Back in March this year, our report on the threat to charities found that charities were falling victim to a range of cyber attacks, but within the sector itself, there was a lack of awareness about cyber security.
As a direct result, the NCSC and partners began a programme of education designed to put the charity sector on a much stronger footing in cyber space. This blog outlines the progress we've made in the last six months and points the way to the future.
Why is this necessary?
It seems strange to think that anyone would want to harm a charity. But, the simple fact is that cyber criminals don't discriminate between charity and commerce when there's money involved. And there's a surprising amount of money involved.
Charities and the voluntary sector made a net contribution of £12.2bn to the UK economy in 2017. All this whilst supporting and protecting the vulnerable and weak. This is a crucial element of our society, one we need to keep safe from harm.
Guidance for charities
In March, the NCSC launched the Cyber Security: Small Charity Guide. This offered charities a series of quick, simple and free or low cost steps they could take to protect their organisation from cyber attack, thereby saving reputation, funds and data from falling into the hands of criminals.
We know that charities, particularly smaller ones, are unlikely to turn to government for advice, preferring instead to seek advice from peers and the bodies who represent them.
That's why, alongside the launch of our guidance, we announced a partnership with The Foundation for Social Improvement (The FSI), a leading provider of training for small charities across the UK.
This partnership is delivering a mixture of face-to-face training sessions, presented by Police Cyber PROTECT Officers, alongside a series of blogs and webinars delivered by the NCSC’s Charity team.
Five simple steps
The Small Charity Training sessions teach five simple steps which charities can take to protect themselves:
- Back up your important data
- Protect your charity from malware
- Keep your smartphone and tablets safe
- Use passwords to protect your data
- Avoid phishing attacks
If you are a small charity (with income under £1.5 million per year) and would like to attend an upcoming training session, please visit www.thefsi.org for more information.
Six months on
In the past 6 months, our face-to-face training has reached over 1,000 small charities who are now aware of the risks posed to their organisation by cyber crime, and know how to take simple steps to make themselves more secure.
Events have taken place from Preston to Norwich, Bristol to Newcastle and many stops in between. We will be taking the training to Brighton, Sheffield, Lancaster, Nottingham, Southampton and York before the year is out, and more will follow in 2019. Keep an eye on www.thefsi.org for details.
We are also working with the National Association for Voluntary and Community Action and other partners to develop even more local training sessions across the country. Look out more info coming soon.
In addition, the NCSC Charity team has been working with partners in Scotland, Wales and Northern Ireland to make sure our guidance reaches every corner of the UK.
We have been delivering our training package at Scott Moncrieff's charity training days this week in Edinburgh (29th) and Glasgow (30th) to help Scottish charities better protect themselves.
If you'd like the Charity team to speak at a charity-focused event or conference, please get in touch with firstname.lastname@example.org.
Head of Charity and Public Engagement