How to protect your charity from cyber attacks

Author's position
RVA Advice Service Manager
Article date
9 December 2020
Primary interest
Voluntary sector

As we approach the holiday season, it is completely natural that staff and volunteers may be feeling tired and juggling end of year duties. It may be far from our minds, but it is also worth remembering that charities are still vulnerable to cyber attacks, especially at this time, and to be extra vigilant about any unusual request for personal data or financial transactions requested via email correspondence. If in doubt, always check with individuals through separate channels, such as calling the person on a number you already have for them to check the validity. It is an unfortunate reality of our times but this is very much a real threat to small charities, including local charities. This article provides some useful resources on how best to protect your charity.

The National Cyber Security Centre (NCSC) have identified the key threats that cyber criminals pose to small charities, as they are aware that they hold funds as well as data about their beneficiaries and donors.

This article from Charity Digital summarises the key risks for small charities and the types of attack that could take place, such as:

  • Extortion and ransomware
  • Business email attacks
  • Fake organisations and websites

In its guidance for small charities, NCSC explains how to mitigate against the risk of attack and simple things you can easily put in place, such as:

  • Backing up your data
  • Protecting your charity from malware
  • Keeping smartphones and tablets safe
  • Using passwords to protect data
  • How to avoid phishing attacks

If you are looking for further training and resources, take a look at the following:

Here is a helpful infographic summary from NCSC: