Cyber crime posed a threat to charities of all sizes in 2019. Charities can often find themselves in the cross-hairs of cyber criminals, with 25% reporting at least one attack during a twelve-month period, according to the government’s Cyber Security Breaches Survey 2019. This may well be because charities are viewed as easy targets for cyber criminals – 44% of charities are not protecting themselves from cyber-attacks as many charity leaders don’t see the risks.
Charity leaders have a responsibility to protect their organisation’s interests, as well as any potentially sensitive organisational or supporter/beneficiary data. While by no means exhaustive, our 2020 cyber security checklist offers a few starting points to get you thinking about how to approach cyber security in 2020.
1.) Prepare for new cyber threats
Cyber threats are getting more sophisticated – and weirder. The continued expansion of the Internet of Things will mean that cyber security professionals will be responsible for protecting a far greater number of devices and applications – that’s quite a change for teams that have been used to protecting just PCs and servers, who now have to worry about all manner of smart devices.
The gradual rise of 5G brings a new set of threats, and is going to make this a more difficult problem to solve because of the potential geographical distance between these devices and servers.
2.) Ransomware will continue to be a threat
Ransomware is a type of malware that infiltrates a system and locks down databases. Data is sequestered and a ransom is demanded by criminals in order to restore access to the system. This can grind organisations to a halt, and charities were targeted in 2019.
Going into 2020 we are seeing the emergence of a new trend. Rather than simply demanding a ransom, cyber criminals may now start copying sensitive corporate data to sell it or extort even more money from companies by threatening to publish it.
3.) Keep devices and anti-virus software up-to-date
Out of date tech can make your organisation a target for cyber criminals. It can be easy to overlook ageing tech when you have a number of other, competing priorities. But it’s important to keep your organisation’s systems and devices safe.
4.) Consider your mobile security.
The use of mobile devices can enable you to gain flexibility by allowing your employees to work remotely and/or from multiple devices – and you don’t have to sacrifice security in order to benefit! Mobile Device Management gives you control over all of your devices – not only for business protection but for the protection of your staff as well.
Mobile devices are prized for their convenience, but they are also easily lost or stolen. Therefore, sensitive data either stored on or accessible from these devices is vulnerable. Enterprise Mobility Management software prevents unauthorised access to apps or corporate data on mobile devices. This can be through password protection, encryption, or even remote locking, blocking, and wiping of lost or stolen handsets to protect sensitive organisational or personal data. This allows an admin to delete all data from a misplaced device.
5.) Check your cloud security
The use of cloud-based technology makes fiscal sense for many charities with digital services, websites or infrastructure. But for organisations that handle sensitive supporter and beneficiary data, security should be your first priority.
Cloud storage is generally safer than storing data locally, due to the strict standards that major cloud providers are held to in order to be able to operate. However, there are still a few checks you can perform to ensure your data is secure: