Free download: Cyber security in the UK charity sector

Earlier in 2021, Charity Digital released an episode of our podcast titled ‘Why don’t charities care about cyber security?’. Now, as we approach 2022, we can say firmly that they do.  

How do we know? Because you told us so in our survey, The state of cyber security in the UK charity sector. 

The survey, in partnership with the National Cyber Security Centre, found that 98% of charities believe cyber security is either important or very important to them. Half of respondents also believe they are very likely or likely to suffer a cyber attack, meaning that cyber security is very much on the sector’s agenda – though perhaps not high enough. 

Indeed, cyber security was ranked as the third biggest priority for charities after service delivery and fundraising. For chief executives, it was prioritised less. This is despite two thirds of charities believing that a cyber attack would be likely or very likely to affect the way they operate (i.e., their ability to deliver services and fundraise). 

It’s all linked – cyber security should be no afterthought, rather built into every aspect of our organisations.  

The wealth of data that charities hold and the limited resources they have available to protect it have always put charities at risk from cyber threats. But the pandemic has only intensified matters. 

A significant number of survey respondents reported that a noticeable increase in breaches during the pandemic had led to them changing their attitude towards cyber security as a result. 

However, two key trends stood out from the report. Firstly, larger charities are more advanced in their cyber security and how they protect themselves online compared to small and micro charities. On almost every question, smaller charities were likely to have less resources, less expertise, and less protection. The bigger the charity, the more comprehensive their cyber security appeared to be.