There is an assumption that cybercrime is not an issue for smaller organisations, that it only affects the big businesses like Talk Talk and the NHS. What actually happens is that the incidents with smaller companies just do not make the news, cybercrime is a massive issue for all organisations.
Charities and non-profit organisations are also at risk, despite the regular assumptions that they are not targets for criminal activity. Charity organisations can hold a lot of data that is considered valuable and therefore this makes them vulnerable.
After the NHS ‘WannaCry’ incident in May, the Charity Commission issued a warning to charities that they could be at risk of a ransomware attack. The Head of Investigations and Enforcement at the Charity Commission stated that a charity’s assets and good reputation are at risk due to cybercrime. As well as their reputations, charity and non-profit organisations that do not take their cyber security seriously are putting their data and finances at risk.
Today’s charities are operating in a highly digital space, with the benefits of Cloud technologies and social media allowing them to achieve more every day. However, charities need to understand that they also need to put precautions in place to protect them in that digital space.
How does cybercrime affect charities?
The first instance in which a cyber security risk could detriment a charity is through the loss of data. For example, if a charity was to suffer from a virus or a ransomware attack they could find themselves without the data needed to operate. Imagine if your website was taken down and you could no longer receive donations, how would that affect your organisation? Imagine if you could not access your patient records, how would you be able to provide the care that is needed? The other aspect to consider here is the sensitivity of the data you hold and the consequences if it entered the public domain.
Another way in which a cyber security attack could affect your charity organisation is through your finances. Whether you have lost a sum of money through a phishing scam or through a fine from the Information Commissioner’s Office for a data breach, you will have needed that money to operate and be able to achieve your strategy. You may even no longer be able to pay a member of staff or your bills.
Cyber security attacks can also call your reputation into question. Charities can hold a lot of sensitive data and if it was to be breached then your brand may no longer be trustworthy. Would people still donate to you if they were concerned their credit card details may be exposed? It takes a long time to build a trustworthy reputation and seconds for it to crumble.
Senior management of charity and non-profit organisations need to be aware of the risk that cybercrime can pose to their operations. Making sure that you have all the precautions in place can help to mitigate an attack or overcome one. Our Cyber Security Protection Guidelines for Charities is full of information that can help you to take the appropriate steps. Click here to download our playbook.