WASHINGTON May 1, 2024 – The Cyber Threat Alliance (CTA) today announced the publication of its 2024 Cyber Threats to NGOs Joint Analytic Report (JAR), which serves as a call to action, comprehensive resource, and testament to industry leader collaboration.

Amid the unique challenges facing NGOs – which, due to their involvement in sensitive political, governmental, and humanitarian areas, are exposed to a wider and more complex range of cyber threats than many commercial and governmental entities – the report outlines prevalent threats, suggests remediation strategies, and provides guidance on enhancing nonprofit cybersecurity posture.

Designed to serve as a catalyst for cultural transformation within organizations and showcase how NGOs can effectively evolve their cybersecurity posture, the report was developed through CTA’s Cyber Threats to NGOs Working Group, composed of leaders from Cisco Talos, CyberPeace Institute, Defending Digital Campaigns, Fortinet, Granitt, NetHope, NGO-ISAC, Rapid7, RoundTable, Symantec by Broadcom, Unit 42 Palo Alto Networks, and the UC Berkeley Center for Long-Term Cybersecurity (CLTC).

“The 2024 Cyber Threats to NGOs report is a great example of how CTA carries out its mission to raise the level of cybersecurity across the global digital ecosystem. We leverage our unique combination of members and partners to address less well-known cybersecurity issues,” said Michael Daniel, President and CEO of the Cyber Threat Alliance. “Millions of people around the world depend on the important work being done by NGOs, and we hope this report enables both NGOs and their funders to take on their cybersecurity challenges more effectively.”

Highlights from the report include:

  • NGOs as Targets: With limited resources, often large distributed networks serving vulnerable populations, and involvement in sensitive political, governmental, and humanitarian areas, NGOs are attractive targets to common cyber criminals, but also nation-state and hacktivist threat actors.
  • Top Pain Points: The top cyber threats to NGOs include financial theft, espionage, disinformation, and operational disruptions, with threat actors taking advantage of technical and social vulnerabilities such as fake websites, business email compromise, commercial and mercenary spyware, misinformation campaigns, social engineering, ransomware, and denial of service.
  • The Cybersecurity Fundamentals: The first four steps for an NGO beginning its journey are changing the mindset, managing cybersecurity proactively, contracting with a managed security service provider, and implementing five key cybersecurity controls – a password manager, multifactor authentication, automatic software updates, link filtering tool, and regular backups.
  • Emerging Vulnerabilities: Although not yet widespread, emerging technologies such as artificial intelligence (AI) and deepfakes will heighten NGOs’ financial vulnerabilities.
  • Board and Executive Responsibilities: Boards should oversee cyber risk while executives should manage cyber risk. Boards must ask the right questions, approve the overall level of risk, and hold executives accountable for cybersecurity implementation, while executives should provide the board with a cyber risk assessment, explain how cybersecurity supports the organization’s mission, identify and track appropriate cyber metrics, allocate adequate resources, and implement the cybersecurity measures.

The report contains key information and guidance for those in NGO leadership and cybersecurity, and can be accessed and downloaded in full here: 2024 Cyber Threats to NGOs

About the Cyber Threat Alliance (CTA) Cyber Threats to NGOs Working Committee

Members of the Cyber Threats to NGOs Working Committee includes Nick Biasini of Cisco Talos; Adrien Ogee, Alexandru Lazar, Stéphane Duguin of CyberPeace Institute; Defending Digital Campaigns; Val Saengphaibul of Fortinet; Runa Sandvik of Granitt; James Eaton-Lee, Dianna Langley of NetHope; Ben Johnson, Frank McGothigan of NGO-ISAC; Martin McKeay of Rapid7; Karim Beldjilali of RoundTable; Scott Swett and Brian Ewell of Symantec by Broadcom; Amer Elsad of Unit 42 Palo Alto Networks; Sarah Powazek of UC Berkeley Center for Long-Term Cybersecutrity (CLTC); and Chelsea Conard, Michael Daniel, Kate Holseberg, Jeannette Jarvis, Linda Leithiser-Mor of Cyber Threat Alliance (CTA).

About the Cyber Threat Alliance (CTA)

CTA was founded by Check Point Software Technologies Ltd., Cisco, Fortinet, McAfee, Palo Alto Networks, and Symantec, Enterprise Division of Broadcom. Membership also includes AT&T Alien Labs, Brandefense, CUJO AI, CyberCX, Gen, Juniper Networks, K7 Computing, Maltiverse, NEC Corporation, Nozomi Networks, NTT, OneFirewall, Outpost 24, Panda Security (WatchGuard), Penta Security, Rapid7, Red Piranha, ReversingLabs, SANDS Lab, Scitum, SecureBrain (Hitachi), SecurityScorecard, SK shieldus, SonicWall, Sophos, TEHTRIS, Telefónica Tech, and Yoroi.

CTA is the industry’s first formally organized nonprofit group of cybersecurity practitioners that work together in good faith to share threat information and improve global defenses against advanced cyber adversaries. CTA’s mission is to facilitate the sharing of actionable intelligence and situational awareness about sophisticated cyber threats to improve its members’ cyber defenses, more effectively disrupt malicious cyber actors around the world and raise the level of cybersecurity throughout the Internet and cyberspace. The alliance is continuing to grow on a global basis, enriching both the quantity and quality of the information that is being shared across the platform. CTA is actively recruiting additional regional players to enhance information sharing to enable a more secure future for all. 

Back to News