Technology for social justice

Alarming insights on the state of cyber security in the not-for-profit sector

Infoxchange is pleased to release the 2022 Digital Technology in the Not-for-Profit Sector report, which provides a comprehensive look at how not-for-profits across Australia and New Zealand are leveraging technology to achieve their mission.

Now in its seventh year, more than 600 not-for-profit organisations and social enterprises responded to the survey on topics including cyber security, IT spending, digital capability and skills, information systems, marketing, innovation and how they have adapted in response to the COVID-19 pandemic.

Given the recent increase in cyber-security breaches across Australia and the sensitive information held by many not-for-profits, the report has highlighted the need for immediate action by the not-for-profit sector to improve information security practices.

The report found that half of the organisations surveyed had no information security policies or any detailed response plan in place should their data be compromised. 

Speaking at the report’s launch, Assistant Minister for Competition, Charities and Treasury, Dr Andrew Leigh MP, commented that the report shows the risk of cyber-attacks on the not-for-profit sector.

“The Optus and Medibank data breaches have highlighted the risk all organisations face from cyber-attacks. The reality is that charities and not-for-profits are also vulnerable,” said Assistant Minister Leigh.

Infoxchange CEO David Spriggs said the sector needs to protect its data as a priority, especially given the frequency and seriousness of attacks in recent months.

“We must urgently address the significant shortcomings of the not-for-profit sector in relation to cyber security,” said Mr Spriggs.

"Too many organisations are falling behind in not having in place information security policies, staff training and even basic security measures like multi-factor authentication.”

Additional findings from the report include:

  • 53% of respondents don’t provide cyber-security awareness training to their staff, placing their data at greater risk of a security breach.
  • More than 1 in 3 organisations are yet to implement multi-factor authentication, a simple step to significantly improve information security.
  • Only 56% of respondents indicated their staff are confident using the technology and information systems required for their role.

Infoxchange encourages all not-for-profits, social enterprises and charitable organisations to download the report and assess their own technological capabilities.

For information on how you can improve the way your organisation utilises technology, head over to the Digital Transformation Hub.

Download the report

Keep up to date with the latest Infoxchange news