We’re trying to cure cancer, why would anyone attack us?

Kate Sinnott is the Head of Charity and Public Engagement at the National Cyber Security Centre. Kate leads a team dedicated to helping UK charities and the public be less vulnerable and more resilient to cyber attack, empowering them to stay secure online. Previously Kate was Head of Partnerships at the National Crime Agency, leading a team working with global technology companies and children’s charities to protect young people from online exploitation. Kate began her career in local government, working on the ground with charities and community groups on a range of local projects.

You heard on the news this morning about another big cybercrime attack. Everyone has been advised to change their passwords and update their software.

But no worries, because charities don’t get targeted by criminals, do they? After all, you do such good work. And besides, you have a million and one things on your ‘to-do’ list today, and there is no way you have the time to make all the changes that have been suggested.

Well, I’m afraid to say that charities are absolutely not immune to cybercrime – quite the opposite in fact. Charities and voluntary organisations of all sizes are falling victim to a range of attacks (in exactly the same way as businesses and the public are), and the consequences can be devastating.

Furthermore, charities have additional vulnerabilities to certain types of cybercrime due to the trusting nature of the sector. For example, charity staff may be more susceptible to being socially engineered into clicking on ‘dodgy’ links within an email, which can then infect the computer with a virus.

Regardless of the size and nature of your charity or voluntary organisation, you will hold information that is of value to a criminal. Also, you will all hold funds – however small – and any loss of money could be very damaging. Not only will it affect your ability to deliver your work, but it may also affect your funders’ trust in your ability to manage their money and their details securely.

Many charities also hold sensitive information about their beneficiaries that could be useful to someone with malicious intent, such as the ex-partner of a domestic violence victim who’s trying to track them down. Or just imagine coming into the office one day, switching on your computer and there’s a message saying you can’t access any of your systems until you pay a ransom. If this lockout continued for days (or even weeks), could your charity survive?

This may all sound quite alarming, but there’s no need to be panic. The National Cyber Security Centre has created a Cyber Security: Small Charity Guide, which contains simple and free (or low cost) steps that will help protect your organisation from the most common types of cybercrime. The advice contains five areas for charities and voluntary organisations of any size to focus on; and best of all they’re quick to implement, so it won’t eat into your precious time.

We really hope you find this guide easy to use and would welcome any feedback to help us continue to ensure we are providing you with actionable advice.

To download the guide please visit www.ncsc.gov.uk/charity

Kate S

Head of Charity and Public Engagement

This entry was posted in Practical support. Bookmark the permalink.

Comments are closed.