Cybersecurity in the Charity sector
Posted 4th January 2021
Two years ago, the National Cyber Security Centre published an assessment of the potential threat posed by cyberattacks to the UK charity sector. It was sobering reading. The report concluded that there is a huge variation in the understanding of the importance of cybersecurity by charities of all sizes. Additionally, the study discovered that many charities and third sector organisations don’t report attacks for fear that they will affect their reputation.
For smaller charities and organisations who work on a tight budget, it appears to be a sad reality that cybersecurity measures can be considered a major and unaffordable cost. With staff numbers kept to a minimum to ensure that donations and grants are used to fund projects, IT security can also end up falling into the hands of someone who isn’t an expert.
The result of this is that smaller charities in particular find themselves open to a cyberattack or data breach. This is a nightmare scenario for any company or organisation, if for nothing else than for a potential breach of GDPR, but for small charities that work with clients, the loss of their personal information can be more destructive. Additionally, the chance of being unable to access funds or being locked out of an IT system can also have a detrimental impact.
Following their assessment, the National Cyber Security Centre published a guide designed to help small charities improve their cybersecurity. Despite this, a 2019 report by the Charity Commission found that 58% of charities think that cybercrime is a major risk to the charity sector, and 22% believed that the charity sector was at a greater risk than other sectors.
So, what can small charities do to mitigate the risk of a cyberattack? Cyber Essentials accreditation can go a long way to helping to protect an organisation from online criminals whilst ticking off the suggested guidelines in the NCSC guide. It also provides the foundations that any organisation, no matter how large or small, needs to move forward with their cybersecurity plan, and proves to donors and clients just how seriously you consider the security of their information to be.
LP Networks are accredited Cyber Essentials assessors as well as being a trusted IT and security. We work with you to ensure that you can achieve your certification without unnecessary outlays or expenses. Contact our team for more information.