Back to research

NPO Cybersecurity SLR

Enhancing Cybersecurity Readiness in Non-Profit Organizations Through Collaborative Research and Innovation: A Systematic Literature Review

Maryam Roshanaei, Premkumar Krishnamurthy, Anivesh Sinha, Vikrant Gokhale, Faizan Muhammad Raza, Dušan Ramljak

Computers (MDPI) · 2025 Published

Abstract

Non-profit organizations (NPOs) are crucial for building equitable and thriving communities, yet most are small, community-based organizations that lack the resources to manage cybersecurity effectively, and the recent surge in cyberattacks on NPOs underscores the urgent need for investment in cybersecurity readiness. Adhering to PRISMA 2020 guidelines, this systematic literature review examined 4,650 initial records, screening to 23 included studies plus 37 identified through citation analysis. The review leverages existing work on cyber threat assessment and mitigation to build a mapping framework and data collection plan addressing the significant vulnerabilities NPOs face, and offers actionable guidance NPOs can implement within their resource constraints to enhance their cybersecurity posture.

Security readiness on a non-profit budget

Non-profits hold sensitive donor, client, and community data, but most are small organizations without the budget, staff, or expertise to manage cybersecurity, and what is known about them lives mostly in practitioner sources rather than the academic literature. Meanwhile, attacks on the sector are surging, and every breach erodes exactly the thing NPOs run on: the trust of donors and volunteers.

Method

The review follows PRISMA 2020 guidelines. An initial pool of 4,650 records (examined March 2025) was screened against the research questions, excluding studies that did not address cybersecurity readiness in NPOs. Included studies were quality-assessed on methodology, clarity, completeness, and transparency, yielding 23 included studies, with 37 more added through forward and backward citation analysis. Results were synthesized through quantitative topic analysis and qualitative review.

Contribution

The review leverages the existing literature on cyber threat assessment and mitigation to build a mapping framework and data collection plan for the vulnerabilities NPOs actually face, and distills it into actionable guidance that fits non-profit resource constraints, rather than enterprise-grade prescriptions small organizations cannot implement. It also maps where the academic literature is thin, motivating collaborative research and innovation between universities and the non-profit sector as the lever for closing the readiness gap.

cybersecurity systematic literature review non-profits readiness collaboration
BibTeX
@article{roshanaei2025cybersecurity,
  title   = {Enhancing Cybersecurity Readiness in Non-Profit Organizations Through Collaborative Research and Innovation---A Systematic Literature Review},
  author  = {Roshanaei, Maryam and Krishnamurthy, Premkumar and Sinha, Anivesh and Gokhale, Vikrant and Raza, Faizan Muhammad and Ramljak, Du{\v s}an},
  journal = {Computers},
  volume  = {14},
  number  = {12},
  pages   = {539},
  year    = {2025},
  publisher = {MDPI},
  doi     = {10.3390/computers14120539}
}