Charities are a key target of cyber criminals due to the valuable information they hold - beneficiaries, volunteers, supporters as well as payment details.
Cyber criminals will happily count themselves as needy individuals when they steal data, encrypt your files, and then blackmail you for the decryption key. They don’t care about the others that you can’t support; they want your money for themselves.
But we’re a charity – they won’t target us
Unfortunately, most cyber criminals do not pick one target and concentrate on them. Technology now allows them to search huge numbers of websites for vulnerabilities or send thousands of phishing emails in the hopes of finding just one website they can exploit or one people clicking on that phishing link. And they do not have to be very technical astute, criminals can now buy kits and services from other criminals.
So how can Cyber Essentials help?
Cyber Essentials is a simple and effective Government-backed scheme, supported by industry experts and the Cyber Resilience Centre Network, that will help you put measures in place to protect your organisation, against a range of the most common cyber-attacks. This includes protecting against threats such as malware, ransomware and phishing.
Imagine if your charity had its database stolen because you had a weak password such as mycharity1 which had been previously released in a data breach.
How do you think your supporters and trustees would view the attack?
Too sophisticated to stop or negligence on the charities side?
Telling a victim about the theft of their data when you can say “we did all we could” is a very different conversation to “well, we didn’t have time to implement 2FA”.
By achieving cyber essentials, you will be able to reassure your customers and trustees that you have recognised the threat, risks and have taken proactive steps to minimise the impact.
If you have a turnover under £20m and achieve either the basic level of Cyber Essentials or the IASME Standard, then you are entitled to Cyber Liability Insurance. You can find out more about the insurance cover provided here.
Ok, you have convinced me, where should I start?
Sign up for free membership of the Eastern Cyber Resilience Centre. We can talk to you about your charity’s cyber resilience and can offer guidance and free tools that you can implement straight away.
Check your current security standard using the free Cyber Essentials Readiness Tool. The Readiness Tool is an interactive set of questions that addresses different parts of your organisation’s security. Advice and guidance is available specifically for those in the charity sector and a step by step action plan is tailored to your requirements based on your answers to the questions. You will receive specific help in the areas that you need to address to achieve Cyber Essentials.
Tell us when you are ready and we can refer you to one of our Trusted Partners, who are cyber essentials accreditors in the East of England. They can accredit your work or provide help if required.
The ECRC is looking at helping charities obtain Cyber Essentials through external funding and training. If your charity would like to be considered in this pilot please contact us and let us know.
Further guidance & support
Core members receive regular updates which include the latest guidance, news, and security updates. Our core membership has been tailored for businesses and charities of all sizes who are based across the seven counties in the East of England.