Charities are just as susceptible to online attacks as businesses and must do more to protect themselves from threats, a new Government report has found.
The research, Cyber Security in Charities, published by the Department for Digital, Culture, Media & Sport, involved 30 in-depth interviews with a range of charities by Ipsos MORI as part of the National Cyber Security Programme.
It found that charities are just as susceptible to online attacks as businesses, with many staff not well informed about the topic and awareness and knowledge varying considerably across different charities. Other findings show those in charge of online security, especially in smaller charities, are often not proactively seeking information and relying on outsourced IT providers to deal with threats.
Where charities recognised the importance of online security, this was often due to holding personal data on donors or service users, or having trustees and staff with private sector experience of the issue. Charities also recognised those responsible for online security need new skills and general awareness among staff needs to raise.
Helen Stephenson CBE, Chief Executive at the Charity Commission for England and Wales, said:
“Charities have lots of competing priorities but the potential damage of a cyber attack is too serious to ignore. It can result in the loss of funds or sensitive data, affect a charity’s ability to help those in need, and damage its precious reputation. Charities need to do more to educate their staff about this threat and ensure they dedicate enough time and resources to improving cyber security.
“We want to make sure charities are equipped to do this, and we encourage them to use the advice on our Charities Against Fraud website. We also continue to work closely with the Department for Digital, Culture, Media and Sport to help charities protect themselves online.”
This year’s high profile WannaCry ransomware attack affected businesses worldwide, and at least three hospices in the UK have been reported as having fallen victim to online thefts so far during 2017. Back in May, Dorothy House Hospice Care had £130,000 stolen from its bank account through an online attack, while in July Bury Hospice lost £235,000 through online fraud, and at the beginning of August, Highland Hospice was reported to have lost £500,000.
Get free email updates
Keep up to date with fundraising news, ideas and inspiration with a weekly or daily email. [Privacy]