Cyber security in the third sector

According to the Department for Digital, Culture, Media and Sport, 26% of charities faced a security breach in 2020, with high-income charities being the hardest hit at 51%.

Throughout the pandemic, huge numbers of charity workers switched to home working but with more employees signing into systems remotely the risk of being a victim increases.

While smaller charities may feel they will go under the radar, that’s not the case. According to the National Cyber Security Centre (NCSC), 38% of UK micro and small organisations experienced a cyber security breach in 2020. And, of those who lost data or assets, the average loss was £8,170 – no small sum for the size of organisations affected.

Many smaller charities and organisations tend not to have an IT department, let alone in-house support so, in May this year, the NCSC launched a new online learning programme specifically for small businesses and charities.

The accessible training programme aims to help charities reduce the likelihood of being victim of a cyber attack. The training can be easily rolled out for colleagues to work through, or if your charity has its own training platform, the programme can be integrated, and content tweaked to suit your audience.

Colleagues will learn about: backing up data; protection against malware; securing devices used by employees; creating strong passwords; and how to defend against phishing. It only takes around 30 minutes to complete, so is a simple way to get all staff, including volunteers, on the ball when it comes to cyber security.

A cyber-attack can be crippling, with a loss of reputation, revenue, and continuity – let alone the financial costs of recovery.

To discuss cyber security measures for your charity, contact the NEBRC team at for help and advice.