According to the latest Government research charities are lagging behind their private and public sector counterparts when it comes to understanding cyber security.
The Department for Digital, Culture, Media and Sport Report (2022) into Cyber security skills in the UK labour market included input from a range of cyber security managers representing charities, businesses and public sector organisations. But just 62% of charity tech leads believe their senior managers understand cyber security risks, compared to 79% among public sector bosses and 81% of business sector leaders.
Areas that charities should consider for improvement include:
TRAINING: ensuring all staff, volunteers, and trustees have training in cyber security and the skills to deal with incidents
REPORTING BREACHES: Improving awareness is vital in emphasising the importance of reporting breaches to the relevant authorities, including regulators and the police. Action Fraud, the police’s 24/7 National Fraud and Cyber Crime Reporting Centre, is the key organisation to report a cyber security breach to. More information on reporting a breach can be found here.
PREVENTION: Prevention is always better than cure. Systems and staff should be up kept up to date and include basic skills such as detecting and removing malware. According to the DCMS study, the charity sector is also lagging in terms of having the skills to store data securely, restrict software, set up automatic security updates, and control who has administration rights.
The NEBRC offers a range of support including experts and ‘ethical hackers’ to help businesses, including charities, to improve their cyber security. The NEBRC teams can help to plan and improve your cyber security response. Get in touch today for free, impartial, advice.