Cyber criminals aren't going to show any compassion when on the hunt to make money on the internet.
Non-profit organisations such as charities are an easier target for cyber criminals than commercial businesses, due to their lack of resources.
So, stated Mark Edwards, cyber expert and Technical Director of Capital Network Solutions Limited at a recent seminar discussing how Charities could prepare themselves for the future.
He said that non-profits often held sensitive information on donors such as credit card transactions, yet much of the time didn’t have the IT resources of commercial organisations, as they have less budget.
In addition, work done on non-profit applications was often done voluntarily, which meant that they were potentially not as robust.
“There is an assumption that it will be easier to penetrate their applications and networks,” Mark Edwards said.
Top Challenges for Charities
Lack of money – key focus is to spend money to help the cause of the charity
Highly Sensitive Data – the nature of charities is that the data held is often relating to vulnerable individuals and potentially controversial causes that could make it a lucrative proposition in the wrong hands
Limited IT knowledge – IT is often managed internally by well-meaning staff or is outsourced to the lowest cost IT support provider
Personal Devices & Sharing – charities often have very limited resources so encourage staff to use their own personal devices to save money, this introduces significant risk.
Social Media – charities rely on public awareness and readily accessible contact information can make it very easy for cyber criminals to utilise this information for inappropriate activities
What are the threats to charities?
Soft touch – extensively targeted as it is perceived that they are easy to breach as they have limited IT security systems
Employee theft/misuse – Limited policies and corporate structure, lack of understanding and education and personal gain are all factors that increase the risk
Malware – Lack of education about the risk posed by internet and email use with limited malware protection ensures that malware is a very effective cyber-criminal tool
Hacktivists – the controversial nature of some charities does attract individuals who do not necessarily support the charity cause or see the data held as a very valuable source of revenue
Philanthropic Phishing – the heavy reliance on donors ensures that cyber criminals know exactly where to target to find out key donors for financial or personal gain
Top 5 tips to protect your charity
Consider the new UK Government Cyber Essentials Standard as an easy low cost way to demonstrate your commitment to cyber security. As a leading Cyber Essentials Certification Body and having certified over 800 UK businesses (including 90% of our third sector customers) Capital Network Solutions are one of the most experienced CB for both Cyber Essentials and ISAME. Our cyber security team are highly accredited and experienced network penetration testers and infrastructure specialists.
Gain your Cyber Essentials Certification today
Prices from only £300