Webinar: Beyond Cyber Essentials for charities

Arunava Banerjee, cyber risk consultant at Zurich shared his insights in a webinar run with NCVO. It was set up to help charities understand cyber security and steps they should take to protect their organisations, as cyber risk becomes an increasing concern for charities.

Losing access to technology, having funds stolen or suffering a data breach through a cyber attack can be devastating, both financially and reputationally. Yet many charities do not take enough action to manage this risk.

Here’s a summary of what was covered.

Arunava said: “In 2019, the Department for Digital, Culture, Media and Sport (DCMS) reported that over 44% of charities aren’t protecting themselves from cyber attacks as they don’t see themselves as being at risk (see DCMS Cyber Security Breaches Survey 2019 (PDF). Yet according to the DCMC Cyber Security Breach Survey 2020 (PDF), this year, 26% of charities reported a cyber breach. The report also found that only 13% of charities are aware of Cyber Essentials and only 16% have heard of the small charity guide.”

Arunava produced nine questions to help you review your attitude and actions towards cyber security to help protect your organisation.

1. Are you giving enough attention to identify cyber risks for your charity?
2. Are you aware of all the key dependencies on your supply chain and their cyber maturity?
3. Are you aware of HM Government’s Cyber Essential Certification?
4. Were you aware of the free cyber insurance option with CE Certification?
5. What are the top three systems which can be considered as your crown jewels?
6. Are your users aware of what to do if they send an email with sensitive information to a wrong recipient by mistake?
7. How many members of your supply chain have Cyber Essentials or similar cyber certification?
8. Do you know whom to get in touch with if tomorrow you face a ransomware attack?
9. Is cyber high priority for your senior management / trustees?

Further reading

• A step-by-step guide to cyber security for public and voluntary sector organisations.
• Small charity guide to cyber security – NCSC.
• Cyber Essentials – NCSC.
• Over a quarter of charities experienced cyber attacks last year – Civil Society.

• Share this article by email