Cyber security is important because our devices have become essential to our ability to deliver services, raise funds, and continue daily operations. Any act that prevents our ability to use devices poses a serious threat to our organisations. And cyber crime is certainly a threat.
Let’s look at some of the statistics. Consider, for example, that according to the Charity Digital and National Cyber Security Centre (NCSC) report, The state of cyber security in the UK charity sector:
The above shows that charities are broadly aware of the threat of attack, but seemingly do very little to prevent that threat. There is an awareness of cyber crime, but few charities taking it as seriously as they should. That is a problem, one that is particularly widespread in the charity sector.
The reality is that cyber attacks can be devastating. Below we look at three of the main consequences of a cyber attack, highlighting exactly why your organisation needs to adopt robust cyber security.
Cyber attacks can compromise the data of service users, volunteers, supporters, donors, and other stakeholders. That is particularly harmful to the reputation of charities, largely because charities operate on trust. The loss of trust can result in fewer donations, skepticism from service users, less volunteers, and a broad unwillingness to engage with your charity.
Customers will be angry, distressed, and upset if their data has been stolen, perhaps leaving them to cut ties with your charity, tell family and friends, perhaps report it to newspapers, or share on social media. Employees may lose faith in their organisation, if their data is breached. And service users may feel unsure about using the charity, given the organisation’s failure to protect privacy.
In short, charities need robust cyber security to protect their reputation. They need to ensure that all stakeholders and users feel safe working with them, and can trust that their data is secure.
The cyber security market has grown in recent years, largely because of the monetary impact of cyber crime. Charities continue to fall victim to cyber attacks, partly because they believe it will not happen to them, partly because criminals know they are not well protected, and partly because charities have a much harder time justifying the expenditure on cyber security products.
But the expense is justified, because cyber attacks themselves are very expensive. The average cost of a data breach in 2021 was about £4.24 million, according to IBM’s Cost of a Data Breach report. The costs come in many forms, but theft of financial information, disruption to daily operations, loss of funds and donations, and asking for ransoms are common tactics.
Small charities need to be particularly aware of the monetary costs. Cyber crime disproportionately hits small organisations. The financial impact to large companies may be huge but based on scale the implications are relatively minimal. Small charities, on the other hand, face an existential threat due to cyber security, so they need to ensure they are very well protected.
Finally, it’s worth mentioning the legal consequences, which often follow in addition to all of the above. Data protection and privacy laws require organisations to secure personal data. That could be the data of your employees, service users, donors, or any other person related to your organisation.
If your organisation’s data is compromised and you have failed to employ effective cyber security measures, you may face fines or sanctions, depending on the jurisdiction. In short, you may lose money through the cyber breach, you may face organisational disruption and reputational damage, you may lose your user data, and then face fines on top of all of the above.
For more on the charity sector’s relationship with cyber security, check out our podcast HERE
)Access all our articles and search the provider directory for free.