Not-for-Profit Sector Response to Australian Government Cyber Security Announcement
The Australian Government announces the 2023-2030 Australian Cyber Security Strategy
22 November 2023
The Australian Government has today announced the 2023-2030 Australian Cyber Security Strategy outlining how the government would aim to protect national infrastructure, individuals and businesses from cyber-attacks.
More than $586 million will be invested in the plan to fund cyber awareness programs and build better-protected infrastructure.
The news comes following the Australian Signals Directorate (ASD) issued a strong warning this week that Australia’s critical infrastructure is under regular attack following the forced shutdown of a major ports company after detecting unauthorised access on its network, just after the ASD released its annual cyber threat report revealing malicious attacks continue to rise in severity compared to 2022.
This week, Cyber Security Minister Clare O’Neil also announced that the government plans to boost cybersecurity among 2.5 million small businesses to help defend against criminal groups exploiting their networks.
Infoxchange welcomes this advancement in protection for small businesses and strongly recommends this support be expanded to the not-for-profit sector - which is responsible for employing more than 1.4 million people, and contributes a total revenue of $190B to the Australian GDP while caring for some of Australia’s most vulnerable community members.
The report states, “The Government will empower community organisations to deliver tailored cyber awareness campaigns to diverse groups, funded by a community grant program. This program will allow local community leaders to tailor cyber awareness campaigns to the unique needs of diverse cohorts – such as remote and regional communities, culturally and linguistically diverse groups, First Nations communities, young people, seniors, people with disability and neuro-diverse people. Through this program, the Government will collaborate with community leaders to develop bespoke strategies and materials to more effectively engage these groups”.
Infoxchange welcomes this announcement but also highlights the need for enhanced protection for community organisations themselves.
“The not-for-profit sector is best placed to deliver education to vulnerable community members on cyber security, but it is under enormous strain. It is critical that government works hand-in-hand with social sector organisations and charities to strengthen the sector’s infrastructure as well as provide support to Australia’s most vulnerable communities,” says Infoxchange CEO, David Spriggs.
Digital Technology Report Finds NFP Sector Highly Vulnerable to Cyber Attacks
Infoxchange’s 2023 Digital Technology in the Not-for-Profit Sector Report - a yearly review of the digital and cyber security capabilities of the NFP sector, released last week - found alarming insights into the vulnerability across NFP organisations of all sizes.
The report surveyed more than 1,000 NFP organisations and found that:
-
1 in 8 organisations admitted to experiencing a cyber security incident or breach
-
Only 13% of organisations agree they have a clearly documented plan “to improve cyber security protection
-
Only 19% have an information security policy outlining how they protect their information
-
Only 12% provide regular cyber security awareness training for staff
Full findings of the report, as well as an invitation to our upcoming webinar discussing the findings that will be taking place on the 1st of December 2023, can be found here.
“The Australian not-for-profit sector is under greater pressure to support the Australians who are bearing the brunt of the cost-of-living crisis,” shared Infoxchange CEO David Spriggs.
“Our report found concerning trends about the sector’s ability to measure impact and found critical technological barriers preventing stronger outcomes for the communities who need it most.”
The report also found that not-for-profits and charities are increasingly struggling to respond to the rising demand of human support on the frontline, and many NFPs put every dollar they can towards the communities they aim to help. This leaves under-supported and under-resourced organisations de-prioritising digital security, putting information security and sensitive data at risk.
A recent report from The Guardian identified that search data from Infoxchange’s Ask Izzy directory – the country’s largest online directory for help with food, rent and mental health – has soared.
“The past year has highlighted that all organisations are vulnerable to hacking and having their systems compromised,” shared Assistant Minister Andrew Leigh. “Given how important donations are to charities – ensuring that donor data and privacy isn’t compromised is obviously a top priority for the sector.”
The under-funded sector requires additional support to ensure organisations are equipped with the infrastructure and skills to adequately protect valuable information. Without this support, the stability of these organisations is at risk – evident in the recent collapse of telemarketer Pareto Phone.
By strengthening the digital capabilities of the sector, we will strengthen Australia’s most vulnerable communities.
We encourage consideration of focused support for the not-for-profit sector akin to the 2.5 million small businesses of Australia.