Research into fraud in the charity sector has found many charities are leaving themselves vulnerable to cyber-attacks. The results suggest nearly half of the 3300 charities surveyed do not have sufficient protection in place, with smaller charities being less aware of the risks. Out of those organisations that had been a victim of cybercrime, 32% did not report the incident to any external body such as the Police.
The Charity Commission advises that charities should take a pro-active approach to this issue and implement systems of detection and prevention. If a cyber-attack does occur, charities should be open and transparent, and report it to the relevant organisations.
The National Cyber Security Centre (NCSC) has produced a cybersecurity guide for small charities which can be found here, including advice on backing up data, protection against malware and phishing, and password management.