Technology While technology investment in Client Relationship Management Systems (CRMs) and websites are the top two focus areas for NFPs for the next three years, the question remains whether prioritising revenue over managing risk is a smart strategy. For surveyed NFPs, CRMs and investment in websites were the top two areas of focus for technology spending in the next three years. This is unsurprising considering these two technology platforms are key tools to driving revenue for many NFPs.
It appears that a collegial approach to solving these issues isn’t a high priority with only 17% of respondents stating they would collaborate with similar organisations to assist in finding the right solutions. It seems that there is an opportunity for NFPs to learn from their peers when implementing technology, and collaboration could open the doors for further mutual benefits from an education and knowledge sharing (e.g. lessons learned) perspective.
By investing in CRMs and websites, NFPs hope to improve digital functionality and efficiency as well as improve processes, communication and fundraising abilities.
Remarkably, less than 40% of respondents indicated that cybersecurity frameworks form part of their technology investment roadmap for the next three years.
With 2022 being the third iteration of Pitcher Partners NFP sector survey, it is interesting that CRMs remain a high priority. 40% of 2019 respondents had introduced or planned to introduce, a CRM that year, however 60% of current respondents still plan to invest in a system. This consistency acknowledges the important role the system can play in attracting and retaining the right donors, generating revenue and managing engagement with important stakeholders.
This may be because the investment in cyber technology is not going to drive more donations or revenue, so it is not high on the priority list. NFPs store a significant amount of personal data, so the risk is great. However, there is a tendency not to focus on cybersecurity until there is an issue, and associated complacency can lead to irreparable damage via a data breach. Unfortunately, it becomes a focus when an organisation loses money, or their reputation is damaged as a result of an incident.
Additionally, the reasons why CRMs remain the number one technology focus could indicate:
1
the lack of time, knowledge and resources to implement or update the system,
2
confusion over scope clarity and managing the integration with existing systems, and/or
3
plans to invest in CRMs or upgrade were shelved during the pandemic.
Historically organisations may have substituted cyber insurance with cybersecurity however as the risks rise, they may be forced to reprioritise their technology spend in prevention as insurers are less likely to offer coverage without it going forward. The focus on CRMs and websites points to the NFP sector prioritising its fundraising and donor engagement over risk management and controls, at least from a technology perspective. This is a legacy of limited resources but with close to 1 billion* cyber threat attacks occur each day, it is potentially a significant risk.
Taking into consideration all of the above, CRMs may have been identified as difficult to implement or upgrade and historically have been considered too challenging for organisations to implement at the time.
Risk CRMs
+
Websites
Looking for more? Hear from Melissa Alexander on why NFP boards should be talking about cybersecurity.
*source www.imperva.com based on daily threat count between 24-25 June 2022
14
=
Cybersecurity risk
