Are nonprofits vulnerable to cyber criminals with no help in sight?

In recent months, a significant rise in cybercrime has posed serious threats to nonprofit organizations in the United States. With cybercrime projected to cost companies an estimated $24 trillion by 2027, the urgency for protective measures has never been greater. Nonprofit organizations, particularly food banks and community services, often collect sensitive financial information and are traditionally less equipped to defend against sophisticated cyber threats compared to larger corporations. This vulnerability has drawn attention from researchers and local government officials alike, who aim to enhance the cybersecurity infrastructure available to these community-oriented organizations. A study conducted by Sarah Powazek at the Berkeley Center for Long-Term Cybersecurity surveyed 68 nonprofits to gain insights into their specific cybersecurity needs. The findings revealed a predominant concern regarding phishing attacks, business email compromise, and fraud targeting financial information. As these organizations operate with limited budgets, Powazek emphasizes the need for partnerships between local governments and nonprofits to fortify defense mechanisms against cybercriminals. With local governments often possessing better-funded cybersecurity teams, their collaboration can significantly alleviate the struggles nonprofits face in protecting sensitive data. Craig Newmark, the founder of Craigslist, has also taken an active role in supporting these initiatives as a major donor to the Berkeley Center. He has expressed the importance of creating a cyber-resilient environment, not just for nonprofits, but also for critical infrastructure such as water and power services. Newmark advocates for a well-structured response to the growing threat of cyber attacks, especially those sponsored by foreign adversaries. His commitment further underscores the urgency for communities to prioritize cybersecurity across various sectors, particularly where finances and data are at stake. Moreover, to address the pressing cybersecurity needs of nonprofits, researchers recommend establishing direct support systems, including live helplines and one-on-one consulting with cybersecurity professionals. Powazek notes that non-profit organizations could greatly benefit from networking events that link them with cybersecurity experts, making it easier for them to obtain grant money and resources for talent recruitment. Enhanced internship programs could also provide students with hands-on experience while assisting nonprofits in bolstering their cybersecurity measures. In summary, fostering collaboration between nonprofits and local government entities is essential in developing a robust defense strategy against cyber threats.