Building a Resilient Nonprofit: Practical Steps to Strengthen Your Digital Security
Nonprofits today operate in an increasingly complex digital landscape. Whether your organization supports humanitarian aid, education, animal welfare, climate action, or community health, one thing is true across the sector: security can no longer wait. According to the Microsoft Digital Defense Report, nonprofits and NGOs remain among the most frequently targeted sectors by nation‑state actors, largely because of the sensitive humanitarian, political, and demographic data they hold. The rise of remote work, increasing data sensitivity, and rapid AI adoption mean nonprofits must be proactive—not reactive—when it comes to cybersecurity. The good news? Strengthening your digital security doesn’t require an overhaul. It starts with five practical, foundational steps. Below is a breakdown of the core guidance from Microsoft’s security recommendations, reinforced with insights from the Microsoft Digital Defense Report. 1. Gain Buy‑In From Leadership “Security is a mission‑critical priority, not a back‑office function.” — Microsoft Digital Defense Report The MDDR emphasizes that leadership alignment is one of the strongest predictors of an organization’s security resilience. Boards, executive directors, and senior leaders must champion security policies and investments. Microsoft notes that organizations with executive‑level commitment experience significantly fewer successful attacks, because security becomes embedded in culture—not treated as an IT afterthought. 2. Build Security Awareness and Skills Across Your Team “Human-operated attacks continue to exploit the weakest link: people.” — Microsoft Digital Defense Report Human error remains one of the largest contributors to breaches. Nonprofit staff, volunteers, and partners need: • Phishing awareness • Password hygiene training • Safe data handling practices • Clear guidelines around remote or hybrid work The MDDR stresses that attackers are increasing the speed, sophistication, and social engineering quality of phishing campaigns, making ongoing training essential—not optional. 3. Create and Document Security Policies “Organizations with documented security policies respond faster and recover faster.” — Microsoft Digital Defense Report Consistent, written policies set expectations and reduce risk. Key policies nonprofits should maintain include: • Acceptable use • Password and identity management • Device and access control • Incident response procedures • Data classification and retention The MDDR highlights that clear governance reduces the impact of breaches and improves organizational resilience. 4. Choose Technology Designed for How People Work “Identity is the new attack surface.” — Microsoft Digital Defense Report Nonprofits need tools that blend security + productivity. Microsoft emphasizes deploying solutions that support real‑world nonprofit workflows such as: • Volunteer onboarding • Donation processing • Sensitive constituent data management • Cross‑organizational collaboration Microsoft 365, with built‑in identity protection, encryption, threat detection, and AI‑powered safeguards, helps nonprofits stay protected without adding friction to daily operations. 5. Collaborate With Experienced Experts “Security is a shared responsibility across governments, industry, and civil society.” — Microsoft Digital Defense Report You don’t have to navigate cybersecurity alone. Microsoft encourages nonprofits to leverage: • Security Program for Nonprofits • Free or discounted security assessments • AccountGuard for nation‑state attack notifications • Training paths and skilling opportunities for staff These resources provide nonprofits with enterprise‑grade protection at nonprofit‑friendly prices. Why This Matters: Nonprofits Are High‑Value Targets “NGOs remain the most targeted sector by nation‑state actors.” — Microsoft Digital Defense Report According to Microsoft’s research, nonprofits—especially NGOs—are targeted because they manage: • Humanitarian data • Political and demographic insights • Sensitive community information • High‑value donor and partner data Breaches are costly not only financially, but also in terms of: • Donor trust • Staff productivity • Program continuity • Organizational reputation Digital security isn’t just an IT responsibility—it’s central to mission protection. Dive Deeper: Download Microsoft’s Free E‑book This article highlights only a portion of what’s included in the Microsoft resource. For detailed checklists, leadership conversation starters, user training recommendations, and technology guidance, download the full e‑book here: Strengthen Your Nonprofit’s Digital Security https://aka.ms/StrengthenNonprofitDigitalSecuritySafeguarding Trust: The Critical Role of Security in Today’s Nonprofits
Nonprofits run on something deeper than funding, programs, or technology — they run on trust. Communities trust you with their stories, their data, and their wellbeing. Donors trust you to steward resources responsibly. Staff and volunteers trust you to create a safe environment where they can do their best work. And in today’s digital world, protecting that trust starts with security. Digital Tools Are Now Essential — and So Is Security As nonprofits increasingly rely on cloud platforms, digital communication, and data-driven programs, the responsibility to safeguard information grows. Cyberthreats aren’t just an IT issue anymore; they’re a mission issue. A single breach can disrupt services, compromise sensitive data, and erode the trust that took years to build. But strong security doesn’t have to be complicated or out of reach. Security Should Be Accessible for Every Nonprofit Nonprofits deserve security solutions that are: Strong enough to defend against evolving threats Simple enough for small teams to manage Affordable enough to fit within limited budgets Aligned with the mission, not a distraction from it When your systems and data are protected, your team can focus on what matters most — delivering impact with confidence. Keep Your Mission Moving Forward Security isn’t just about reducing risk. It’s about empowering your organization to operate boldly, innovate freely, and serve your community without hesitation. That’s why taking the first step toward stronger security is so important. Is Your Nonprofit Prepared to Level Up Its Security? Discover how to strengthen your nonprofit’s security — visit Microsoft Nonprofits for LinkedIn to watch the video and take the free assessment. Your mission deserves protection. Your community deserves confidence. Take the first step today by heading to LinkedIn!Why Nonprofit Security Needs Urgent Attention
Nonprofits are facing a rapidly evolving security landscape. Cyberattacks are becoming faster, more targeted, and more sophisticated—driven in part by AI tools that make it easier for threat actors to automate reconnaissance, personalize phishing, and exploit vulnerabilities. Many nonprofits don’t discover breaches for months, leaving sensitive data and mission‑critical operations at risk. At the same time, nonprofits working in humanitarian aid, human rights, health, and advocacy are becoming more visible in a tense global environment. According to the 2025 Microsoft Digital Defense Report, nongovernmental organizations are now among the sectors most frequently targeted by nation‑state actors, often more than finance or healthcare. Yet nonprofits often have the fewest resources to defend themselves, despite holding highly sensitive information about donors, volunteers, and the communities they serve. How Microsoft Is Responding Microsoft is evolving the Security Program for Nonprofits into a practical, step‑by‑step security journey designed for real nonprofit constraints. Key elements include: • Free security assessments to identify risks and build a prioritized roadmap • Grants and discounts through Microsoft Elevate, including 60% off security suites • Microsoft AccountGuard for enhanced nation‑state threat monitoring • The Security Advisors Program for direct engagement with Microsoft experts • Security skilling to help teams detect and respond to threats more effectively The goal is simple: make strong security achievable, affordable, and aligned with mission needs. Read the Full Article This post summarizes key insights from the original LinkedIn article. You can read the full piece here: Microsoft for Nonprofits.How to Re-Register MFA
Working closely with nonprofits every day, I often come across a common challenge faced by MFA users. Recently, I worked with a nonprofit leader who faced an issue after getting a new phone. She was unable to authenticate into her Microsoft 365 environment because her MFA setup was tied to her old device. This experience highlighted how important it is to have a process in place for MFA re-registration. Without it, even routine changes like upgrading a phone can disrupt access to your everyday tools and technologies, delaying important work such as submitting a grant proposal. Why MFA is Essential for Nonprofits Before we discuss how to reset MFA, let’s take a step back and discuss why MFA is a necessity for nonprofits the way it is important for any organization. In the nonprofit world, protecting sensitive or confidential data—like donor information, financial records, and program details—is a top priority. One of the best ways to step up your security game is by using Multi-Factor Authentication (MFA). MFA adds an extra layer of protection on top of passwords by requiring something you have (like a mobile app or text message) or something you are (like a fingerprint). This makes it a lot harder for cybercriminals to get unauthorized access. If your nonprofit uses Azure Active Directory (AAD), or Microsoft Entra (as it is now called), with Microsoft 365, MFA can make a big difference in keeping your work safe. Since Microsoft Entra is built to work together with other Microsoft tools, it’s easy to set up and enforce secure sign-in methods across your whole organization. To make sure this added protection stays effective, it’s a good idea to occasionally ask users to update how they verify their identity. What Does MFA Re-Registration Mean for Nonprofits? MFA re-registration is just a fancy way of saying users need to update or reset how they authenticate, or verify, themselves. This might mean setting up MFA on a new phone (like the woman in the scenario above), adding an extra security option (like a hardware token), or simply confirming their existing setup. It’s all about making sure the methods and devices your users rely on for MFA are secure and under their control. When and Why Should Nonprofits Require MFA Re-Registration? Outside of getting a new phone, there may be other situations that raise cause for reason to re-register your MFA. A few scenarios include: Lost or Stolen Devices: Similar to the scenario above, if someone loses their phone or it gets stolen, you will have to re-register the new device. Role Changes: If someone’s responsibilities change, their MFA setup can be adjusted to match their new access needs. Security Enhancements: Organizations may require users to re-register for MFA to adopt more secure authentication methods, such as moving from SMS-based MFA to an app-based MFA like Microsoft Authenticator Policy Updates: When an organization updates its security policies, it might require all users to re-register for MFA to comply with new standards Account Compromise: If there is a suspicion that an account has been compromised, re-registering for MFA can help secure the account by ensuring that only the legitimate user has access With Microsoft Entra, managing MFA re-registration is straightforward and can be done with an administrator to the organization’s tenant. How to require re-registration of MFA To reset or require re-registration of MFA in Microsoft Entra, please follow the steps below. Navigate to portal.azure.com with your nonprofit admin account. Select Microsoft Entra ID Select the drop-down for Manage In the left-hand menu bar select Users > Select the user's name that you want to reregister to MFA (not shown). Once in their profile, select Manage MFA authentication methods Select Require re-register multifactor authentication Congratulations! The user will now be required to re-register the account in the Microsoft Authentication app.How Nonprofits Can Strengthen Cybersecurity with Small Steps (That Make a Big Difference)
Nonprofits are often stretched thin—limited budgets, diverse users, and critical missions. But that doesn’t mean cybersecurity has to be overwhelming. In fact, some of the most effective protections are simple, affordable, and accessible to organizations of any size. Below are practical steps every nonprofit can take to strengthen its security posture, along with upcoming nonprofit‑focused events designed to help your team build skills, stay informed, and protect your mission. Start with MFA (Multifactor Authentication) Turning on MFA is the single most impactful step any nonprofit can take to secure accounts. It protects your organization from: Password theft Account compromise Phishing attacks Phishing‑resistant MFA methods—such as Microsoft Authenticator or passkeys—offer the strongest protection. Secure Your Cloud Environment With many nonprofits using shared drives, third‑party tools, or cloud‑based CRMs, securing cloud configurations is essential. This includes: Using least‑privilege access Regularly reviewing permissions Enabling encryption Avoiding shared passwords Most breaches start with simple misconfigurations. A quick audit can dramatically reduce risk. Train Your Staff and Volunteers Cybersecurity is everyone’s responsibility. Short, simple training sessions can help your team recognize: Suspicious emails Unexpected login prompts Unsafe links Requests for personal or financial information Consistent training builds a culture of awareness and reduces the likelihood of human‑error‑based incidents. Use Security Tools to Safeguard Your Mission Many nonprofit discounts and grants make enterprise‑level protections more accessible. Solutions like Microsoft Defender and Microsoft 365 Business Premium include built‑in security features such as: Antivirus Threat detection Cloud app security Endpoint protection These tools help nonprofits stay secure—without adding complexity. And if your team is looking to deepen its understanding of how to use these solutions effectively, there are plenty of learning opportunities available. Nonprofit Events Discover tailored events and training opportunities designed to help you maximize your impact and strengthen your organization’s security posture. Gain expert insights, connect with industry leaders, and explore solutions built for nonprofit scenarios. See events below related specifically to security. Featured Events Below are upcoming and on‑demand security‑focused sessions especially relevant for nonprofits working to improve cybersecurity: Mastering Threat Detection and Response with Microsoft Defender XDR A deep dive into how Microsoft Defender XDR delivers extended detection and response across your digital estate. February 11, 2026 – 7:30 PM ET (Asia/ANZ) – Virtual February 12, 2026 – 11:00 AM ET (Americas) – Virtual Register: Microsoft Virtual Events Powered by Teams (Asia/ANZ) and Microsoft Virtual Events Powered by Teams (Americas) Mastering SIEM & SOAR with Microsoft Sentinel: From Setup to Automation Learn how to configure SIEM and SOAR capabilities in Microsoft Sentinel to strengthen your security operations. February 25, 2026 – 7:30 PM ET (Asia/ANZ) – Virtual February 26, 2026 – 11:00 AM ET (Americas) – Virtual Register: Microsoft Virtual Events Powered by Teams (Asia/ANZ) and Microsoft Virtual Events Powered by Teams (Americas) Unlocking AI‑Powered Security: A Deep Dive into Microsoft Security Copilot Explore how Microsoft Security Copilot combines generative AI with Microsoft’s security tools to help analysts investigate incidents and automate tasks. March 4, 2026 – 7:30 PM ET (Asia/ANZ) – Virtual March 5, 2026 – 11:00 AM ET (Americas) – Virtual Register: Microsoft Virtual Events Powered by Teams (Asia/ANZ) and Microsoft Virtual Events Powered by Teams (Americas) Strengthening Your Cybersecurity Strategy (On‑demand) This on‑demand session covers how to simplify security operations, enhance compliance, and empower your mission with confidence. On‑demand Register: Strengthening your Cybersecurity Strategy On-demandBeyond Visibility: Hybrid Identity Protection with Microsoft Entra & Defender for Identity
In a previous blog, we explored how Microsoft Entra and Defender for Identity form a powerful duo for hybrid identity protection. But visibility alone isn’t enough. To truly defend your organization, you need to operationalize that visibility—turning insights into action, and strategy into security outcomes. Let’s explore how to take your hybrid identity protection to the next level. From Detection to Response: Building a Unified Identity SOC Security teams often struggle with fragmented signals across cloud and on-prem environments. Defender for Identity and Entra solve this by feeding identity-based alerts into Microsoft 365 Defender and Microsoft Sentinel, enabling: Centralized incident response: Investigate identity threats alongside endpoint, email, and cloud signals. Automated playbooks: Trigger actions like disabling accounts or enforcing stricter access policies. Advanced hunting: Use KQL queries to uncover stealthy attacks like domain dominance or golden ticket abuse. This unified approach transforms your SOC from reactive to proactive. Strengthening Identity Posture with Entra ID Protection Once threats are detected, Entra ID Protection helps you contain and prevent them: Risk-based Conditional Access: Automatically block or challenge risky sign-ins based on Defender for Identity signals. User risk remediation: Force password resets or MFA enrollment for compromised accounts. Policy tuning: Use insights from past incidents to refine access controls and reduce false positives. This adaptive security model ensures that your defenses evolve with the threat landscape. To learn more about these and additional policy-driven security mechanisms, please visit: Risk policies - Microsoft Entra ID Protection | Microsoft Learn Least Privilege at Scale with Entra ID Governance Identity protection isn’t just about stopping attacks—it’s about minimizing the blast radius. Entra ID Governance helps enforce least privilege by: Automating access reviews: Regularly audit who has access to sensitive resources. Just-in-time access: Grant temporary permissions only when needed. Entitlement management: Control access to apps and groups with policy-based workflows. By reducing unnecessary access, you make lateral movement harder for attackers—and easier for auditors. To learn more about least privilege, please visit: Understanding least privilege with Microsoft Entra ID Governance | Microsoft Learn Real-Time Insights with Microsoft Sentinel Sentinel supercharges your hybrid identity protection with: Custom dashboards: Visualize risky users, sign-in anomalies, and privilege escalations. Threat intelligence fusion: Correlate identity signals with external threat feeds. Data connectors: Stream Entra and Defender for Identity logs for deep analysis and long-term retention. This gives you the clarity to spot patterns and the context to act decisively. To learn more about Microsoft Sentinel, please visit: What is Microsoft Sentinel SIEM? | Microsoft Learn Next Steps: Operationalize Your Identity Strategy To move from visibility to action: Deploy Defender for Identity sensors across all domain controllers. Integrate with Microsoft 365 Defender and Sentinel for unified threat detection. Enable risk-based Conditional Access in Entra to respond to identity threats in real time. Implement least privilege policies using Entra ID Governance. Use Sentinel for advanced hunting and analytics to stay ahead of attackers. Final Thoughts Hybrid identity protection isn’t a checkbox—it’s a continuous journey. By operationalizing the integration between Microsoft Entra and Defender for Identity, you empower your security teams to detect, respond, and prevent identity threats with precision and speed.Microsoft Entra: Building Trust in a Borderless Digital World
As nonprofits embrace hybrid work, multi-cloud environments, and digital transformation to better serve their missions, the need for secure, intelligent access has never been greater. Traditional identity solutions often fall short in protecting diverse user groups like staff, volunteers, donors, and partners. Microsoft Entra offers a unified family of identity and network access products designed to verify every identity, validate every access request, and secure every connection—helping nonprofits stay resilient, compliant, and mission-focused. What Is Microsoft Entra? Microsoft Entra offers a unified family of identity and network access products designed to verify every identity, validate every access request, and secure every connection—helping nonprofits stay resilient, compliant, and mission-focused. The suite includes: Microsoft Entra ID (formerly Azure Active Directory): A cloud-based identity and access management service that supports Single Sign-On (SSO), Multifactor Authentication (MFA), and Conditional Access policies to protect users, apps, and resources. Microsoft Entra ID Governance: Automates identity lifecycle management, ensuring users have the right access at the right time—and nothing more. It supports access reviews, role-based access control, and policy enforcement. Microsoft Entra External ID: Manages secure access for external users like customers, partners, and vendors. It enables personalized, secure experiences without compromising internal systems. Microsoft Entra Private Access: Provides secure, VPN-less access to private apps and resources across hybrid and multi-cloud environments. It’s ideal for remote work scenarios and legacy app support. Microsoft Entra Internet Access: Offers secure web access with identity-aware controls, helping protect users from malicious sites and enforcing compliance policies. Why Microsoft Entra Matters for Nonprofits Unified Identity Protection: Secures access for any identity—human or workload—to any resource, from anywhere. Zero Trust Enablement: Verifies every access request based on identity, device health, location, and risk level. Multi-cloud and Hybrid Ready: Works across Microsoft 365, Azure, AWS, Google Cloud, and on-premises environments. Compliance and Governance: Supports nonprofit regulatory needs with automated access reviews, audit trails, and policy enforcement. Getting Started with Microsoft Entra Assess your security posture through Microsoft Secure Score – Helps nonprofits monitor and improve identity, device, and app security posture. Building Conditional Access policies in Microsoft Entra – Create policies to protect users and data based on risk, location, and device health. Create a lifecycle workflow – Automate onboarding, role changes, and offboarding for staff, volunteers, and contractors. Microsoft Entra External ID documentation – Manage secure access for donors, partners, and community members. Real-World Impact A global nonprofit recently used Microsoft Entra to streamline access for volunteers, staff, and external partners. By automating identity governance and enabling secure access to cloud apps, they reduced administrative overhead and improved security posture—without sacrificing user experience. Conclusion Microsoft Entra empowers nonprofits to modernize identity and access management with a unified, secure, and intelligent approach. Whether you're enabling remote work, collaborating with external partners, or safeguarding sensitive donor data, Entra provides the tools to build trust, enforce least privilege, and stay compliant. By adopting Entra, nonprofits can focus more on their mission and less on managing risk—ensuring that every connection is secure, every identity is verified, and every access is governed.Comprehensive Identity Protection—Across Cloud and On-Premises
Hybrid IT environments, identity is the new perimeter—and protecting it requires visibility across both cloud and on-premises systems. While Microsoft Entra secures cloud identities with intelligent access controls, Microsoft Defender for Identity brings deep insight into your on-premises Active Directory. Together, they form a powerful duo for comprehensive identity protection. Why Hybrid Identity Protection Matters Most organizations haven’t fully moved to the cloud. Legacy systems, on-prem applications, and hybrid user scenarios are still common, and attackers know it. They exploit these gaps using techniques like: Pass-the-Hash and Pass-the-Ticket attacks Credential stuffing and brute-force logins Privilege escalation and lateral movement Without visibility into on-prem identity activity, these threats can go undetected. That’s where Defender for Identity steps in. What Is Microsoft Defender for Identity? Defender for Identity is part of Microsoft Defender XDR—a cloud-based solution that monitors on-premises Active Directory for suspicious behavior. It uses behavioral analytics and threat intelligence to detect identity-based attacks in real time. Key capabilities: Detects compromised accounts and insider threats Monitors lateral movement and privilege escalation Surfaces risky users and abnormal access patterns Integrates with Microsoft 365 Defender and Sentinel for unified response Why It Pairs Perfectly with Microsoft Entra Microsoft Entra (formerly Azure AD) protects cloud identities with features like Conditional Access, Multifactor Authentication, and Identity Governance. But Entra alone can’t see what’s happening in your on-prem AD. By combining Entra and Defender for Identity, you get: End-to-end visibility across cloud and on-prem environments Real-time threat detection for suspicious activities like lateral movement, privilege escalation, and domain dominance Behavioral analytics to identify compromised accounts and insider threats Integrated response capabilities to contain threats quickly and minimize impact Actionable insights that help strengthen your identity posture and reduce risk Together, they deliver comprehensive identity protection—giving you the clarity, control, and confidence to defend against modern threats. Real-World Impact Imagine a scenario where an attacker gains access to a legacy on-prem account and begins moving laterally across systems. Defender for Identity detects the unusual behavior and flags the account as risky. Entra then blocks cloud access based on Conditional Access policies tied to that risk signal—stopping the attack before it spreads. Getting Started Deploy Defender for Identity sensors on your domain controllers Install a sensor - step-by-step instructions to install Defender for Identity sensors on your domain controllers to begin monitoring on-premises identity activity. Activate the sensor on a domain controller - Guidance on activating the installed sensor to ensure it starts collecting and analyzing data. Deployment overview - A high-level walkthrough of the Defender for Identity deployment process, including prerequisites and architecture. Connect Defender for Identity to Microsoft 365 Defender Integration in the Microsoft Defender portal - Learn how to connect Defender for Identity to Microsoft 365 Defender for centralized threat detection and response. Pilot and deploy Defender for Identity - Best practices for piloting Defender for Identity in your environment before full-scale deployment. Enable risk-based Conditional Access in Entra Configure risk policies in Entra ID Protection - Instructions for setting up risk-based policies that respond to identity threats in real time. Risk-based access policies overview - An overview of how Conditional Access uses risk signals to enforce adaptive access controls. Use Entra ID Governance to enforce least privilege Understanding least privilege with Entra ID Governance - Explains how to apply least privilege principles using Entra’s governance tools. Best practices for secure deployment - Recommendations for securely deploying Entra ID Governance to minimize identity-related risks. Integrate both with Microsoft Sentinel for advanced hunting Microsoft Defender XDR integration with Sentinel - How to connect Defender for Identity and other Defender components to Microsoft Sentinel for unified security operations. Send Entra ID data to Sentinel - Instructions for streaming Entra ID logs and signals into Sentinel for deeper analysis. Microsoft Sentinel data connectors - A catalog of available data connectors, including those for Entra and Defender for Identity, to expand your threat detection capabilities. Final Thoughts It's the perfect time to evaluate your identity protection strategy. By pairing Microsoft Entra with Defender for Identity, you gain full visibility across your hybrid environment—so you can detect threats early, respond quickly, and protect every identity with confidence. Ready to strengthen your identity perimeter? Start by deploying Defender for Identity and configuring Entra policies today.Want to Avoid Accidently Deleting your Resources in Azure? It's Easier Than You Think
Sometimes, knowingly or unknowingly you might delete a resource group in Azure. In this article let's talk about how to configure Azure Resource Locking in order to protect them from being deleted or modified accidentally.Cybersecurity Is Mission Imperative: What Nonprofits Must Learn from the 2025 Digital Defense Report
In today’s digital-first world, nonprofits depend on technology to deliver services, engage communities, and scale impact. But with that reliance comes growing risk—from identity-based attacks to AI-driven threats and cloud vulnerabilities. The 2025 Microsoft Digital Defense Report offers a strategic lens into the global cybersecurity landscape. For nonprofit leaders, it’s more than a technical document—it’s a wake-up call. Cybersecurity is no longer a back-office concern. It’s a mission-critical priority. Key Takeaways for Nonprofits: Identity is the new attack surface—protect credentials, not just systems. AI is reshaping both threats and defenses—learn to leverage it. Cloud and vendor vulnerabilities are rising—secure your digital supply chain. Resilience matters—build systems that recover quickly and train your teams. The quantum era is coming—start preparing for post-quantum cryptography. Why It Matters: Protecting data means protecting people. Embedding cybersecurity into every layer of your organization—from boardroom strategy to frontline service delivery—is essential to maintaining trust and impact. For More Information: Explore the full Microsoft Digital Defense Report 2025 for deeper insights and practical guidance. Read the full report: Microsoft Digital Defense Report 2025 To learn more and join the conversation, follow Microsoft for Nonprofits LinkedIn for updates, expert insights, and community engagement around nonprofit cybersecurity. Visit: Microsoft for Nonprofits
