skip to Main Content
Cyber Risk For Nonprofits

Nonprofits and Cyberattacks: Key Stats That Boards Need to Know


Are you managing your nonprofit’s cyber risk? Do you know the true costs of cyberattacks to your nonprofit if it happens?

We have put together some statistics and figures about cyber risk, ransomware, and attacks on nonprofits in our latest infographic.

The nonprofit and charity sector plays a critical role in providing assistance to the most vulnerable individuals in our society. Nonprofits demonstrate tireless dedication and ingenuity in their efforts to support beneficiaries, even in the face of significant challenges.

The impact of cyberattacks on the services, funds or confidential information of charities cannot be underestimated. Such attacks have the potential to cause severe financial and reputational damage, and they may also jeopardize the well-being of the vulnerable individuals who rely on your nonprofit for support.

With the increasing adoption of online services and digital fundraising by nonprofit and charitable organizations, the potential for cyberattacks has also increased.

infographic cyber risk nonprofits

Download the infographic in shareable formats, pdf, jpg and ppt here.


The Number of Ransomware Attacks Is Rising

Ransomware attacks are on the increase with huge impacts. In 2021, 50% of NGOs reported being targeted by a cyberattack.

Among the most prominent recent attacks include:

  • An attack on the servers of the International Committee of the Red Cross in September 2022 which resulted in 500,000 personal data and confidential information records being compromised.
  • A data breach against Broward Health of California, a nonprofit organization that manages health care in Florida in January 2022 affecting 1.35M private data records including social security numbers.

Nonprofits Are Unprepared Against Cyberattacks

NGOs and nonprofits raised $30 billion in funds each year. They often don’t have the necessary security measures in place, making them attractive to hackers.

9 out of 10 organizations do not train staff regularly on cybersecurity while 3 out of 4 organizations do not monitor their networks. Surprisingly, 4 out of 5 organizations do not have any cybersecurity plan.

“Staying ahead of [cyber risk] really comes down to you as a board members knowing the right questions to ask.” – Brian Stafford, President and CEO Diligent

Other Impacts on Nonprofit Operations from Cyberattacks

The average length of interruption after ransomware attacks on organizations in the United States in 2021 was 22 days.

A range of cyber incidents from data breaches to takeover of websites can plague nonprofits. Consequences are significant and costly, including:

  • Identity theft
  • Reputation harm/loss
  • Precious funds have to be used to recover data
  • Spreading of politically motivated messages or malicious information
  • Holding the organization to scrutiny because of identified vulnerabilities in its cybersecurity
  • Disruption in the ability to carry out activities
  • Exposing sensitive data on donors and stakeholders

Governance Technology Helps Nonprofit Boards Establish a Sound Cybersecurity Framework

Governance technology helps boards protect sensitive client and donor data, as well as prevent, mitigate, and respond to cybersecurity threats.

Governance technology brings in a sound cybersecurity framework that provides:

  • Controls to limit 3rd party access
  • User-based permissions to protect sensitive information
  • Robust data encryption to secure board communication
  • The tools enable new board members to get up to speed quickly on cybersecurity policies

Alongside using governance technology, nonprofit boards should:

  1. Conduct regular security audits and training on cybersecurity
  2. Follow good practice in data management
  3. Have an emergency preparedness plan
  4. Have a clear vision of who-does-what after a breach

See how BoardEffect, a Diligent Brand, can help strengthen your charity or nonprofit’s cyber resilience. Request a demo today.


Jill Holtz

Jill is a Content Strategy Manager at Diligent. Her strategy background and content expertise working across a variety of sectors, including education, non-profit and with local government partners, allows her to provide unique insights for organizations looking to achieve modern governance.

Back To Top
PHP Code Snippets Powered By :