Safeguarding the Heart of Giving: Cyber Security for Charities and Not-For-Profits

In today’s interconnected world, where digital transformation has become the norm, cyber security is no longer just a concern for big corporations or government entities.

Charities and not-for-profit organisations in Australia are also prime targets for cyber threats. These organisations, often driven by altruistic missions, handle sensitive data such as donor information, financial records, and beneficiary details.

Your Web Presence has helped establish and maintain the online presence of a number of charities or not-for-profit organisations.

We know that as stewards of trust and goodwill, it is imperative for these organisations to prioritise cyber security to safeguard their operations and protect the interests of their supporters and beneficiaries.

Laptop with cyber security password warning

Understanding the Landscape of Cyber Threats

Cyber threats for charities and not-for-profits are on the rise.

In the 2022-23 financial year, Australian Signals Directorate received nearly 94,000 cybercrime reports.

This averages to one report every 6 minutes!

The key cyber threats include;

  • Phishing attacks – Cyber criminals will impersonate an individual or organisation using emails or messages. They will try to trick the recipient into sharing sensitive information or downloading malicious software.
  • Business Email Compromise – when a cyber criminal pretends to be someone who represents a company. They may do this by using hacked email accounts or creating domain names that look real. Usually, the goal is to trick victims into sending funds to a bank account they control.
  • Ransomware – When cyber criminals lock or encrypt your files so you can no longer access them. They can demand a ransom, usually in the form of cryptocurrency, to restore access to the files. They may also threaten to publish or sell data online, unless you pay the ransom.

The consequences of these threats can be severe. They can impact the organisation’s reputation, financial stability, data, and ability to carry out its mission effectively, causing harm to the communities they serve.

Regulatory Framework and Compliance Standards

Navigating the regulatory landscape is essential for ensuring compliance with laws and standards governing cyber security.

In Australia, organisations must adhere to regulations such as the Notifiable Data Breaches (NDB) scheme and the Australian Privacy Principles (APPs).

Organisations must also adhere to the Australian Charities and Not-for-Profits Commission (ACNC) Governance Standards.

Australian Charities and Not-for-Profits Commission logo

Unique Challenges Faced by Charities and Not-for-Profits

Limited budgets and resources pose significant challenges for charities and not-for-profits in implementing comprehensive cyber security measures. Additionally, reliance on volunteers and staff members who may lack adequate training in cyber security exacerbates the risk profile of these organisations.

Implementing Best Practices for Cyber Security

Australian Signals Directorate and Australian Cyber Security Centre Logo

Despite resource constraints, there are practical steps that charities and not-for-profits can take to enhance their cyber security posture.

These tips have been provided by the Australian Cyber Security Centre (ACSC):

  • Turn on multi-factor authentication where possible.
  • Check automatic updates are on and install updates as soon as possible.
  • Back up important files and device configurations often. Test your backups on a regular basis.
  • Use a reputable password manager to create strong, unique passwords or passphrases for your accounts.
  • Provide cyber security training, particularly on how to recognise scams and phishing attempts.
  • Use access controls and review them often so staff can only access what they need for their duties. This will reduce potential damage caused by malware or unauthorised access to systems.
  • Use only reputable and secure cloud services and managed service providers.
  • Test cyber security detection, incident response, business continuity and disaster recovery plans often.
  • Review the cyber security posture of remote workers and connections. Make sure staff are aware of secure ways to work remotely such as not accessing sensitive information in public.
  • Use secure online donation platforms and payment processing systems. Ensure your platform is secured to protect donor information and financial transactions. Using reputable third-party payment processors and implementing secure encryption protocols are critical steps in safeguarding online donations.
  • Report a cybercrime, incident or vulnerability to protect yourself from further harm.
  • Join ASD’s Cyber Security Partnership Program as a business or network partner. This free program provides advice and insights on the cyber security landscape.

The Importance of Collaboration and Partnerships

Collaborating with other organisations, government agencies, and cyber security experts is essential for sharing information and resources to combat cyber threats effectively.

We strongly recommend becoming a partner in the Australian Signals Directorate’s Cyber Security Partnership Program. Their program enables Australian organisations and individuals to engage with the ASD’s Australian Cyber Security Centre and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Person sitting on a padlock holding a password for cyber security

Embracing Continuous Cyber Security Improvement

Cyber security is an ongoing process that requires continuous monitoring, evaluation, and improvement. Staying informed about emerging threats and technologies enables organisations to adapt and strengthen their cyber security defences over time.

Cyber security is not a luxury but a necessity for charities and not-for-profit organisations in Australia.

By prioritising cyber security and implementing best practices, these organisations can safeguard the heart of giving, protecting their supporters, beneficiaries, and missions from the ever-evolving landscape of cyber threats.

Australian Government Cyber Safety Resources for Charities and Not-For-Profit Organisations

We make huge efforts to ensure that our data is stored locally, in Australia, and our security measures are constantly being checked, updated or changed to ensure our clients can continue their work while remaining safe and protected online.

If you’re concerned about the security measures that your organisation has in place online, please get in touch with us.

How confident are you that your business/organisation is protected from cyber threats? What’s your top tip or a great resources you can pass on? Leave a comment below.

Leave a comment

Business Details

Your Web Presence
PO Box 254, Hall,
ACT 2618 Australia
Phone + 61 412239144
ABN: 16 124 890 071

Connect

Subscribe

Join our email list to receive the latest updates.

Your Web Presence