directors face it could be you have spanish. And english speakers and you have the priority is to use only one language. Okay. That’s a tough one? Yes, it is. Or the culture of the organization failure is frowned upon. They don’t allow innovation. Well, they don’t encourage and the innovation and risk exactly was frowned upon, right? And then if then you no staffer required well, that really to attend the court set staff says staff are required. Brandraise yeah, and mix of skills and levels and experience. So all of these things, these culture cards really can cause a really can either be amazing and opportunities for growth and collaboration. Or they can be cluster. You know what the’s a cards are? Index cards size. I’d say they’re all color coded the culture cards or purple and the format cards were blue and we have some green ones over there. What with all that? Absolutely do those and these were basically show show show kapin buy-in that basically location because sometimes organizations khun do them in person or sometimes people have remote staff and so we really mixed it up is, you know, either entirely remote or in person or a combination entirely in person remote. And in person or entirely remote. Okay, location. That’s going to impact? Uh, okay, kevin, make this explicit. How does location make a difference? Why? Why is that important? Well, especially for all right, it’s a plan that was especially for these trainings where we’re trying to make a collaborative where we’re trying to build not only content, you know, knowledge in the participants, but also appear network if it’s all virtual, you really have to work hard to make those connections. So you know whether it’s, you know, in person, you can have them go up for coffee and they can connect much easier, right? Right, exactly. And so, you know, you might use, and this is where sometimes technology can come in, like using google plus hangouts where its visual or some other kind of video conferencing so people can talk to each other, breaking the group up into smaller groups and having discussions. So they’re talking about each other’s issues in their homework, and you know what they’re working on. And then there’s also just techniques you can do so. One of my colleagues, laurie herrick, does a great job of doing this and her fund-raising training. Where she asked questions in her webinars, which well, you know, we all know what weapons could be painful and very dry, but she’ll ask a question and just stop and there’s a lot of awkward silence, especially at the beginning of these trainings. And i know for me, my instinct is to jump in and, like, give the answer right toe as a training. Like, i i kind of know what i want, but she really steps back and lets them talk. And so that’s the kind of thing unless them across talk so that they’re working with each other, building that pier collaboration and connecting with each other. So there’s a lot of different techniques you can do that you might need if its remote versus being in person. Okay. Thank you. All right. I feel like we could move now to our voice cracked again thursday. Moved now, tio. All right, so these different formats that we’re going to apply this to the learning communities, the collaborative tze and the cohorts. Yes. We want to have a collaborative training for our capacity building cohort. Theo, i’m striking. Jorgen jorgen session collaborative class. Okay, collaborative capacity bilich okay. So what is a who wants to take this? Who? What is a learning community? I’ll take that one off. Okay? So elearning community is that one that you called possible anarchy where there is no official facilitator in the community itself decides what they wanna learn in this eye. How do we know walking into that thing? That this is going to be valuable to me? That is what i’m paid to be here. I don’t even know what i’m walking into. Well, these air more than anything done from the community, not as a paid trainer. There’s no paid trainer. The community teaches itself. So think of something like where you a community of practice like ten group gets together. Exactly. But it’s a little more intentional around. We’re trying tto learn from each other and designing the learning experience together. All right, this is not a paid training that i’m attending at a hotel for a weekend or something. Most likely. Okay, thank you. Rights here. And i’m the neophyte eyes these basic questions. So this is where the community intentionally decides what it wants to learn. An example would be one that i have participated in. And helped design for the faculty at marlborough college grad school, where we realized we all had a lot to learn from each other and we’re so busy teaching we didn’t have time to understand the value of what everyone could contribute. Where is marlborough college? It is located. The roger program is in brattleboro from and it’s ah graduate program for non-profit management and i teach social media for social change. Someone else teaches environmental justice someone else teaches, you know, all kinds of things finance, whatever, and we decided to come together as a learning community, and for a hour and a half once a month, someone would share three questions that were fundamental to think about what they teach in the community. It wasn’t just that say i would share a critical question about social media wasn’t that i’m giving my knowledge is that we’re having a conversation where were all learning together about this piece, and then we decided talks about talk about goals, we decide it was a cultural value that no one should have more information than the other, so any supplemental readings were handed out afterward so that we all learn together at the same time. And then there was afterwards supplemental reading to continue the conversation. So that’s an example. Okay. Okay. That’s. Ah, learning community right now. That’s an ongoing you doing in that format that’s. The form that we used last year. Now another learning community starting up this year. Okay. All right. Who wants to take on collaborative sze what’s a collaborative grayce that’s a really good question. I think they weave ultimately, we decided collaborative cohort waiting in the session to go really well with the reason we did that is because he s deborah’s looking at me as we were having these conversations and we were like, going okay, well, what is the definition of a collaborative? And what is the definition? And really they end up bleeding over to each other. They have lots of the same characteristics. So bottom line is it really doesn’t matter what you call yourself. As long as you are incorporating all of these learning elements and you are meeting the needs of either yourself like a learning community or the end person, the participant and you are increasing their capacity. Then we’ve done exactly what we have set out to. Dio give me a collaborative ako or whatever they call it. All right. So in other words, this session topic is fragile. That’s what i’m saying for a little bit weird that you were good with that thing misleading at best. Absolutely likely fraudulent. What? We needed to get you in the door somehow. Right? Right. Generation. You just want to win the election either because there were six hundred seminar top six hundred workshop possibilities. And you wanted to make the you got exactly what you got. You got to do what you gotta do. I will say that in all fairness, one of the beautiful things is that kevin and i proposed the topic and there was another person who was going to do with us who wasn’t able to make it. And then we brought in rene. We brought in andrea. And as we’re all understanding each other’s expertise and how we approach training the way that we decided teo, execute on it, change slightly and that’s why it’s a little odd that’s all that’s, all very collaborative because we have pamphlets. Collaborative way. Did you like it? If it’s not a georgia or in the liberation? Perfect pivot. Oh, good. Neo-sage he’s. Quick friday. Alright. Okay. How about ah, about a cohort? Is there something legitimate and coordinate is actually doing? If you want to talk about how you do cohorts well, i was going to say, well, yeah, i do a cool a half. Yeah, i talk for a living. Not like you, tony, but we do a co wart two of our spanish speaking staff that are tend to be very isolated in our centers are non-profits and so we really wanted to build a cohort that they knew that they could rely on themselves and in build that community while also being a cohort, but also respecting the fact that everything needed to be in spanish for them as well. So it ended up being a combination of a cohort and a learning community at the same time. And it turned out really nicely that’s why we say it meets the goals that we hear. Exactly. Okay, we need a couple more minutes because we could talk for everybody training haven’t talks about technology beautiful and how it supports our way. We have a couple minutes i’d like to make so i mean the first thing the stresses and we talked about this in the session, it was the last thing we talked about all the other stuff we’ve already talked about it much more important. Technology is just a tool to help you reach those goals to help your participants get what they’re supposed to get out of the course. But, you know, we talked about some of the technology’s already, so you know, whether it’s, google plus hangouts to whether, if it’s it’s remote, the private facebook group, i think, never mentioned which was is a place that we use for the participants to share their homework, to have other conversations privately away from their management. You know, what were some other technologies we talked way we even use some that some people like we use big tent, which is just a free, big, tanked and yes, and it’s, just a free online where you can have forum and post documents? Eso which like some people, that we just looked upon it, but it works for our community. I know another cohort that uses they actually bookmark and ever note, and they have a collaborative notebook where they they fill in. With ideas they have in between. The actual learning session site is called ever note. Ever note? Yes, black back-up because it has been mentioned in some other interview. Slack is known for it was mentioned. I thought for project management. You can use it for your basically twisted. However you like. Okay? Yeah. Okay. And then they listed webinar technology. So everything from adobe to webex too joined on me. Joined up mi young’s, jing’s aaron, i love personally j r g i n g i just isa use that for screen jobs. Wellbeing, street raptures. But if you are trying to teach something really specific, it’s a great way to post it and for people to use it. So it is a way we use it a lot in our community. Yeah, exactly. Just joking. It’s j i m j i just yeah, yeah. Okay. Yes. I’m slow in the morning before. All right, all right, all right. So this is very interesting. So actually have something in twenty five, twenty six minutes that you know, these these formats, aside from being fraudulent in the title, they really they are. We never sharing. Really? They really are not. Really or not the key? I mean, they they blend together, there could be a milan jj of many and it doesn’t really matter what they’re called. As long as the training is meeting the needs and the goals of the of the i’m not even sure called trainees, but thrice already catching on e i never trainees was not right and help us eliminate jargon. I mean it’s always a word fraudulent. We’re like we’re done with this. Thank you. Alright, the they are kevin martin and he is the technology program manager at the harold grinspoon foundation and in the middle. Deborah askanase, founder and digital engagement strategist. Community organizer two point oh, and renee swink, technical assistance coordinator at the c a c thank you so much. Thank you. Fun. Yes, stony martignetti non-profit radio coverage of sixteen ntc. Thank you for being with us. Two q sixteen fund-raising results with rob mitchell coming up first. Pursuant, they’ve got mohr free research for you. Just released yesterday. A new report optimized your donor pipeline. You need to raise more money. That means you need a strong pipeline of potential donors or prospects. Whichever you prefer to call. Them coming in coming in your door. This report is to help you build and retain and optimize that pipeline coming in it’s free like all their researches it’s again optimized your donor pipeline. You’ll find it at pursuing dot com and click resource is and i’m just amazed at how much they offer for free lots of webinars that are in fact, one of their weapon. Our guests is eyes going to be a guest on non-profit radio coming up talking about disney? What? What he learned from disney and applies in non-profit fund-raising but any case, the free stuff, the free knowledge that pursuing shares is generous, remarkable. Take advantage of it. Get thea, optimize your donor pipeline report now for tony’s take two, three hundred show next week it is the sixth anniversary of non-profit radio. This is the two hundred ninety ninth show and next week three hundred scott stein. You know him because i credit him at the end of every show. He’s going to live in the studio with his eighty eight he’s going to play the song claire meyer, half our creative producer is going to be in the studio from north carolina. We’ve got giveaways, non-profit radio fact or fiction game show lots going on. We’re going periscope it so you could join us on joining the periscope through twitter um, three hundred show next week. There’s a video on it at tony martignetti dot com says a little more, but the takeaway is next week three hundred show be here, that is tony’s take two. I hope that was emphatic enough. I’m concerned it may not have been rob mitchell is with us. You know him? He’s, the ceo of atlas of giving, which is the only monthly forecast and measurement of charitable giving by sector source and state in the u s they’re an atlas of giving dot com. Rob is at ah, philanthropy man or as i like to say at philantech roman rob mitchell, our resident roman welcome back. Hey, tony it’s. Good to be back. Pleasure to have you were talking about the second quarter of sixteen what’s the what’s, the headline for the mid year. Well, the midyear headline. I wish i had better news for you, tony, but e-giving has been essentially flat for the first half of two thousand sixteen. We’ve had a gain. Of less than one percent for total giving, which amounts to two hundred forty one point to a billion dollars. Okay, and what’s the percentage it’s actually point nine percent. So just okay, so just slightly under one percent gain. Okay? Um yes, all right. And yeah, that there there are some. There are some reasons for this. There also are some speculative reasons for this. But i will tell you that on dh this is not a good sign. June giving decreased i’m slightly from may for a total of forty points seven. Two billion. Now that was just it was virtually flat. But dahna we haven’t observed that for several years. In fact, we haven’t observed that kind of flatness since two thousand. Alright, since two thousand ten you’re saying there hasn’t been a six month period of this degree of flatness. Is that right? That’s? Correct. Okay, so it’s been six years are two thousand ten sort of emerging starting to emerge from the recession. All right, well, we had a we had a great emergence from the recession. Metoo apart from what other estimators have said are you know the atlas of giving consist of sixty. Five separate algorithms where we we have identified what factors are involved in giving and their relatives strings by sector source and st s o um, yeah, this is this is, uh this is a a bit of a different year. We’ve been on the rise since, um, since really two thousand nine and, um, this year’s very different donors are very uncertain right now. They’re uncertain about the economy, they’re uncertain about the stock market, and as all of us know, the stock market has had significant volatility this year, there is the continuing fear of rising interest rates. Um then there’s the election and the outcome of the election is huge because people are there sitting on the donor’s air sitting on the sidelines there they’re not. They’re not drawing back, but they’re also not increasing because they’re wondering about how the outcome of the election is going to affect them on taxes, on their income, on social security, on student loans and other things. Okay, rob, can you speak to where where things stood back four years ago? Ah, this period in two thousand twelve, right before an election. I don’t have that information and, you know okay, okay. I’m just wondering what what generally election is, whether this is an unusual election cycle for for fund-raising it i believe that it is an unusual election cycle. I mean, we’ve got two candidates who had who have the highest disapproval rate that we’ve ever had in history. Well, i know it’s an unusual election, it’s certainly that i’m wondering if if the impact on fund-raising is different than it has been in the past. That’s all right, we can. We’re going to you’re going to come back. What? After where? We know ah september, right? So we can we can still we could talk more about that in after the third quarter. Sure. Okay. Okay. We could compare maybe just two thousand twelve and maybe even two thousand eight. Okay, no problem. Let’s, talk a little about semente. Vigia yl. Well, actually, now, before we move on to different how different types of charities are faring so far, let’s talk a little more about some of this uncertainty. Another thing i’m thinking is, what about oil prices? Oil prices being so low. That’s gonna have an impact in our energy producing states. It does. And in our energy producing states and i live in one of those, which is texas, and i actually have a business which has been negatively affected by the downturn in oil prices and so that’s the bad news. So states like texas, north dakota, wyoming, pennsylvania um, those states that were flourishing before the oil, the oriole price shut down are having a difficult time. Yeah, we’re moving away. They’re finding other jobs and so forth. But there’s there’s a good side to this. The good side to this is that gasoline prices no are lower as a result, and therefore there is more disposable income for most of the country and that that is reflected not only in gasoline prices but in i couldn’t believe this. But i just just a couple of weeks ago, i was able to fly my daughter from chicago to san antonio for forty five dollars. Yeah, and that is a direct reflection of oil of the low price of oil, right? So it’s a ying and yang sort of thing. Yes, the states that our oil dependent are having a difficult time. But i would say for the overall charitable giving economy what’s happened in oil prices is a very positive thing. Okay, okay. By the way, i would argue that new york state and especially the capital, albany, is a major producer of gas. But that’s that’s a political statement i turned out to be trying to be political on the welsh. I don’t know, maybe it’s true in a lot of steak kapin had in the in the this week in the in the convention and next in next week’s convention. I don’t know that there can be more gas. There was a lot of gas coming out of those that’s. True too. Um all right, that’s, the extent of our political commentary are interesting. All right, so you think the low oil prices are generally generally a positive, generally a positive, because discretionary income is the key to charitable giving to the terrible giving economy means seventy four percent. Seventy four percent of all guests are made by individuals, right? So when individuals have more money available to them, they will give more, okay and when, when things like interest rates, inflation, oil prices or get in this case, gasoline prices or or a few loyal prices for heating in the winter. Put pressure on them. They have less money to give, and seventy four percent of the economy is given by individual giving. Yeah, and that’s that’s reflected in some of the other numbers that you you report for the for the midyear that grants from donor advised funds are up significantly. Foundation grants are up significantly. But we’re still only see a nine tenths of a percent increase, because three quarters of the giving comes from people. Exactly. In fact, if you look at as i look at the sectors, a zai look, a e-giving by sectors. You know, one of the sector that is the most affected by individual giving it’s church e-giving and it is down one point, one percent that’s pretty for me. That’s pretty typical when we you and i have been talking about this every time you’re on and we’re covering this church giving has been declining about one percent each year. For what, three, four years? Something like that. It has been because and it’s a it’s a combination of factors. But it has a lot to do with there’s less there’s, less participation on the part of americans and church attendance in church. Joining or membership and and then churches also are like large charities. They take it on the chin when unemployment is high. Now i understand unemployment is not officially is not high right now, but we’ve had a tremendous number of people drop out of even looking for a job and that’s that’s making an impact to and but you compare that with okay, so that’s the largest sector that that that sector accounts for a third of the charitable giving economy. Yes, and it is declining, and we expect that it will continue to decline, but then you look at the sector that is performing the best, which is the environmental sector, and there are almost four percent. The problem is it’s great, that they’re at four percent, but they’re the smallest sector. Yeah, they’re a tiny piece of the pie. What what’s what’s there, what’s there, taking the in the in the overall, giving the percentage wise. What is the environment account for the environment accounts for two percent? Okay, rod, we gotta go out for a break. When we come back, you and i’ll keep talking, and i know everybody’s going to stay with us. Plus, we got live. Listen, love coming up. Don’t want to miss the loveless term of stay with us. Like what you’re hearing a non-profit radio tony’s got more on youtube, you’ll find clips from stand up comedy tv spots and exclusive interviews catch guests like seth gordon, craig newmark, the founder of craigslist marquis of eco enterprises, charles best from donors choose dot org’s aria finger do something that worked and they are levine from new york universities heimans center on philanthropy tony tweets to he finds the best content from the most knowledgeable, interesting people in and around non-profits to share on his stream. If you have valuable info, he wants to re tweet you during the show. You can join the conversation on twitter using hashtag non-profit radio twitter is an easy way to reach tony he’s at tony martignetti narasimhan t i g e n e t t i remember there’s a g before the end he hosts a podcast for the chronicle of philanthropy fund-raising fundamentals is a short monthly show devoted to getting over your fund-raising hartals just like non-profit radio, toni talks to leading thinkers, experts and cool people with great ideas. As one fan said, tony picks their brains and i don’t have to leave my office fund-raising fundamentals was recently dubbed the most helpful non-profit podcast you have ever heard, you can also join the conversation on facebook, where you can ask questions before or after the show. The guests were there, too. Get insider show alerts by email, tony tells you who’s on each week and always includes link so that you can contact guests directly. To sign up, visit the facebook page for tony martignetti dot com. Hi, this is claire meyerhoff from the plan giving agency. If you have big dreams but a small budget, you have a home at tony martignetti non-profit radio. Welcome back to big non-profit ideas for the other ninety five percent. We got to do the live love, you know, the live love has got to go out to st louis missouri college station, texas while we’re talking about texas um, maybe that’s rob. Rob, is that you listening earlier? You in college station? I am not in kottler enough. Okay, then that someone else and there’s live love going out to that person. Also fort worth, texas live love going out there. And then, uh, let’s go abroad. We got verburg, netherlands. Welcome, netherlands live listener love to you. I don’t think you’ve been with us before. If you have it’s not too common. Come back. We’ve got many mean colombia. We’ve got seoul, south korea. Where? Of course i want to say come za ham, nida and tokyo, japan konnichiwa, beijing china knee how always so reliable. Unbelievable! The asian connection between seoul, beijing and tokyo. Such reliable listeners live love to you what comes after the live love it’s got to be the podcast pleasantries, you know i mean that’s. A rhetorical question pleasantries out to the many, many thousands of people listening on whatever device whatever time, whatever activity you are doing at this moment. Are you on a treadmill? Are you in a car? Are you painting the side of your house? So you’re washing your dishes pleasantries to you, our podcast audience, and after that comes the affiliate affections. You can’t have live list of loving podcast presences with out affiliate affections it’s just not done. I couldn’t i couldn’t conceive of it. Our am and fm listeners throughout the country. Stations ranging from oh upstate new york to washington state, down tto oregon and california and philadelphia area well, that’s actually not filled out buy-in castor county area. Those are the ones that come to mind all affections to all and more. There are other stations out there all our affiliate station listeners. Rob mitchell. Thank you for that indulgence while i greet and thank are many of the songs i have one question for you. Tony. Yes? Are you the guy playing the piano for the intro music? No. That’s. That’s, scott steinar music is by scott stein. That is fantastic. That well, if you listen live well, if you listen to next week’s show live or archive or affiliate you’ll hear scott performed the entire song, which is cheap red wine he’s going he’s going to be in the studio with his eighty eight and he’s going to play a song for us so well, i think he should change in the name tio two buck chuck, what the hell is that? Well, if you don’t know about trader joe’s too, but check is the is the trader joe’s economy wine. So when you’re talking about keeper at wine talking about two bucks two buck chuck. Okay, theo, this song, i think, was composed before trader joe’s was was popular. I don’t know before they were before they were even existed, but ah, it’s it’s several years old, but the tune caught my ear and we’re not changing to two buck chuck hyre that’s good to know that you’re a nino file. You like your wine? Yeah, well, actually, i i actually am a, um i have an interest in a central coast winery, so yes, in a way, i am andina file central coast of california. Yeah, yes. You want to shout out the winery? Um, the name of the wine group is called the inter p wine group. And our award winning lines are called double bond. Double bond. Ok, i’ll check it out from the central coast. All right. And very interested. See what you learned on non-profit radio it’s remarkable. The ceo of us of giving has an interest in a double bond wines and and the entropy wine group. You’re not going. You’re not going to capture that. And other media outlets. You just not. All right. That’s, enough navel gazing and backslapping. So let’s talk about, um, britain’s exit from the european union and the european common market. You are very concerned about that. Yes, i am. Okay, let’s, move on. How about a little fulfilling some detail? Okay, well, the first thing i’ll tell you is that if you go on atlas of e-giving dot com today and pull up the current monthly report, which is through june it’s the mid year report, it will show that we are projecting that e-giving well, the giving your will finish two point one percent higher than two thousand fifteen. Now. That’s. Good news. Any increase in giving as good news? Yeah. Blood. It is slightly lower than our original forecast back in january of two. Point. Six percent. But here’s. My concern. The exit of the brits from the from the u is goingto have some negative effects, which are not going to be immediately apparent. But could but will, up here over the next six months and here’s some of the things to look for. What? The effect of of the brits leaving the eu means that the the u s dollar is, is that a high and that’s great if you’re traveling across the world? Okay, wait, wait, i can’t let you get away. Hold on, i can’t worldwide trade that’s a very bad okay, hold on, hold on. What about rob? Rob mitchell trompeter financial markets slow the economy and i would say that the financial markets that we’re in now could be characterized as volatile. I mean, one day we’re, uh i’m watching my portfolio when they were up when they were down. You just you just never know rob. And one of the most concerning things to me is that fed chair janet yellen isn’t sure said publicly that she isn’t sure if the exit of britain from the you will trigger a global recession. Now that’s not something that’s a very, very strong statement from the chairman of the fed and so that’s that’s troubling. Okay, rob us unemployment. Robert you listening to me? Rob? Rob, stop for a minute. Okay, okay. Take a breath, please. I’ve been trying to get a question and i’m trying to get a question into you, we’re going. We’re going back now, going back a minute. You have tio, all right, we have just about two minutes left, make it s so. I understand you’re very concerned about brexit, make it explicit for me. What is the connection between britain leaving the european union and the common market and a strong dollar? And a strong dollar. Yeah, strong dollar. How does that happen? Worldwide? And that effects the american economy? It also effects u s unemployment. But what’s the connection between britain leaving and those things you just said. They’re britain and germany were propping up the european union and it’s not clear at this point whether the european union will survive, because if if the germans tone and tony you and i wr roughly the same age, if the germans and the if the germans decide that they’re tired of supporting the socialist activities of italy, france, greece and spain, the hole you could fall apart. Okay, so that all right, so that makes the american dollar more appealing. Okay. Okay. That’s, the kind of art that’s we gotta make it explicit. Everybody listening is not an economist, including me. Even though i have a bachelor’s in science from an economic from carnegie mellon university. Um okay. We have just about thirty seconds left. Leave us with it’s a friday. Leave us with something a little positive. Please. The good news is that in spite of all the bad news, charitable giving is expected to increase this year by two point, one percent. Right so far. My two point one. Okay, alright, rob, we gotta leave it right there. Rob mitchell, ceo of atlas of giving. You’ll find them an atlas of giving dot com and that’s where? The media report is and he is at philantech roman. Thank you, rob mitchell. Thanks, tony. Always great to be with you. If you missed any part of today’s show, i beseech you, find it on tony martignetti dot com what about next week? It’s a three hundred show that’s. Another rhetorical question. That’s two in one hour. What do you know? You know what next week is it’s a three hundred joe, for goodness sake, responsive by pursuing online tools for small and midsize non-profits data driven and technology enabled pursuing dot com our creative producers claire meyerhoff she’ll be in the studio next week. Sam liebowitz is a line producer, he’s in the studio every week gavin dollars are am and fm and outreach director. He’s never been in the studio shows social media’s by susan chavez. Nor has she, but she doesn’t actually work from california. Our music is by scott stein. He’ll be in the studio next week. Be with me next week for non-profit radio big non-profit ideas for the other ninety five percent go out and be great xero what’s not to love about non-profit radio tony gets the best guests check this out from seth godin this’s the first revolution since tv nineteen fifty and henry ford nineteen twenty it’s the revolution of our lifetime here’s a smart, simple idea from craigslist founder craig newmark yeah insights, orn presentation or anything? People don’t really need the fancy stuff they need something which is simple and fast. When’s the best time to post on facebook facebook’s andrew noise nose at traffic is at an all time hyre on nine a m or eight pm so that’s, when you should be posting your most meaningful post here’s aria finger ceo of do something dot or ge young people are not going to be involved in social change if it’s boring and they don’t see the impact of what they’re doing so you gotta make it fun and applicable to these young people look so otherwise a fifteen and sixteen year old they have better things to do if they have xbox, they have tv, they have their cell phones me dar is the founder of idealised took two or three years for foundation staff, sort of dane toe add an email address their card. It was like it was phone. This email thing is right and that’s why should i give it away? Charles best founded donors choose dot or ge somehow they’ve gotten in touch kind of off line as it were on dno. Two exchanges of brownies and visits and physical gift mark echo is the founder and ceo of eco enterprises. You may be wearing his hoodies and shirts. Tony, talk to him. Yeah, you know, i just i’m a big believer that’s not what you make in life. It sze, you know, tell you make people feel this is public radio host majora carter. Innovation is in the power of understanding that you don’t just do it. You put money on a situation expected to hell. You put money in a situation and invested and expect it to grow and savvy advice for success from eric sabiston. What separates those who achieve from those who do not is in direct proportion to one’s ability to ask others for help. The smartest experts and leading thinkers air on tony martignetti non-profit radio big non-profit ideas for the other ninety five percent.