The rise in digital fundraising has made the personal data that charities hold more vulnerable to cyber attacks. By their nature, charities hold a range of sensitive and personal data because they’re often supporting some of the most vulnerable in our society, such as young people in care, as well as details of donors, staff and volunteers.
According to the Third Sector and National Cyber Security Centre (NCSC) 2022 data security survey with 296 charity professionals, the majority share personal data with other departments but 28% don’t always know who owns all the personal data in their team. More than 1 in 10 (13%) do not have common data processes in place with other departments in the organisation. And only 68% said they use a trusted and secure internet connection all the time when accessing personal data. While most charities have a communications, email and internet policy, less than a third (29%) review and update their password policies every six months.
In this video, part five in our extended eight-part series, the NCSC's deputy director explains:
- Why charities are particularly at risk when it comes to data security and why they need to take data protection measures even more seriously in the current cyber security landscape.
- Steps board members, trustees and individuals can take to protect data properly.
- Why building a strong cyber security culture is so important.
Free tools and resources
- The NCSC offers a range of cyber security advice and guidance for charities including this cyber security guide for boards.
- The NCSC has a free tool called Exercise in a Box, which takes you through a simulated attack and shows what the impact might be – not just on your services but your brand.
- Click here to sign up for the NCSC Early Warning service and receive alerts about potential security issues affecting your network.
This video was produced by Third Sector Insight in partnership with the National Cyber Security Centre.