Washington nonprofits provide critical services to residents across the state, from housing and food assistance to youth, health and social services. But a new CyberCAN Washington report shows many of those organizations face significant cybersecurity risks with limited resources to defend against them.
The report was released April 17 during the WA Nonprofit Cyber Forum: Research and Resources, a half-day hybrid event at Seattle City Hall hosted by the UC Berkeley Center for Long-Term Cybersecurity, the City of Seattle and Washington Technology Solutions (WaTech).
The event brought together nonprofit, local government and state government partners to discuss the cybersecurity resource gap and connect nonprofits with practical support.
“It was very eye opening for me to see how nonprofits struggled with technology in general,” said WaTech Director and State CIO Bill Kehoe, who described working with Seattle and King County nonprofits during his tenure as King County CIO for nearly eight years.
Kehoe noted the difficulty nonprofits experience trying to navigate the cybersecurity landscape, and emphasized the City of Seattle and the state’s commitment to partnering with the nonprofit community to address those challenges.
CyberCAN Washington surveyed 100 Washington nonprofits and found that nearly 4 in 5 had experienced at least one cyberattack in the past three years. Email-based attacks, including phishing and business email compromise, were the most common. The research also found that many nonprofits lack incident response plans, cybersecurity insurance or dedicated technology staff; 64% reported having no full-time IT or cybersecurity staff member.
“I look at nonprofits as an extension of us in government, we serve the same residents,” said Kehoe, addressing the audience of nonprofits and government partners. “These are critical services: These are health services, these are youth services, and we desperately need you to be successful,” he said.
The forum also featured a cybersecurity resource fair connecting nonprofits with cyber volunteer programs, nonprofit-focused managed service providers and free or pro-bono assistance. Speakers included Kehoe, Seattle City Council President Joy Hollingsworth, Seattle Chief Information Security Officer Jake Hammock and Yakima County Human Services Director Esther Magasis.