Australian NFPs gain critical cyber defence uplift as threats target charitable sector

Wednesday, 24 September 2023

Australian NFPs gain critical cyber defence uplift as threats target charitable sector

With only one in five not-for-profits (NFPs) regularly conducting cybersecurity awareness training, PwC Australia and leading technology social enterprise, Infoxchange, are joining forces to run interactive programs to simulate a cyber-attack scenario.

This first-of-its-kind cyber simulation for NFPs is part of a wider digital uplift program which is significantly enhancing the sector's cyber defences and awareness. More than 9,500 NFPs accessed critical support resources via Infoxchange's Digital Transformation Hub in 2024 and learning program participants reported a 26% digital skills uplift.

Infoxchange's 2024 Digital Technology in the Not-For-Profit Sector report revealed that many NFPs still lack the necessary protections, and improving data and cyber security practices were among the top three priorities for the sector1. Budget and funding remained the highest overall technology challenges for NFPs (61%). In addition, PwC's Global Threat Intelligence team found a 59% increase in ransomware events across the NFP sector this calendar year alone.

Now in its fifth year, the joint initiative aims to protect sensitive data and to build critical digital resilience in the charitable sector each year, addressing an urgent need.

PwC Australia Cybersecurity and Privacy Partner Chris Davis said that in an era marked by rapid AI transformation, NFPs are facing unique challenges and need the critical support to adapt and protect their organisations.

"With cybercriminals now using AI to create more sophisticated attacks, our collaboration with Infoxchange ensures Australia's charitable sector has the knowledge and tools to defend the sensitive community data they're entrusted to protect.

"We know cybercrime in Australia is increasing and AI cyber-attacks have largely focused on enabling quicker development of phishing emails and websites. A key focus of the program is to advance the use of ethical and inclusive technologies and help NFPs with continuous digital upskilling. This is part of our focus on responsible technology and provides NFPs with the resources they need to ward against increasingly sophisticated threat actors," Mr Davis said.

The session involved an immersive cyber experience, placing NFPs on both the attacker and defender side of a mock cyber breach, helping to improve their cyber awareness and preparedness skills, which coincides with heightened regulator obligations and expectations.

PwC's cybersecurity experts coach participants through realistic scenarios with different types of threat actors and their preferred methodologies to better prevent, detect and respond to an attack, helping NFPs understand how cyber threats unfold and what decisions matter during a breach.

CEO of Infoxchange, David Spriggs, said the tools and knowledge provided by the initiative will transform operations across the sector.

"This program provides NFPs with the expert knowledge and practical tools they desperately need - not just to defend against cybercrime, but to embrace digital transformation responsibly so they can focus on helping the communities they serve to thrive.

"Our focus is to help even more NFPs through immersive experiences, cybersecurity upskilling webinars and other resources and tools accessible by the NFP sector on Infoxchange's Digital Transformation Hub, so they can confidently navigate the evolving cyber threat landscape."

For NFP guides and resources on cyber security and other technology topics, visit the Digital Transformation Hub.