It is being reported that 81% of non-profit organisations have changed how they use digital technology as a direct result of the pandemic. From processing online donations, providing services digitally or simply using social media, many charities have made massive transformations in their digital output.
Over half of charities have no digital strategy to speak of, while two thirds of them have increased their risk by operating more remotely.
Charities can be hit by cyber-attacks almost as often as a commercial business. The Cyber Security Breaches Survey 2021 states: 26% of charities had reported experiencing a cyber attack during the previous six months.
It has been a consequence of the digital revolution over the last 18 months that charities have adopted this new way of working – but this makes it vital that they start to address the potential of future online threats.
Blissfully unaware.
A big problem charities have is the age of their IT systems. They are often much older than in other businesses and, in the main, they are not aware of this issue. The Charity Commission Annual Report 2019-2020 highlighted the fact there is an enormous gap between what charities had put in place and what they actually needed in place. About 85% believed they had sufficient measures in place but around half did not and were quite vulnerable to cyber attack.
Building trust is crucial.
Charities are so much more than a business striving for profit. They represent help, support and trust. When a big business suffers from a cyber attack it affects them financially. With a charity it affects trust in them to hold sensitive and confidential data. Charities hold names, phone numbers, credit card details and even tax records. These are gold for cyber attackers who can quickly sell the information on. It is imperative for charities to be aware of this and protect their loyal customers.
According to the 2021 Charity Commission report, public trust actually rose for charities during the pandemic. This is understandable as, in times of hardship and fear, people very much look to charities for help and support – they are relied on heavily – but this can easily be damaged by cyber attacks and data breach.
The new risk of remote working.
With remote working comes increased use of technology and cloud based platforms. A massive 82% of charities have doubled the use of personal devices during the pandemic. They rely on them much more so than businesses and yet are more likely not to have cyber security in place.
A large number of charities use cloud services as they are so useful to deliver services remotely. It is very attractive to them especially if they are lacking in IT expertise, to manage their own cyber security.
This presents many concerns however. The main one being – is it set up securely within the organisation?
Trust
It’s not just about reputation. It’s about duty of care – a charity is a key member of a community and therefore carries a level of responsibility and care for that community. The Charity Commission 2021 research showed that trustees understand this and are fully on board with the collective responsibility for their sector’s reputation.
We now have a situation where the importance of digital systems, cyber security and trust are a collective necessity for organisations. They can easily demonstrate their commitment to this by how much they value their customer data.
Look out for charity cyber security awareness week on 8th November. IASME in partnership with selected Certification Bodies around the UK will be offering support and guidance as well as a discount to the price of certification to help charities gain Cyber Essentials.