Non-profits may have tight budgets, but a child-and-family-services charity is showing that big-time cybersecurity services can still be within reach …

In Australia, the charity sector accounts for some 10.5% of the workforce. With increased risks from cybercriminals eyeing the sector’s sensitive data and donation coffers, as well as the industry’s limited resources to boost cyber protection amid ongoing digital transformation, a clear and present challenge needs to be addressed in the country.

One organization — the not-for-profit Child & Family Services Ballarat (Cafs) — has forged ahead to invest in developing cyber threat intelligence capabilities such as real-time endpoint detection and response (EDR), and the ability to correlate intel from multiple sources.

Cafs’ cybersecurity and infrastructure specialist, Chris Hunter, said: “We have a small ICT team, so we rely on external partners to help deliver certain functions and capabilities, particularly when specialist skill sets are involved,” referring to organization’s desire to embrace AI and automation in addition to boosting its cybersecurity posture. “We know these technologies can make service delivery better and easier, but you need to have the right foundations to support all the data, and they need to be secure,” he said.

Small non-profit, big cyber accessibility

The non-profit has signed up with a cyber platform that will set the tone for other charity organizations in the country to sync by. This is because small charities need not be restricted in their access to cybersecurity products and services

Small charities like Cafs need not be limited in their access to cybersecurity products and resources if they find the right technology partner or sponsor.

In Cafs’ case, they found a cyber platform that is supportive of non-profits, and willing to help. The platform incorporates a cloud-native security incident and event management (SIEM) function, AI and predictive security/threat modelling, EDR, and access to more than 200 NV1, government data security-cleared personnel for mission-critical support.

According to Naran McClung, Head of Azure, Macquarie Cloud Services, the firm engaged by Cafs, the  Microsoft-centric cyber platform “accelerates response and automatic disruption of attacks such as ransomware. This establishes a cohesive set of security tools and governance while facilitating a Zero Trust framework architecture throughout the environment. Cafs is setting the bar for what secure (and secure planning), looks like for an organization in this sector. There’s a common misconception that the tools and systems it has in place are only within the reach of large enterprises and government agencies — which couldn’t be further from the truth. The key is to find a trusted, communicative, and flexible partner to take you on that journey.”