Not-for-profits now more at home with tech tools, but cyber threats are rising
Posted on 14 Dec 2022
By Matthew Schulz, journalist, Institute of Community Directors Australia
Not-for-profits are transforming the way they use technology in the wake of the Covid-19 pandemic, but remain vulnerable to cyberattacks.
A national study of tech in the sector has revealed common themes across Australia and New Zealand, including a huge spike in the ability to handle remote work, a wholesale shift to the cloud, rapidly growing cybersecurity threats, and a growing realisation that organisations must boost the digital skills of workers and volunteers.
The study Digital Technology in the Not-for-Profit Sector surveyed 625 not-for-profits for sector tech experts Infoxchange, and found Covid-19 had prompted many new priorities for NFPs, led by moves to build digital skills, adopt collaboration tools, improve video conferencing, enhance data protection and file storage, and improve online service delivery. There had been an average 30% budget boost for tech infrastructure in the past year, also in response to the pandemic.
The study showed:
- 78% of organisations plan to shift information to the cloud, or have done so
- 59% of organisations don’t have the systems they need to understand their impact
- 53% of respondents did not provide cyber-security training to staff
- 51% don’t have an information security policy
- 45% don’t have a data breach response plan
- 44% lack confidence with the tech and IT they use
- 43% of organisations don’t have all the infrastructure they need to support remote work, despite 83% allowing staff to do so
- 35% of organisations don’t use multi-factor authentication.
While the report showed the sector was adapting its tech tools to meet today’s needs, charities minister Andrew Leigh – speaking at the report’s launch – said more needed to be done.
“The report puts a spotlight on issues that come up in so many of my conversations with the sector – how to use data, how to ensure that organisations are making the most of online technologies to organise their volunteers, manage their day-to-day operations, and to seek support from the community.”
“If we are going to … become a more reconnected nation, we need our charities and not-for-profits to be as tech-enabled as possible.”
Infoxchange CEO David Spriggs said the sector was responding to the need for IT upgrades, including IT for measuring outcomes and better understanding impact. (The Institute of Community Directors Australia has recently highlighted this as a priority area and published a comprehensive help sheet on the subject.)
But Mr Spriggs warned that organisations must do better to protect their data and IT systems.
“Given the increasing number of cyber-attacks and data breaches, we must urgently address the significant shortcomings of the sector in relation to information security. The report shows that organisations are falling behind in not having in place information security policies, staff training and even basic protection measures like multi-factor authentication.”
Infoxchange will use the report’s insights to inform its Digital Transformation Hub,
which provides help for NFPs wanting to build their capability, Mr Spriggs said.
More information
Human error behind many NFP data breaches
Ten questions every board member needs to ask about cybersecurity
Damn Good Advice on Cyber Safety and Fraud Prevention
Why you need our free privacy policy (and download the template)