How to stay cyber secure in 2025

In today’s digital landscape, cyber threats are on the rise, and small charities are increasingly being targeted. Unlike larger organisations, many charities operate with limited resources and support, which can leave them vulnerable to attack. 

At Qlic IT, we understand these pressures and are here to help you strengthen your charity’s cyber security in practical, affordable ways. Below, we explore some of the key tactics that small charities can use and how they can protect their organisation better in 2025. 

Cyber threats facing small charities in 2025 

Cyber criminals are constantly evolving their tactics. Some of the key risks facing charities this year include: 

• Phishing and email scams: Fraudulent emails designed to trick staff into handing over login details or clicking malicious links
  
  
• Ransomware attacks: Criminals lock your files and demand payment to restore access. These attacks are increasingly targeting smaller organisations
  
  
• Stolen passwords: Reused or weak passwords make it easy for attackers to gain unauthorised access to systems
  
  
• Third-party vulnerabilities: A breach in a supplier’s system could expose your charity, especially if you rely on shared platforms
  
  
• Social engineering: Scammers often rely on human error rather than technical weaknesses, manipulating staff into revealing sensitive information

Practical, low-Cost ways to improve your cyber resilience 

Improving your charity’s cyber security doesn’t have to be expensive. There are simple and effective steps you can take: 

• Use Multi-Factor Authentication (MFA): Adding a second step to logins, such as a notification from an app, makes it much harder for attackers to gain access. Microsoft Authenticator, Google Authenticator or Duo Mobile are great MFA tools to employ
  
  
• Install free antivirus software: Basic antivirus protection helps block common threats and is often free for charities. Microsoft Defender or Sophos antivirus are both tools your charity could install
  
  
• Back up your data: Run regular backups to ensure you can recover quickly after an incident. Ideally, use both cloud and offline storage. Look at services like Google Workspace or Microsoft OneDrive
  
  
• Use a password manager: Password managers generate and store strong, unique passwords, reducing risk and making account management easier. Keeper is Qlic’s favourite, affordable password manager
  
  
• Work towards Cyber Essentials certification: Cyber Essentials is a UK Government-backed scheme that helps organisations demonstrate basic levels of protection. At Qlic, we’re Cyber Essentials Plus certified, so our team is highly experienced in guiding charities through the accreditation process. 

At Qlic IT, we’ve helped hundreds of not-for-profits across the UK take control of their cyber security. If you’d like advice, training, or support tailored to your charity, get in touch with our team.