The UK’s National Cyber Security Center (NCSC) has issued new guidance for charities aimed at strengthening cybersecurity in the face of growing threats.
document, Cyber Threat Report: UK Charityoutlines the main threats to this area and explains how organizations can strengthen their cyber resilience.
With a combined income of £100 billion, the country’s 200,000 charities employ nearly 6 million volunteers and full-time employees. About a third (30%) of them have recorded a cyberattack or breach in the last 12 months, according to a 2022 government report.
The NCSC warns that charitable organizations are exposed to the same threats as most commercial organizations: ransomware, business email compromise, phishing, and fraudulent websites. However, given their heavy reliance on BYOD, large numbers of volunteers, minimal insurance coverage, and limited funds to spend on cyber, they are particularly vulnerable to attacks. claims to be potentially vulnerable.
Charities are not only subject to direct cyberattacks, but also scammers masquerading as charities, which can divert critical funds donated by members of the public.
“Nowadays, more charities are offering online services and fundraising online, which means reliable and trustworthy digital services are more important than ever. During the crisis in Ukraine, I We have seen more criminals take advantage of the public’s generosity and masquerade as charitable organizations for their own financial gain.
Helen Stephenson, CEO of the Charity Commission for England and Wales, argued that cybersecurity is no longer an optional add-on for the sector, but an important part of good governance.
“Charities play an important role in our societies and in all communities. Charities save lives and provide many services that make lives worth living. is ultimately dependent on public trust and continued public generosity,” she added.
“As such, the impact of a cyberattack on a charity can be devastating in terms of undermining the trust and support of the public as well as those who depend on the organization and its services.”
The NCSC made several recommendations in its report, urging charities to:
- Read the guidance in the report created specifically for your sector
- Improve employee cyber awareness with staff training resources
- Use NCSC’s Active Cyber Defense Services to Strengthen Your Resilience
- Ensure charity boards understand their cybersecurity responsibilities
- Enhancing Security Best Practices with Cyber Essentials – Charities Now Get 20 Hours of Free Support to Implement Technical Measures
Editorial Credit Icon Image: Postmodern Studio / Shutterstock.com
