Cyber Security for Charities
How do we support Charities?
The North West Cyber Resilience Centre understands the challenges facing charities and during this time, we're on hand to support you with the latest guidance below.
Charities by their very nature, hold a huge amount of information that is attractive to hackers. The information held by charities often includes personal, sensitive, and financial data that when in the hands of a cybercriminal can be sold, held at ransom, or used to steal funds.
The Cyber Security Breaches Survey for 2022 revealed that Phishing is the most identified cyber-attack against charities. Among the 30% identifying any breaches or attacks, 87% had phishing attacks, 26% were impersonated and 44% of charities say they were attacked once a month.
With more charities having a hybrid workforce, it's important that your staff are aware of the risks when working remotely.
If you would like to stay up to date on the latest threats, please sign up for our free membership.
What Threats do Charities Face?
Charities are outward-facing and there is a culture of trust in the industry
Cybercrime malware campaigns often rely on social engineering techniques, they try and deceive employees into clicking on malware-infected links. Emails will look authentic and have been tailored to their targets. Phishing emails often try to get their targets to visit compromised websites and input personal or financial details.
Cyber-enabled fraud can trick charity employees in transferring money
Criminals are looking to compromise email accounts through your senior executives, finance or legal personnel. Spoof emails are sent to try to catch unsuspecting employees off guard who have the financial authority to carry out money transfers that are then diverted to the criminals’ accounts.
What are the Benefits for Charities that work with the Cyber Resilience Centre?
As well as a number of free resources, we provide a range of affordable, professional cyber security services that help you assess, build and manage your firm's cyber security capabilities, build confidence in your staff, understand your vulnerabilities and secure your business.
As a charity, you will regularly store, manage, and oversee valuable data from your staff, trustees and donors. You’re entrusted with payment data, so you need to be aware of the latest cyber-related risks and cyber-attacks.
Secure your Digital Footprint
We can perform a comprehensive review of publicly available information about your charity. This can help you learn what is being said about you, what account details or passwords have been leaked or if there are any damaging news stories or social media posts.
It's important you test your IT system configuration with a vulnerability assessment, this assessment uses the same techniques used by hackers to ensure your company is not wide open to a cyber attack.
We have designed a Cyber Health Check to provide accountancy businesses with a summary of their cyber risks through a self-assessment questionnaire and police-certified recommendations report and action plan.
Do you have a Cyber Incident Response Plan?
We have created a Cyber Incident Response Pack, which contains documents to help support your organisation's plan for its response to a cyber incident.
These documents are designed to complement any existing plans or assist you in creating one.
The Incident Response Pack includes:
-
Incident Guide Introduction
-
Prepare Your Business Checklist
-
Emergency Contact List Template
-
Incident Response Communications
-
Legal Implications of a Cyber Incident
