A new report suggests that a number of not-for-profit organisations are at risk of cybercrime due to their lack of digital skills.
According to a recent threat assessment carried out by the National Cyber Security Centre (NCSC), a significant proportion of UK charities are unprepared for data breaches – and many do not understand the importance of the upcoming General Data Protection Regulation (GDPR) in terms of attempting to curb cybercrime.
The NCSC, which is part of the UK’s Government Communication Headquarters (GCHQ), said that many charities lacked proficiency when it came to digital skills and had a long way to go ahead of the GDPR’s introduction on 25 May.
Once it takes effect, the GDPR will phase in a number of changes to the ways in which organisations – including charities – can collect, store and process data.
The new legislation will also bring with it hefty fines for any organisations that are not fully compliant, or suffer a serious data breach.
Ahead of the GDPR’s introduction, the NCSC is warning that the charity sector is particularly vulnerable to cyber attacks and needs to improve cyber security sooner rather than later.
It has said that criminals pose “the biggest cyber threat to the charity sector,” due to the fact that many charities are ill-prepared for ransomware attacks, phishing hacks and more – as they may not have invested as much money in their cyber security systems as larger corporations and private sector businesses.
The comments come shortly after the NCSC published a guide to cyber security aimed specifically at smaller charities, which it believes are most likely to struggle with coming to terms with cyber security and the GDPR.
The guide, which was published at the beginning of this month, can be accessed here.