Can your charity protect itself from a cyber breach? Prove it

Charities in the UK know the drill by now when it comes to understanding the importance of cyber security. We’re well aware of the growing threat – more than a quarter of us experienced a breach in 2020 alone – and we know the risk it poses to our organisation and our ability to deliver services to those who need them.

More than nine in ten charities told our survey, in collaboration with the National Cyber Security Centre, that they were aware of the effect a cyber attack could have on their organisation. But it appears knowing about the risks and knowing how to defend against them are two very different things.

With the increasing sophistication of cyber threats in the charity sector, and the rapidity with which new, convincing phishing scams pop up, your cyber security procedures need to be reviewed on a regular basis.

The Cyber Essentials certification, delivered by the IASME Consortium on behalf of the NCSC, acts as an MOT of sort for your cyber security and helps organisations of all sizes protect themselves against the majority of cyber attacks.

Getting certified will act like a cyber security checklist and ensure you correctly put the five core controls in place that can guard against the majority of internet threats. The controls include firewalls, malware protection, security update management, access control and secure configuration (the use of passwords and multi-factor authentication on network devices).

The annual renewal of Cyber Essentials will provide you with the opportunity to review your security each year. You will be following a scheme that is naturally updated in line with current threats as deemed necessary by security experts.

If you are not ready to certify yet, and unsure about where to start, use the free online tool to gauge your cyber security readiness.

The Cyber Essentials Readiness Tool is an interactive website that takes you through some simple questions that address different parts of your organisation’s security. Based on your answers, you will be directed towards the appropriate guidance on the five core controls and related topics written in non-technical language.

Upon completion of the Readiness assessment, you will be able to download a tailored action list and a description of what additional requirements or steps there are still to achieve.

If charities want to make the most of the tool, the time is now. Not only do half of the charities in our survey believe they are ‘likely’ or ‘very likely’ to be a victim of a cyber attack in the future, but between 8 – 12 November, IASME is offering a discount to charities applying for the Cyber Essentials certification.

As part of their Charity Cyber Security Awareness week, they have also developed specific guidance for charities to help them complete the Readiness Tool.

When it comes to cyber security, it may be that the charity sector has taken the first step and is educated on the risks. The next step is preparation, so check out the Cyber Essentials Readiness Tool to see if you are ready to certify, or apply for Cyber Essentials this November.