With the worldwide effects of the Wannacry and other similar ransomware attacks recently, the Internet Society offers strategies that an NGO, or other organization, can take to protect itself.
Their blog on the subject offers 6 basic tips:
1. Employ strong, multi-layered endpoint security
2. Maintain regular backups of your critical data
3. Do not open unsolicited emails or messages from unknown senders
4. Patch your systems regularly
5. Disable macros if possible
6. Be aware and vigilant
They also reference a set of resources that can help such as:
The blog also points to the Internet Society Spam toolkit, which contains advice an NGO can use to protect itself from threats.