Document Type
Article
Publication Date
Spring 6-5-2026
Abstract
This study analyzes cyberattack trends targeting non-profit organizations using longitudinal data collected over a three-year period within the Non-Profit Cybersecurity Incident Repository (NPCIR). Developed through a National Security Agency Center of Academic Excellence in Cyber Defense (NSA CAE-CD) designated center, the NPCIR applies an open-source intelligence (OSINT) methodology to systematically document cybersecurity incidents affecting the global non-profit sector. This study examines attack types, threat actor characteristics, sectoral distribution, and cybersecurity impacts using the Confidentiality–Integrity–Availability (CIA) triad framework. The results indicate that availability-related incidents, particularly ransomware and distributed denial-of-service (DDoS) attacks, constitute the most prevalent threats, while confidentiality breaches remain highly significant due to frequent data exposure incidents. Statistical analyses further demonstrate significant differences between non-profit organizations aligned with DHS CISA critical infrastructure sectors and those operating outside these sectors, especially regarding the prevalence of availability-focused attacks. In addition to its empirical contribution, the NPCIR initiative supports experiential learning opportunities for undergraduate and graduate students in cybersecurity and information technology. The resulting dataset provides actionable cyber threat intelligence for researchers, practitioners, and non-profit leaders seeking to strengthen organizational cybersecurity resilience and awareness.
Publication Title
Information
First Page Number
1
Last Page Number
15
DOI
10.3390/info17060601
Recommended Citation
Mierzwa, Stanley; Paliszkiewicz, Joanna; and Skarzyńska, Edyta, "Trends in Non-Profit Cybersecurity: Analyzing Three Years of Incident Data from the NPCIR" (2026). Center for Cybersecurity. 55.
DOI: https://doi.org/10.3390/info17060601
Available at:
https://digitalcommons.kean.edu/cybersecurity/55
Included in
Computer and Systems Architecture Commons, Management Information Systems Commons, Nonprofit Administration and Management Commons