Skip to main content
View cart (0 items)My Account Join NCOSS

Keeping digital systems and data secure is an increasing concern for social service organisations.  

NCOSS teamed up with WorkVentures to assess the cyber security of 14 not-for-profit community sector organisations. This project found good intentions but limited resources and a relatively low level of cyber security maturity – you can read the project report here. 

WorkVentures and NCOSS have collaborated on a webinar to build the sector’s understanding of how to protect against cyber threats. You can watch the video here. 

Strengthening your organisation’s cyber security 

A range of Cyber Security Resources are available to help organisations enhance understanding  of cyber risks and  protect against attacks. 

Your organisational approach needs to be tailored as cyber security risks will vary significantly. A tailored approach may include having conversations internally about your IT systems, management of cyber security risks and consulting a suitable provider about your organisation’s risks and options. 

Foundational, low-cost actions organisations can take to bolster their cyber security: include:  

  • enforcement of long and unique passphrases 
  • multifactor authentication 
  • cyber security awareness training 
  • regular application and operating system updates, and  
  • backups of critical data.  

However, more complex ongoing challenges require actions such as vulnerability scanning and penetration testing, the establishment of a robust incident response plan and procedure, and third-party risk management.  

Many social service organisations don’t currently have the resources or capacity to implement such steps, and NCOSS has called on the NSW Government to support a program of cyber security assessments and increased core funding so organisations can implement more effective cyber security controls.  

Cyber Security Resources  

Digital NSW

The Cyber Security Resources page from Digital NSW – a NSW Government body - provides guidance to NSW government agencies and related organisations on strengthening cyber resilience. It supports the implementation of the NSW Cyber Security Policy and broader digital security initiatives. 

NSW Department of Communities and Justice (DCJ)

DCJ assists -contracted service providers in understanding and fulfilling their responsibilities related to privacy, data protection, and information security by providing resources and links to useful tools. This information emphasises the importance of safeguarding both electronic and physical data and outlines procedures for notifying DCJ of any actual or suspected information security incidents. 

Australian Charities and Not for Profits Commission (ACNC)

ACNC developed a Governance Toolkit on cyber security, using advice from the Australian Signals Directorate, outlining legal obligations of charities, and how they can manage the risks of cyber-attacks. The toolkit includes a few simple tools such as a cyber security governance checklist, an information asset register template and a data breach planning template.  

Justice Connect (Not for Profit Law) 

Provides essential guidance for Australian not-for-profit organisations on safeguarding personal and sensitive information against cyber threats. 

The Center for Internet Security

The Center for Internet Security (CIS) is a US organisation which plays a pivotal role in the global cybersecurity landscape by providing  practical, consensus-based resources for organisations to enhance their cyber security .  

Australian Signals Directorate

The Australian Signals Directorate, formerly the Defence Signals Directorate, is a statutory agency of the Government of Australia responsible for signals intelligence, providing intelligence support to Australian military operations, conducting cyberwarfare and ensuring information security.

The website cyber.gov.au is the official online platform of the Australian Cyber Security Centre (ACSC), a division of the Australian Signals Directorate (ASD). It serves as the central hub for cybersecurity information, resources, and incident reporting in Australia. Cyber.gov.au functions as Australia's authoritative source for cybersecurity information and support. It empowers individuals, businesses, and government entities with the knowledge and tools necessary to protect against cyber threats, fostering a more secure digital environment nationwide.

Cyber.gov.au has a range of resources for various audiences including: