Template: Cyber security for charity boards

This template is sponsored by the National Cyber Security Centre (NCSC) – a part of GCHQ. The NCSC is the UK’s technical authority on cyber security and offers a range of practical guidance and advice to help organisations and individuals stay secure online at www.ncsc.gov.uk

 

Join the discussion on Twitter: #DTW2022

 

Our report into cyber security in the UK charity sector showed that there is a clear role for leadership to play when it comes to keeping organisations secure. Nearly a fifth of charities believed CEOs were responsible for cyber security, slightly less than those who thought the IT department held responsibility.

 

But our report also showed that charity CEOs prioritised cyber security less than the sector overall, ranking it as their sixth biggest priority as opposed to third. Nearly half (44%) said they did not have a cyber resilience strategy in place in the event of a breach.

 

Unfortunately, cyber breaches in the charity sector are increasing, both in number and sophistication. As part of the Board’s role in mitigating the risks that their organisation may face, and given the amount of data they hold, it is vital that they include cyber security at the heart of their strategy.

 

The template below can help boards do just that. Based on the National Cyber Security Centre’s Board Toolkit, it outlines the questions that board members need to ask themselves when addressing cyber security and the steps they can take to put effective protocols in place.

 

The template looks at how to:

• Gather information on cyber security
• Identify your vulnerabilities
• Manage risk
• Establish your cyber security plan
• Empower your team

By filling out the template, we hope that charity boards will be able to have productive conversations about cyber security and come out with a better understanding of best practice in the field. Ultimately, we hope it will keep charities cyber secure. Click the link below to download.