Australian NFP sector's digital capabilities & cybersecurity under threat
A recent digital technology report has highlighted serious digital capabilities challenges faced by the Australian not-for-profit (NFP) sector, a sector responsible for employing over 1.4 million locals backed by 3.2 million volunteers and generating an annual revenue exceeding $190 billion.
The comprehensive Infoxchange's Digital Technology in the Not-for-Profit Sector report, the largest of its kind, profoundly unveils the digital unpreparedness of many NFPs to meet the increasing service demands, while also shining a spotlight on their cybersecurity vulnerability.
More than 1,000 NFP organisations provided feedback for the survey, many of which operate on the frontline, addressing issues such as homelessness, family violence, disaster relief and disability among others, serving Australia's most needy. These organisations are reportedly struggling to keep pace with the digital demands of their community services.
The inadequate digital infrastructure of these NFPs limits their ability to track and analyse the effectiveness of their services. Disturbingly, cybersecurity was identified as a notable weakness within the sector. The study suggested that many NFPs prioritise frontline service provision over the protection of sensitive information and, as such, many house significant data vulnerabilities.
Alarming statistics from the report highlight that only 23% of NFPs surveyed had processes in place for information security and a mere 39% had adopted multi-factor authentication for systems containing sensitive information. Only 13% reported having a clearly documented plan for cybersecurity improvements and just 12% conduct regular cybersecurity awareness training. It was found that only one in five NFPs have an operational cybersecurity policy.
This digital and cybersecurity oversight within the sector poses a significant threat, potentially leading to security breaches, data loss and severe reputational damage and a subsequent decrease in trust among donors and sponsors.
The importance of this issue has been underlined by the Albanese Government's recent call-out for ideas to boost capabilities within a Not-for-Profit Sector Development Blueprint. In a climate of rising cost-of-living, demand on frontline staff has notably increased. To adequately respond, effective digitisation and robust digital protections are now deemed essential.
This concern was further emphasised by the recent collapse of Pareto Phone telemarketer, following a significant cybersecurity breach that impacted several NFPs, a stark reminder of the risk posed by weak security defences.
The report has been released at the same time as the Community Council of Australia making appeals to the Prime Minister, drawing attention to the cybersecurity risks facing Australian charities. Unlike businesses, charities tend to use all available funds on serving their communities, and therefore struggle to allocate enough resources to strengthen cybersecurity.
David Spriggs, CEO of Infoxchange, reinforced the urgency of building the sector's digital capabilities, citing that as Australians face an ongoing cost-of-living squeeze, charities and locally active organisations are dealing with record demand.
The report could prompt a drive to improve digital understanding, protocols, and protections within the critical sector, ensuring that NFPs can continue to provide important support to Australia's most deserving citizens, while safeguarding their sensitive data.