19% of Charities face cyber attacks once a month
Figures from the Department for Digital, Culture, Media and Sport 2023 report showed that 24% of charities identified breaches or attacks in the last 12 months - 19% said they identify attacks once a month!
The Cyber Security Breaches Survey 2023, published by the Department for Digital, Culture, Media and Sport, found that phishing was the most common attack charities face (83% of charities saying they had identified phishing attacks).
The new report shows a much higher risk for high-income charities with £500,000 or more in annual income - with 56% saying they had been attacked in the last 12 months.
Just 27% of charities have completed a cyber risk assessment in the last 12 months, and only 17% of charities have trained staff in cyber security.
The report showed that 33% of charities said they are insured against cyber security risks, with just 11% of charities surveyed saying they had reviewed the risks posed by their immediate suppliers.
Talk to us about a Cyber Risk Exposure Assessment; it's closely linked to an industry-standard framework and methodology and assesses risks over three fundamental categories; Basic Controls, Foundational Controls, and Organisational Controls.
Of those charities that had suffered attacks, 11% said they had to deal with attacks on a weekly basis.
62% of charities say their trustees believe cyber security is a high priority; this is down from 72% in 2022. Just 31% of charities in the 2023 survey have board members or trustees responsible for cybersecurity.
The most common type of cyber attack on charities was phishing (84%, down from 87% in 2022); phishing involves attackers trying to con recipients into giving away personal details or passwords through emails and text messages.
When Charities face Cyber Attacks, they can face huge disruption, but the Cyber Resilience Centre can help!
We want to encourage charities to follow the free help and guidance we provide and sign up for our free membership. We have again updated our guidance to help charities boost their cyber resilience; this includes:
What threats do charities face?
How to secure a charity's digital footprint?
Take our Cyber Health Check
Read the latest Cyber Security news specific to charities
Just 55% of charities have a password policy; if you sign up to become a premium member of the Cyber Resilience Centre, we can provide you with cyber security policies & procedure templates. These policies will help you understand the processes in place to protect your company, staff, data and assets.
Your staff must be educated regularly in the changing cybersecurity landscape; the CSBS survey highlighted that just 17% of charities said they had trained staff on cybersecurity. Unprepared staff are at a heightened risk of being unaware when working from home, returning to the office or starting a new job.