Cyber security will continue to remain a biggest concern even in 2021 and thereafter after 2020. Cyber attacks are no longer limited to just big corporations, SMEs, or financial institutions. We hear news of hackers targeting nonprofits almost everyday across the world.
Due to Covid-19, nonprofits / charities were forced to ask their workforce to work remotely due to which they were not able to contribute towards their mission. Also, they need to cancel / postpone their programs along with their inability to adapt to this crisis because of technology limitations.
With increased numbers of cyber attacks on nonprofits/charities making their situation worse? It's largely because most of the nonprofit or charity organisations don't have a well-defined cybersecurity policy in place to mitigate the risk of cyber attack.
Below are some alarming statistics around UK charity / nonprofit cybersecurity during the Covid-19 pandemic:
A third of charities have suffered a cyber-attack during the coronavirus pandemic as per research study conducted by Ecclesiastical Insurance.
51% of charity organisations with an annual income of more than £500,000 had suffered a cyber breach or attack in the past 12 months as per The Cyber Security Breaches Survey 2021, published by the Department for Digital, Culture, Media and Sport (DCMS).
Spear Phishing (7%)
Among the charities that identify breaches or attacks, found that 18% ended up losing money, data or other assets
The Charity Commission revealed that fraudsters have stolen over £3.5m from charities during the pandemic
Almost half (45%) have not taken any steps at all to increase protection for staff working from home, prompting concerns that charities are not taking the threat of cyber fraud seriously.
As per YouGov survey, two-thirds of charities moved to remote working during the pandemic.
Hence, it becomes vital for every charity / nonprofit to take required preventative cyber security measures, make an investment in cyber protection software and develop a solid cyber attack incident response plan.