Webwork - 6:51 pm on May 10, 2011 (gmt 0)
Save your money. If some fool is looking to ride your coattails, by regging a x x x domain, they're the bigger fool than the fool that regs the x x x domain to avoid that outcome. . . (No . . wait . . I think I have the size of the fools backwards . . :P jk)
All kidding aside, if your NPO's traffic in any way "leaks" to the x x x domain there is something seriously wrong with something somewhere that cannot be fixed by registering a x x x domain. It's a valid question to address - the idea of defensive domain registrations - AND IF it was a .com, .net, or .ccTLD issue (version of your .Org) I'd likely say "do it", but I suspect the only folks pushing/promoting "defensive x x x registrations" will be the x x x registry reps.
If this turns out badly for your NPO client (failing to make a defensive reg) you will always have the fall-back defense of blaming us - the domain name experts :P - for given you the bum advice . . . or, you could also blame your SEO firm . . :P