Well over half of small and medium-sized charities have no strategy for dealing with major IT incidents, according to a survey of charity chief executives.
Only 41 per cent of the 234 leaders quizzed said their organisations had formal policies or strategies for dealing with an IT failure, data breach or cyber attack.
The research, which is based on the views of chief executives of charities with annual incomes below £5m, was commissioned by the grant-making trust the Garfield Weston Foundation.
Fewer than 40 per cent of respondents said they had strategies in place to deal with other serious incidents, including the withdrawal of a substantial funding source, the departure of key staff or serious failures in service delivery.
Gillian Murray, chief executive of Pilotlight, which works with the foundation to connect voluntary organisations and businesses to make them more effective, said the IT finding reflected how many charities were chronically under-resourced.
Charities, said Murray, were far more aware of the importance of thinking strategically than they were 15 years ago, but didn't have the time or funds to do so.
The research also found that many chief executives lacked confidence in their colleagues. Only 39 per cent agreed or strongly agreed that their staff and volunteers had the skills and experience required to help their organisations prosper and grow in the next five years.
Forty per cent of respondents cited partnership-building with the commercial sector as the skill their organisation most lacked. Murray said this highlighted a "big shift" in the attitude of charities in favour of working more closely with businesses.
The research was published on Friday to coincide with applications opening for the Weston Charity Awards 2018. The Garfield Weston Foundation, which began the awards in 2014, is extending the scheme to Wales this year.
The 20 winners will receive £6,500 of funding and a year of leadership and strategy coaching from business leaders, which will be facilitated by Pilotlight.