Cyber Security for Charities in an Ever-Changing Landscape

In our increasingly digital world, the work of charitable organisations often relies on the safe storage and handling of sensitive information. As more and more charities transition to digital platforms for fundraising and outreach, the importance of robust cyber security measures and Cyber Liability Insurance cannot be overstated.

In this blog, we’ll explore the Cyber Security Breaches Survey 2023 and how the cyber security landscape is evolving within the charity sector.

The Prevalence of Cyber Crime

Data shows that 8% of charities experienced cyber crime in the last 12 months. Among the charities identifying any cyber security breaches or attacks, around 32% ended up being victims of cyber crime. Additionally, a small percentage experienced fraud as a result of cyber crime. The financial implications of these incidents are significant.

The impact of cyber crime on charities

Statistics tell us that 24% of charities recall experiencing breaches or attacks in the last 12 months. While these percentages may seem smaller compared to businesses, it’s essential to remember that the impact of a single breach can be financially devastating. This is much higher for medium businesses (59%), large businesses (69%) and high-income charities with £500,000 or more in annual income (56%). Among charities that do experience breaches or attacks, the most disruptive breach from the last 12 months cost approximately £530 on average, plus the damaging impact from reputational loss which is of course immeasurable.

The Changing Face of Cyber Threats

Cyber security breaches and attacks have become common threats across the board. However, it’s concerning to note that smaller charitable organisations identify these threats less frequently than in previous years. The reasons are multifaceted, but it seems that senior managers in smaller charities might view cyber security as less of a priority in the current economic climate, leading to a decrease in monitoring and logging of breaches or attacks.

Cyber Hygiene: A Must for Charities

To defend against sophisticated cyber threats, government guidance recommends practicing “cyber hygiene.” This includes measures like updated malware protection, cloud backups, strong password policies, and network firewalls. Although the majority of charities have embraced these measures, there have been concerning declines in some areas of cyber hygiene, such as password policies and applying software security updates within 14 days. Take a look at our blog to find out 5 practical steps your charity can take to reduce cyber-attacks.

Managing Cyber Risks and Supply Chains

Charities must be vigilant about identifying and mitigating cyber risks. While larger businesses are more advanced in this regard, all charities must consider the potential risks associated with their
supply chains. Cyber security risk assessments and the deployment of security monitoring tools can significantly improve a charity’s resilience to cyber threats.

Board Engagement and Governance

Board engagement and governance are crucial elements of effective cyber security. Unfortunately, the data suggests that only 31% of charities have board members or trustees explicitly responsible for cyber security. This indicates a need for a more proactive approach within the charitable sector to ensure that cyber security is integrated into governance practices.

Incident Response: Preparedness Is Key

While preventive measures are vital, it’s equally crucial to have a well-defined incident response plan. Cyber incidents can happen to any charity, and knowing how to respond promptly and effectively is of the utmost importance. Communication between IT teams and the wider staff is key to bridging the gap in incident response.

In conclusion, charities play a crucial role in our society, and their work often relies on the secure handling of sensitive information. Cyber security is not an option; it’s a necessity. While the statistics may be disconcerting, they also serve as a wake-up call for charitable organisations to prioritise cyber security, adopt good cyber hygiene practices, and be prepared to respond effectively to cyber incidents. With the right measures in place, charities can continue their invaluable work while safeguarding their digital operations.

Protect your charity with specialist insurance

Despite the number and complexity of cyber attacks ever-increasing only a third of charities (33%) have taken out Charity Cyber Insurance.

Cyber attacks can prove costly and disruptive. A specialist cyber insurance policy can help give you the expert support you need if the worst happens. It won’t just cover your financial losses, it will also give you access to cyber security experts who can help to recover your systems and help you understand what caused the breach, so you’re protected in the future. It can also provide you with access to legal support.

As experienced Charity Insurance brokers, WRS Insurance Brokers can help you find the right Cyber Liability Insurance for your charity. Get in touch with our impartial team to discuss your organisation’s needs and request a quote. For more information call the team on 01206 760780.

WRS is part of the Benefact Group, a charity-owned, international family of financial services companies that gives all available profits to charity and good causes.