The National Cyber Security Centre have launched ’Exercise in a Box.’ This free digital resource allows charities to test and strengthen their cyber security protocols, as well as allowing organisations to access relevant guidance from the NCSC.
Charity Sector Lead - Cub Llewelyn-Davies - from the National Cyber Security Centre outlines some of the cyber security challenges facing the charity sector, and how their new ’Exercise in a Box’ tool can help charities to test and strengthen their security resources.
A cyber attack warning has just been issued to charities by the NCVO.
The organisation’s annual Road Ahead 2020 report warns of the need to be vigilant to attacks from criminals and hackers, who care becoming more skilled at scamming charities.
“Cybercrime will continue to be a huge risk and email fraud is predicted to become even more sophisticated,” states the report. “In order to protect their valuable funds, assets and good reputation, it will be crucial for charities to have greater awareness of cyber-attacks and put a range of security measures in place.”
According to the government’s Cyber Security Breaches Survey 2019, 25% of charities reported at least one cyber attack during a twelve-month period. The good news for small charities is that there are a large number of cyber security tools that can reduce the risk of a successful cyber attack considerably, and many of these are available free or for a very small cost. Despite this, 44% of all charities don’t protect themselves with the right cyber security tools, as they don’t believe they are at risk.
As the dark days of January finally begin to fade, thoughts turn to the year ahead and the new challenges that lay in store for us all. Whilst many of us will have taken a well-deserved break over the festive period and come back afresh ready to face the year ahead, unfortunately, cyber criminals have also been busy and are similarly keen to get back to work. It’s therefore important to consider how prepared for a cyber attack your charity is.
Many charities have previously been put off assessing how prepared their organisation is, thinking it was too difficult, expensive or time-consuming to do or simply because it wasn’t clear how beneficial it could be.
Research conducted by National Cyber Security Centre (NCSC) however has demonstrated that one of the best ways to improve your cyber security is to undertake some reflective self-assessment and assess your comparative strengths and weaknesses. In short, flexing your cyber muscles in advance is the best way to prepare yourself to fend off future attacks and, in the event that you are attacked ensures you have practised your response plans.
That is why last year, NCSC launched an online tool called “Exercise in a Box” that is completely free to access, simple to use, and allows you to practice how you would respond to a range of cyber attacks. By using Exercise in a Box, you’ll find out how well prepared your organisation is, and where opportunities for improvements may lie. It will help you to:
The tool provides you with a final report with actions to follow up after the exercise and directs you to relevant guidance on the NCSC website to help you put in place improvements to your organisation’s cyber security.
The National Cyber Security Centre is the government agency responsible for cyber security in the UK. Its mission is to make the UK the safest place to live and work online.
They provide support to the most critical organisations in the UK, the wider public sector, industry, charities, SMEs as well as the general public. When incidents do occur, they provide effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future.