By Jack Charnley, policy advisor, cyber resilience, at the Department for Science, Innovation and Technology
A narrated version of this blog is available at the bottom of the page
In today’s digital age, technology has become an integral part of our lives, transforming the way we connect and communicate. For charities, this digital revolution has opened exciting new avenues to reach out to new donors, engage with supporters and deliver essential services more efficiently. However, these new opportunities also expose charities to the growing threat of cybercrime. And in an era where cyber-attacks are more and more sophisticated, charities must secure digital assets and protect sensitive data.
The UK government’s Cyber Essentials certification scheme is a powerful tool to do precisely that: fortify your organisation’s cyber security defences and make sure you can get the most out of your digital tools without falling into traps. Let’s explore what Cyber Essentials is and why becoming certified is a useful step for every charity.
What is Cyber Essentials?
Cyber Essentials is a government cyber security certification scheme that helps all organisations, including charities, to become more resilient against cyber attacks. Organisations put in place five key protective measures (such as antivirus software and firewalls) which shield them from the majority of common cyber attacks. It’s the ‘baseline’ of cyber security that all organisations should have in place as a bare minimum – the equivalent of locking your front door.
Cyber Essentials is designed to be accessible and achievable for charities of all sizes, regardless of their level of technical expertise.
Six reasons why charities should embrace Cyber Essentials certification
- Prevent disruption: cyber attacks can disrupt critical services, hindering your charity’s ability to fulfil its mission. Cyber Essentials provides a strong defence, ensuring smooth operations and continuity.
- Protect your funds: charities can lose large sums of money through attacks like ransomware and email compromise, affecting your activities and impact. Cyber Essentials makes this much less likely to happen.
- Protect your beneficiaries: charities handle sensitive data, often on behalf of vulnerable people. Cyber Essentials provides vital protection, ensuring that this data remains confidential and secure.
- Protect your donor relationships: your donors give not just to your cause but also in response to your organisation’s integrity. Demonstrating a commitment to cyber security through Cyber Essentials certification instils confidence and avoids the reputational damage that often comes with a cyber incident.
- Secure contract opportunities: Cyber Essentials is a compulsory requirement for most UK government contracts so becoming certified is a vital step towards accessing new opportunities for collaboration.
- Meet GDPR obligations: the UK’s data protection laws state that personal data must be “processed in a manner that ensures appropriate security…using appropriate technical or organisational measures”. Cyber Essentials helps you to meet these obligations.
To ensure the continuity of your mission and the trust of your supporters, embracing cyber security is an absolute must. As charity chief executives, the Cyber Essentials certification scheme empowers you to protect your digital assets, defend against cyber threats, and demonstrate your commitment to the safety and security of your beneficiaries and donors.
With the pace of development in cyber attack methods and the rise of untargeted, ‘random’ breaches, no charity is too small or insignificant – cyber criminals do not discriminate. By investing in Cyber Essentials now, you can fortify your charity and safeguard your mission.
Charities (with fewer than 50 employees) tackling domestic abuse can gain Cyber Essentials certification for free through the National Cyber Security Centre’s Funded Cyber Essentials Programme.
