Social enterprises punch above their weight: report
Posted on 21 Nov 2024
A new report highlighting the economic and societal value of social enterprises has called for more…
Posted on 06 Sep 2023
By Greg Thom, journalist, Institute of Community Directors Australia
One in five Australian charities and not-for-profits fears that a cyber security attack would devastate their organisation, according to a new report.
The Australian Nonprofits State of the Sector 2023 report also revealed that 8% of survey participants admitted they had been affected by a cyber security incident in the past 12 months.
The disturbing findings come in the wake of the Pareto Phone data breach in which the personal details of more than 50,000 charity donors were released to the dark web by cyber hackers.
Among up to 70 charities affected were the Fred Hollows Foundation, Amnesty International, the Australian Conservation Foundation and the Cancer Council.
The Pareto breach comes as the Office of the Australian Information Commissioner (OAIC) released its latest Notafiable Data Breaches Report.
There were 409 data breaches reported to the OAIC in the six months to June 2023 with 42 per cent classified as cyber security incidents.
The sector report surveyed 830 organisations registered with the Australian Charities and Not-for-profits Commission on issues ranging from the impact of covid on fundraising to their level of digital competency and cyber security training and capabilities.
Key findings included:
The report also revealed that organisations with deductible gift recipient (DGR) status, which allows donors to claim tax breaks on their contributions, were twice as likely to have company giving partnerships as non-DGR charities.
The report, sponsored by social enterprise Little Phil and prepared on behalf of the Charity Research Centre Australia, includes input from experts from across the sector.
They include Professor Myles McGregor-Lowndes of the Australian Centre for Philanthropy and Nonprofit Studies at QUT; the director of the Centre for Public Value at the University of WA Business School, Professor David Gilchrist, and the CEO of technology-focused social enterprise Infoxchange, David Spriggs.
The report builds on insights from the 2020 State of the Industry Survey – Impacts of COVID-19 on Nonprofit Fundraising, but delves deeper into the sector’s digital and cyber security capabilities.
Researchers found the unprecedented challenges brought about by the pandemic highlighted the digital shortcomings of NFPs and charities.
“As the world rapidly embraces a digital-first approach, nonprofits without adequate digital capabilities face inherent risk,” the report’s authors said.
“These risks are further amplified for organisations lacking cybersecurity training and robust systems, leaving such parties as beneficiaries, employees, donors and sensitive information vulnerable to cyber criminals.”
The report described the responses to questions relating to cyber security threats as “alarming”, with 20 per cent of those surveyed agreeing a cyber attack would “completely devastate” their organisation.
Even though organisations feared the consequences of a cyber attack, there was a “worrying lack of cyber security training and resources available to nonprofit organisations.”
More than 80% of survey participants admitted to having had no recent cybersecurity training and 88% said they had devoted none of their budget to protecting themselves against cyber threats.
“This clarifies why many organisations have demonstrated what is perceived to be a low understanding of data handling privacy and what the potential impacts of a cyber security incident may have on their organisation,” the report found.
“As the world rapidly embraces a digital-first approach, nonprofits without adequate digital capabilities face inherent risk,”
Two out of three charitable organisations polled (64%) reported a decline in fundraising dollars coming in in the 12 months to June 30, 2023, compared to the previous financial year.
The report said factors ranging from the war in Ukraine to rising inflation and interest rate hikes had contributed to donors being more conservative in their giving, making fundraising challenging over the past year.
While 75.2% of charitable organisations in the 2020 report predicted covid would negatively affect their fundraising efforts, this fell to about 50% in the most recent study based on more solid evidence.
About 5% of survey participants, most likely health-related NFPs and those working in pandemic relief, reported that the impact of covid had helped increase their fundraising.
Charities’ and NFPs’ operations are expected to be carried out increasingly online, as fundraising, digital payments and government reporting systems all transition from analog systems.
Despite the pandemic ushering in a new era of working from home, two-thirds of survey participants said they were not concerned about potential cyber security and data privacy issues related to workers accessing systems remotely.
The report’s authors said the potential for cyber attacks to devastate NFP organisations and erode the trust of donors and beneficiaries who relied on their services was “significant.”
This could in turn lead to the exploitation of some of Australia’s most vulnerable citizens.
While company giving was identified as a growing segment of fundraising in Australia, 83 per cent of charities and NFPs reported having no company giving partnerships.
DGR-registered organisations were twice as likely to be in company giving partnerships as non-DGRs.
Researchers suggested this discrepancy could be attributed partly to a lack of resources that could be used to secure partnerships in smaller non-DGR organisations, and possibly tax incentives that encouraged more companies to give to DGR-endorsed charities.
Just 8% of survey participants said they already accepted cryptocurrency donations or would be happy to do so.
Researchers said this low number was unsurprising given the decline in value of the cryptocurrency market and negative media segment toward digital currencies.
The lack of training in cybersecurity and digital capabilities could also be contributing to a fear of accepting donations via emerging technologies and channels.
The report’s authors said the survey results demonstrated “a severe lack of training, knowledge and resources” to ensure NFPs were equipped to fundraise and operate in a digital world.
They made several recommendations to address that situation, including these:
Little Phil co-founder and CEO Josh Murchie said that data-driven decision-making was pivotal in driving positive change and that the report would be a vital resource for the not-for-profit sector.
"This research sheds light on the challenges and opportunities facing nonprofits in Australia, and it will undoubtedly serve as a valuable guide for organisations striving to make a positive impact in our society."
Download the Australian Nonprofits State of the Sector 2023 report