Herjavec Group Testimonial: Sunnybrook Foundation
Sunnybrook Foundation, a non-profit division of Sunnybrook Health Science Centre, supports the advancement of patient care, research, and education through active fundraising.
Mindful of a limited budget for security, Herjavec Group was able to step in as a trusted advisor to Sunnybrook Foundation, assessing their existing security framework, identifying any missing gaps that needed to be filled, and building a roadmap for continuous improvement.
Video transcript:
Wayne Cox:
Sunnybrook foundation is the fundraising arm of Sunnybrook health and sciences center. Basically we raise money to ensure that the hospital has all the funding they need for health care and research. Being associated with health care organization, heightens our awareness of security risks. Sunnybrook is Sunnybrook to the general public. If we can’t be trusted with our donors data, our reputation can take a serious hit. We are looking for a partner, an expert in the security space to help guide us through these first steps.
J.R. Cunningham:
The cybersecurity has become incredibly more complex for our clients. There are hundreds of security products. There are dozens and dozens of security services, and so advisory services is really the part of the organization that helps sift through the noise for our clients and helps them determine what are the right things they should be doing in their cybersecurity program. With Sunnybrook foundation, we came in and took a look at the organization, looked at the nature of being a nonprofit, looked at the existing security program, looked at the maturity of controls and made some very specific recommendations, recognizing that this is an organization that is non-profit. And so it’s going to be very selective and very careful about how it spends money on cybersecurity, and we’re able to build a roadmap for them that demonstrates for them what they should do next in the program. The hardest question to answer today is where do I spend money wisely to get the most impact out of my cybersecurity program? And that’s the value of a good cybersecurity advisor to help understand how the business operates, help identify the threats to that business. Look at the control scape, and what’s out there in cybersecurity. What’s available to protect an organization and put all those puzzle pieces together to help solve for the client, “What is the thing that I need to do right now in order to protect my organization?”
Wayne Cox:
Based on the recommendations from Herjavec, we have created a plan of attack on the highest priority items first. The first thing we are going to do is actually hire on a consultant basis, a security professional to help us through the next 12 to 18 months. We’re establishing a committee at the senior management level of the foundation to ensure that all of these tasks are met and we’ve actually started implementing some of the technical solutions.
J.R. Cunningham:
We cannot underestimate the importance of cybersecurity to non-profit and charitable organizations. The risk of disclosure of donors, the money around where investments are made. These are things that need to be kept confidential for nonprofit organizations. And keeping that in context of these organizations have to be very careful about how they spend their money on cybersecurity presents a very interesting challenge for us in the cybersecurity industry and one we take very seriously.
Wayne Cox:
It’s everyone’s responsibility in the organization to be aware of cybersecurity threats, and to make sure that they follow proper procedures. We’re doing this by bringing our security policies to the forefront and also making sure that our senior leadership team is giving the time and resources that we need in order to make that happen. Having Herjavec Group as a trusted security advisor gives us peace of mind at the foundation. It’s really great knowing that you have an expert at your disposal to help you through any questions or concerns that you might have around your cybersecurity.