Cyber Security & Information Governance
Cyber Security is a key risk for organisations of all sizes. NICVA is developing a range of measures to support voluntary and community organisations that want to improve their cyber security capability.
Cyber Security & Charities
Cyber security is the means by which individuals and organisations reduce the risk of becoming victims of cyber attack. Protecting data, systems and finances is important for everyone.
Charities, voluntary, community and social enterprise organisations often hold sensitive data and rely on technology to provide support and services.
Organisations of all sizes are vulnerable to user accounts and systems being compromised which can lead to serious incidents such as data breaches and ransomware attacks.
Small volunteer led community organisations are just as vulnerable as major charitable organisations and should ensure that good basic cyber security practice is followed.
There is also a growing expectation that organisations can assure partners and stakeholders that adequate cyber security measures are in place. Attackers can use weak points in a service supply chain to gain a foothold that allows them to move towards key targets.
Board responsibility and organisation culture
Good cyber security is central to an organisation's health and resilience, and this places it firmly within the responsibility of the Board.
The board/trustees should work with senior management to identify risks and protection measures to put in place. Organisational polices are important but should be reinforced with a culture where everyone is encouraged to be curious and vigilant with cyber practice.
People should be encouraged to report suspicious issues regardless of pressures of work and deadlines. Taking time to flag an issue before it turns into a serious incident – prevention rather than cure.
What can you do
Cyber security is a risk for organisations and a governance issue - it’s not just for the techies / IT. Most organisations will have data protection policies and procedures in place along with risk assessment processes. It can be helpful to integrate cyber security risk management into existing processes.
The National Cyber Security Centre (NCSC) distils knowledge and practical advice for organisations and individuals that can help to shape your next steps. The NI Cyber Security Centre provides local engagement, advice and support.
The Cyber Security: Small Charity Guide will help to significantly increase your protection from the most common types of cyber-crime.
Use the Board Toolkit to help frame discussions about cyber security and inform discussion between the Board and any technology support / suppliers. The toolkit includes an introduction to Cyber Security and legal and regulatory aspects of cyber security Check out five resources for building cyber security in small organisations.
Book a Cyber Security one hour clinic to discuss appropriate next steps for your organisation
Encourage your staff and volunteers to take the free NCSC 30 minute online training course
Consider the Cyber Essentials accreditation framework to benchmark your organisation and provides assurance to your partners
Engage with the NI Cyber Security Centre
Belfast Met are providing an opportunity for voluntary, community, charities and social enterprises to attend a five day Cisco Cybersecurity Essentials accredited course delivered online.
Book a free one-hour cyber security clinic appointment to work out appropriate next steps for your organisation to improve its cyber security practice.
October is Cyber Security Awareness Month and an opportunity for individuals and organisations to improve their cyber security knowledge, understand the online threats they face and the steps that can be taken to reduce risks.