0345 305 4118

Cyber criminals aren't going to show any compassion when on the hunt to make money on the internet.

Non-profit organisations such as charities are an easier target for cyber criminals than commercial businesses, due to their lack of resources.

So, stated Mark Edwards, cyber expert and Technical Director of Capital Network Solutions Limited at a recent seminar discussing how Charities could prepare themselves for the future.

He said that non-profits often held sensitive information on donors such as credit card transactions, yet much of the time didn’t have the IT resources of commercial organisations, as they have less budget.

In addition, work done on non-profit applications was often done voluntarily, which meant that they were potentially not as robust.

“There is an assumption that it will be easier to penetrate their applications and networks,” Mark Edwards said.

Top Challenges for Charities

Lack of money – key focus is to spend money to help the cause of the charity

Highly Sensitive Data – the nature of charities is that the data held is often relating to vulnerable individuals and potentially controversial causes that could make it a lucrative proposition in the wrong hands

Limited IT knowledge – IT is often managed internally by well-meaning staff or is outsourced to the lowest cost IT support provider

Personal Devices & Sharing – charities often have very limited resources so encourage staff to use their own personal devices to save money, this introduces significant risk.

Social Media – charities rely on public awareness and readily accessible contact information can make it very easy for cyber criminals to utilise this information for inappropriate activities

What are the threats to charities?

Soft touch – extensively targeted as it is perceived that they are easy to breach as they have limited IT security systems

Employee theft/misuse – Limited policies and corporate structure, lack of understanding and education and personal gain are all factors that increase the risk

Malware – Lack of education about the risk posed by internet and email use with limited malware protection ensures that malware is a very effective cyber-criminal tool

Hacktivists – the controversial nature of some charities does attract individuals who do not necessarily support the charity cause or see the data held as a very valuable source of revenue

Philanthropic Phishing – the heavy reliance on donors ensures that cyber criminals know exactly where to target to find out key donors for financial or personal gain

Top 5 tips to protect your charity

  • An awareness of the risks posed to your charity need to be understood at Board Level
  • All staff and volunteers need to be educated about how to stay safe online
  • A through plan needs to be made once the risks are understood – Are our systems safe? Do we need outside expertise? What changes do we need to make? What investment do we need to make? What would happen if we were breached? How would we know? How would we react? Who do we need to notify? What impact would a breach have on our charity?
  • Consider Cyber Liability Insurance as an option to provide you with financial, practical and reputational damage limitation support when you have a breach

Consider the new UK Government Cyber Essentials Standard as an easy low cost way to demonstrate your commitment to cyber security. As a leading Cyber Essentials Certification Body and having certified over 800 UK businesses (including 90% of our third sector customers) Capital Network Solutions are one of the most experienced CB for both Cyber Essentials and ISAME. Our cyber security team are highly accredited and experienced network penetration testers and infrastructure specialists.

Back
Share
27 Jul Company News

Gain your Cyber Essentials Certification today

Prices from only £300

Copyright @2017 Capital Network Solutions
See how we perform for clients
4.87/5
Customer Satisfaction
95%
Client retention rate
70%
Business from referrals