Study shows inadequate support from foundations for nonprofit technology

Written By Karen Graham

With remote and hybrid work here to stay, and cybersecurity attacks only becoming more frequent, we should all be concerned about protecting our organizations. But it requires investment and expertise to prevent a security breach and respond appropriately when one does happen.

A few days ago I got a sneak preview of data from the 2023 State of Philanthropy Tech survey, conducted by the Technology Association of Grantmakers, with additional data analysis done by my organization, Tech Impact. (I share a few details here with permission from TAG.)

The data revealed that while grantmaking organizations are making a steady investment in their own cybersecurity tools and training, they are providing relatively little support to grantees. My heart sank when I saw this data.

We saw that on average, 36% of foundations surveyed provide technical assistance and training to grantees. Government grantmakers bucked the trend, with 73% providing this kind of support. But among private and family foundations surveyed, just 32-33% provided support. The numbers looked similar when it came to providing technology and tools for grantees.

Why is this a problem?

I believe we’re setting nonprofits up to fail if we don’t provide robust support for their technology, including cybersecurity. If foundations want to protect their investments in programs, they need to address the security and business continuity risks that could abruptly shut a program down and cause irreparable harm to program participants.

And it’s not only for the sake of nonprofits and the communities they serve—grantees are also part of the attack surface of their funders. Bad actors, having gained control of grantee IT systems or credentials, could worm their way into grantmakers’ systems via grant portals or other shared technology infrastructure.

Failure to support grantees with technical assistance and tool funding, especially for cybersecurity, puts both foundations and nonprofits at risk.

Tomorrow I will be co-presenting a breakout session on this topic at the Technology Association of Grantmakers annual conference. I expect I’ll be preaching to the choir, to some extent, about the importance of grantee security, but I hope to fuel a conversation about how technology leaders in philanthropy can influence their organizations to step up their level of support for grantee technical assistance, technology training, and tool investment. I want to equip these folks with ideas on how to make the case, and how to design a grantee technology capacity program that is effective and scalable.

Along with co-presenter Bob Hybben of the Butler Family Foundation, I will share how that foundation and my organization worked together to deliver a cohort-based program that combined essential ingredients for grantee improvement, and how Tech Impact is now evolving the program to be even more affordable and scalable. If you aren’t able to attend, I would welcome the chance to talk with you separately—just send me a LinkedIn message.

Let’s learn together how to support security, quality, and innovation in nonprofits. Our communities are depending on it.

. . .

June 2023 update: TAG’s 2023 State of Philanthropy Tech report is available at https://tagtech.org/philanthropytech2022.

Karen Graham
Previous

Why Nonprofit Organizations Lack Tech Plans, and How to Fix It
Next

Foundations can improve equity in humanitarian response to natural disasters - by strengthening nonprofit tech