Insights
INSIGHTS
All Topics
Five ways to boost your charity’s cyber security in 2022
16 Nov 2021by Paul Rubens
Cyber criminals are getting smarter. Here are five things your charity can do to help stay ahead of them
A small business or charity gets hacked every 19 seconds in the UK, according to Hiscox, and about 88% of all UK organisations suffered at least one security breach in the last 12 months.
These are chilling statistics, so what can your charity do to reduce the likelihood of falling victim to cyber criminals? The answer is simple: whatever cyber security precautions you are taking now, you could always do more to keep hackers at bay.
The good news is that security improvements needn’t cost the earth. Here are five simple things you can do that will significantly improve your charity’s defences against cyber criminals.
Treat security as an investment, not a problem
This may sound like a buzz phrase, but it’s actually sound advice. A cyber breach would likely be very expensive for your charity, so investing in security measures could save you a great deal of money.
That means it’s important to consider whether you are spending enough on cyber security measures, and how your security budget can best be allocated to have maximum impact – and therefore the biggest return on your cyber security investment.
Identify and protect your charity’s “crown jewels”
Your charity doubtless stores large amounts of data of different types, and some if it is more valuable to you (or more damaging to you if it is stolen) than other bits. Equally, some of your charity’s activities are more valuable than others (or more damaging to you if they can’t be carried out).
These are your charity’s crown jewels, and it is these that should be the focus of your attention when you consider the cyber security measures you should be taking.
When it comes to protecting your most valuable data, it may be appropriate to implement encryption, or to store it in secure storage systems – possibly located in the cloud.
Other possible measures include implementing an access management system to restrict the number of stuff members that can access data from your charity’s computer network, and ensuring that only those who need access to particular types of data can in fact access it.
Deal with you biggest weakness
Phishing is used in at least one third of all cyber attacks, according to Security Intelligence, and perhaps as many as one half. That means that beefing up your defences against phishing attacks will make your charity very much more secure from cyber attacks.
There are two ways to do this in practice.
The first is to ensure that your staff receive regular phishing awareness training to help them to spot fraudulent messages and understand the dangers of clicking on links or opening attachments that they are not expecting,
The second way is to run a simulated phishing program such as PhishMe, which involve sending harmless phishing emails to staff members to see who correctly identifies them and who clicks on the links they contain.
These sorts of programs raise awareness in phishing emails, and also allow your charity to provide more training to those who fail to identify the simulated phishing emails regularly.
Related Articles
Boost your ransomware protection
Ransomware continues to be a huge problem for charities and other organisations: in 2020, 56% of organisations experienced ransomware attacks, and 27% of those chose to pay their attackers a ransom of on average £800,000, according to the CrowdStrike Global Security Attitude Survey.
Your charity should already be running endpoint security software on all desktop and laptops computers as well as all of its servers, and this should provide some protection from ransomware.
But it is also worth considering specialist anti-ransomware software such as Check Point ZoneAlarm Anti-Ransomware, or ransomware recovery software such as NeuShield Data Sentinel.
Both can be used in addition to existing endpoint security software.
If your charity does fall victim to a ransomware attack then the ability to restore you data from backups quickly is vital. For that reason it also makes sense to check that your backups are working correctly and that you are backing up all the data that you cannot afford to lose.
You should also practice restoring data from backups, and upgrade your backup system or move to a cloud-based backup system if your current system does not provide adequate performance.
Ratchet up all your security measures
As new threats emerge and cyber criminals become more sophisticated, it is increasingly likely that your charity’s current security measures will fall short of what is required. That’s why it is important to ratchet up your cyber security measures regularly. Quick wins include:
- Adding two factor authentication (2FA) to all your accounts
- Implementing a mobile device management system to secure smartphones and other mobile devices that your charity staff use
- Increasing the password strength of all your accounts
- Requiring all remote staff to connect to your charity’s computer systems via a VPN if they are not already doing so
More on this topic
Recommended Products
19 Nov 2024by Ioan Marc Jones
Black Friday 2024: The cheapest new and refurbished hardware
13 Nov 2024by Laura Stanley
How to stay cyber secure with volunteersSponsored Article
08 Nov 2024by Laura Stanley
Artificial intelligence: Responsible use for charitiesSponsored Article
Our Events
Charity Digital Academy
Our courses aim, in just three hours, to enhance soft skills and hard skills, boost your knowledge of finance and artificial intelligence, and supercharge your digital capabilities. Check out some of the incredible options by clicking here.
© 2022 Charity Digital Trust. All rights reserved
