Almost 20 percent of Australian not-for-profit organisations reported a cyber security breach last year, with social service groups the hardest hit.
The Australian Institute of Company Directors’ (AICD) latest Not-for-Profit (NFP) Governance and Performance Study revealed the sector was facing significant challenges in understanding and managing cyber security risks, as well as exploring and anticipating the potential opportunities and threats of utilising artificial intelligence (AI).
AICD Not-For-Profit Lead Phil Butler said 19 percent of organisations reported experiencing a cyber security breach in the past year, with the highest incident rates in social services (25 percent), health and residential aged care (22 percent), and education (21 percent).
“The rising threat of cyberattacks, especially for organisations handling sensitive client data, remains a significant concern that demands continuous attention from boards,” Mr Butler said.
“As the risks associated with climate change, cyber threats, and AI continue to evolve, it’s crucial for NFP directors to foster a proactive governance culture that addresses these challenges head-on.”
He said while AI adoption remained in its early stages, with less than 10 percent using AI regularly, three-quarters (75 percent) of directors saw AI’s potential to improve productivity, while 62 percent believed it could enhance client services.
“This year’s study also revealed that while 74 percent of NFP directors discussed environmental, social, and governance (ESG) issues annually, more than half of boards (55 percent) have yet to take any steps to address climate-related risks and opportunities.”
Mr Butler said despite ongoing challenges, three-quarters of directors stated that their organisation was effective in achieving its purpose.
Explore the report: Not-for-Profit Governance and Performance Study 2025.
