A guide aimed at helping charities defend against digital risk has been launched by the specialist church insurer, Ecclesiastical. Produced with the support of the Charities Security Forum, the document details to third sector bodies the cyber threats they could face, from ransomware, malware and denial of service to phishing, password attacks and human error. It also provides practical advice for charities on mitigating these risks, including protecting themselves against data breaches.
The insurer’s own recent research with charities suggested that 17pc have already experienced a cyber-attack, with ransomware top of the list of cyber threats organisations have faced, while 63pc said that they are concerned about cyber and internet crime. The threat of a cyber-attack is putting some charities off using e-mail or social media to engage with both service users (19pc) and donors (15pc), while a fifth of the largest charities said that the threat of a cyber-attack is acting as a barrier to exploring a change in business model, the insurance company suggests.
Ecclesiastical’s charity director, David Britton, said: “Many charities are embracing technology and social media to interact with beneficiaries, customers, suppliers, donors and the general public. However, this can bring new threats in an ever-evolving landscape, and, after several years of high profile attacks on larger corporations and businesses, there is now a growing trend of cyber-attackers turning their attention towards organisations that may have a lower level of cyber security, including charities.
“It’s clear from our research that even the threat of an attack is acting as a barrier to some charities innovating and there’s a growing recognition that the long term reputational damage to the charity and its trustees can be just as serious as the initial loss of data and costs of putting things right. There are ways to mitigate cyber risk though and that’s why we’ve produced this new guide. It will give charities more information about the threats they could face and some of the ways they can protect against them, whether that’s preventative measures or being in the best possible position to deal with the consequences of an attack.”
Martyn Croft, co-founder of the Charities Security Forum with Brian Shorten, said: “Representing information security people working in charities and not-for-profits, the Charities Security Forum is committed to continuing to raise awareness of cyber risk in the third sector and to helping support these organisations with building up their digital defences. This new guide by Ecclesiastical provides accessible information about the ways in which charities could find themselves exposed to the cyber security threat, but also gives simple, practical advice to help third sector organisations to protect themselves, and the people they help, against cyber crime.”
Ecclesiastical’s new charity cyber guide is available on www.ecclesiastical.com. Visit also the NCSC website.
