The breeding ground for data security breaches for Not-for-Profit organisations has become more fertile as we navigate our way through a post-pandemic world, where cyberattacks are no longer largely reserved for large corporations or government agencies. 

According to the 2021 Microsoft Digital Defence Report, NFPs are the second most cyber-targeted industry, with an alarming 70% of organisations in the sector having no vulnerability assessment in place to understand their risk exposure. 

So why have NFPs become such an appealing target? Largely it’s because of the amount of personal information they hold about their clients – data that cybercriminals value most as it provides them with an easy avenue to carry out identity theft. 

A lack of cyber security infrastructure is another reason hackers find NFPs so appealing. A report carried out by the Digital Technology in the Not-for-Profit Sector in Nov 2021, highlighted that 50% of 650 AU/NZ NFPs interviewed didn’t have Multi-factor Authentication (MFA)implemented or an effective organizational cyber security plan in place. 

These two factors alone have contributed to the ease with which cybercriminals can target NFPs in gaining access to their systems and networks. For these organisations, recovering from a security incident or data breach can take weeks or months of effort, cause reputational damage and impact revenue.

But not all hope is lost. With increased awareness and understanding that too much security is never enough, a growing number of NFPs are beginning to introduce data protection technologies and practices into their organizations. 

A resource for many NFPs over the past 12 months has been the team at Eziway Connect, who has worked closely with these organisations to improve their information security practices. 

Providing organisations in the NFP sector with a multi-layered approach to cyber security- from the network and endpoint to the cloud and beyond, is one of Eziway Connects key service offerings. 

As they work collaboratively with organisations, some tips, and best practices they encourage NFPS to implement include: 

• Use multi-factor authentication - One of the most effective ways to protect against unauthorised user access. MFA secures the environment, the people in it, and the devices they're using without requiring cumbersome resets or complicated policies.
• Understand the latest social engineering techniques: Phishing is still the most common method cyber attackers use to cause employees, even senior staff, to surrender sensitive information. Other methods include Scareware, Watering hole, whaling attack, Cache poisoning, Pretexting, Baiting and Physical breaches. 
• Promote organisation-wide awareness: Everyone in the business has a role to play and is responsible for security. Take the time to educate users on this fact and make security part of your culture.
• Make sure you install—and update—anti-virus software: Up-to-date anti-virus software should be installed on every machine within the organisation. Updated anti-virus software can help prevent malware from infecting a machine or network if a user clicks on an infected link. 
• Take advantage of the benefits of cloud providers - Most applications are now available in the cloud via providers that have the resources to keep your data secure.

Despite cybersecurity not being a new topic, the significant shift over the past few years of people working remotely as opposed to a secure office network, has added to the increase of cyber security incidents. 

Now more so than ever, NFPs need to stay up to date with the rapidly changing landscape of cybersecurity. As a trusted partner, Eziway Connect will work with you to ensure your IT infrastructure is secure, scalable, and well supported to keep your business connected and safe 24/7.

Visit eziwayconnect.com.au/ to learn more.

AUTHOR

Bertha Conde | Eziway Group

T 03 8768 5777

E bertha@eziway.net.au