In a recent article examining nonprofit cybersecurity, Sajit Joseph, Chief Digital and Transformation Officer at Tides, shared that:
The nonprofit sector is the 2nd most targeted for cyberattacks;
70% of nonprofits report not having incident response capabilities in case of a cyberattack, and
41% of nonprofits report being victims of cyberattacks within the past three years.
These statistics underscore a critical issue in the nonprofit sector: the urgent need for overhead and operational funding. Cybersecurity, in particular, is a perfect example of an operational necessity that is often overlooked and underfunded.
When donors and funders prioritize program-specific funding, they unintentionally create significant gaps in an organization's ability to achieve its mission. Operations—including cybersecurity, staff development, and technology—are the foundation that enables nonprofits to execute their programs effectively. Without these investments, nonprofits become vulnerable, lacking the resources to safeguard sensitive data and secure their digital infrastructure.
Nonprofit cybersecurity is a social justice issue. - Sajit Joseph
Cybersecurity is not a luxury but a fundamental component of operational health. A lack of investment in this area exposes nonprofits to data breaches that can compromise the privacy of donors, clients, and stakeholders, potentially causing irreversible damage to the relationships they've cultivated over years of work. Trust is the currency nonprofits rely on, and one major breach can dismantle an organization's reputation, causing lasting harm to its mission and community relationships.
From a broader perspective, neglecting operational investments leaves nonprofits less prepared to respond to evolving cyber threats. Threats are becoming more sophisticated, and organizations that don't have the resources to keep up with these changes face the potential of financial losses and legal consequences—all of which can severely limit their ability to deliver services to the communities they serve.
But this challenge also presents an opportunity. Donors can help grow operational capacity by investing in cybersecurity, staff training, and the technology required to maintain a secure and efficient organization. These investments do more than keep the lights on; they protect the core infrastructure that enables nonprofits to drive long-term change and confidently deliver services. By supporting general operating costs, funders empower nonprofits to scale, innovate, and improve the effectiveness of their programs.
Operational strength protects an organization from potential disruptions and enables it to thrive, expand, and take on new challenges without the looming threat of a security breach or operational failure. As we rethink what it means to support nonprofits, it's important to recognize that operational strength is at the heart of meaningful, long-lasting impact. Donors who embrace this approach to funding can help create resilient organizations that serve their communities and protect the critical assets that make their work possible. In doing so, they ensure that the mission—and the trust at the core of it—are protected.
Comments