According to the Department for Digital, Culture, Media and Sport Breaches Report 2021, 26% of UK charities reported a cyber breach within the last six months, and 23% of these experienced an attack at least once a week. Due to the COVID-19 pandemic, many organisations have been subjected to remote working and the charity sector is no exception.
Working from home can leave businesses in a vulnerable position, making them valuable targets to cyber criminals. Charity organisations are especially high risk due to the wide range of funding and processing of personal, financial, and commercial data. As such, being cyber secure is more crucial than ever before – here are some of our key steps to mitigating your organisational risk.
Educate Your Employees
Invest in your human firewall with effective cyber awareness training. Not only can this reduce your risk of a socially engineered cyber attack by 70%, but it helps demonstrate to your clients, investors, and partners that you take the protection of their data extremely seriously by keeping your organisation certified and up to date with the latest security guidance.
Back Up Your Data
Ensure your organisation performs regular backups and keep these in an isolated, secure location. Conducting routine backups will allow your organisation to continue with operations and avoid downtime in the event of a cyber attack or data breach.
Keep Your Devices Secure and Up To Date
It is best practise to ensure all company sanctioned hardware is kept up to date and secure with the appropriate anti-virus software. Additionally, it is recommended to implement password managers, and multi-factor authentication across your devices to provide that extra layer or security and to avoid password fatigue.
Applying for security certification such as Cyber Essentials is a great way to demonstrate that your organisation takes the protection of finances and data seriously. The Cyber Essentials scheme was developed by the National Cyber Security Centre in response to the rapid increase in cyber security threats, and seeks to offer protection against up to 80% of IT security breaches.
The government-backed certificate is awarded following the completion of the self-assessment questionnaire – depending on the feedback provided, the organisation will receive a PASS or FAIL, highlighting any detected vulnerabilities.
All of the above is a great way to get started on your cyber security journey and to significantly mitigate any organisational risks. Add value to your business by demonstrating compliance and keeping your data and finances secure.