Cyber Security for Charities

How do we support Charities?

The North West Cyber Resilience Centre understands the challenges facing charities and during this time, we're on hand to support you with the latest guidance below.

Charities by their very nature, hold a huge amount of information that is attractive to hackers. The information held by charities often includes personal, sensitive, and financial data that when in the hands of a cybercriminal can be sold, held at ransom, or used to steal funds.

The Cyber Security Breaches Survey for 2022 revealed that Phishing is the most identified cyber-attack against charities. Among the 30% identifying any breaches or attacks, 87% had phishing attacks, 26% were impersonated and 44% of charities say they were attacked once a month.

With more charities having a hybrid workforce, it's important that your staff are aware of the risks when working remotely.

If you would like to stay up to date on the latest threats, please sign up for our free membership.

Image by Glenn Carstens-Peters

What Threats do Charities Face?

Charities are outward-facing and there is a culture of trust in the industry

Cybercrime malware campaigns often rely on social engineering techniques, they try and deceive employees into clicking on malware-infected links. Emails will look authentic and have been tailored to their targets. Phishing emails often try to get their targets to visit compromised websites and input personal or financial details.

Cyber-enabled fraud can trick charity employees in transferring money

Criminals are looking to compromise email accounts through your senior executives, finance or legal personnel. Spoof emails are sent to try to catch unsuspecting employees off guard who have the financial authority to carry out money transfers that are then diverted to the criminals’ accounts.

What are the Benefits for Charities that work with the Cyber Resilience Centre?

As well as a number of free resources, we provide a range of affordable, professional cyber security services that help you assess, build and manage your firm's cyber security capabilities, build confidence in your staff, understand your vulnerabilities and secure your business.

Security Awareness Training

 

As a charity, you will regularly store, manage, and oversee valuable data from your staff, trustees and donors. You’re entrusted with payment data, so you need to be aware of the latest cyber-related risks and cyber-attacks.

Secure your Digital Footprint

We can perform a comprehensive review of publicly available information about your charity. This can help you learn what is being said about you, what account details or passwords have been leaked or if there are any damaging news stories or social media posts.

Vulnerability Assessments

 

It's important you test your IT system configuration with a vulnerability assessment, this assessment uses the same techniques used by hackers to ensure your company is not wide open to a cyber attack.

Cyber Health Check

We have designed a Cyber Health Check to provide accountancy businesses with a summary of their cyber risks through a self-assessment questionnaire and police-certified recommendations report and action plan.

Do you have a Cyber Incident Response Plan?

We have created a Cyber Incident Response Pack, which contains documents to help support your organisation's plan for its response to a cyber incident.

 

These documents are designed to complement any existing plans or assist you in creating one. 

The Incident Response Pack includes:

  • Incident Guide Introduction

  • Prepare Your Business Checklist

  • Emergency Contact List Template

  • Incident Response Communications

  • Legal Implications of a Cyber Incident

blog feat incident.png

Learn more from our Youtube Channel