The UK’s National Council for Voluntary Organisations (NCVO) has warned charities to be wary of scammers, Charity Digital News reports. The NCVO’s Road Ahead 2020 report outlines trends that are relevant to the charity sector for the coming year. One of the trends it foresees is an increase in advanced social engineering attacks.
“Cybercrime will continue to be a huge risk and email fraud is predicted to become even more sophisticated,” the report states. “In order to protect their valuable funds, assets and good reputation, it will be crucial for charities to have greater awareness of cyber-attacks and put a range of security measures in place.”
The security measures highlighted by the report include maintaining up-to-date software, implementing sufficient anti-malware tools, following proper password policies, and providing staff training. The NCVO points out that phishing is the most frequent attack vector, but most charities haven’t trained their employees to thwart these attacks.
“According to a survey from the Department for Digital, Culture, Media and Sport (DCMS), one in five charities experienced a data breach or cyber-attack in 2018, with phishing emails being the most common attack reported,” the report says. “Unsurprisingly, a majority of charities reported cybersecurity as a priority (75%), however only a few had provided training or invested in cybersecurity.”
The report emphasizes that these security measures are growing increasingly important as charities become more digital. Employees need to understand that the more technology their organization uses, the larger their attack surface is.
“For charity leaders it is important to understand how digital is changing the needs, behaviours and expectations of their users and supporters,” the NCVO states. ”Keeping up to date with new technologies and developments on the horizon is as important as thinking about what has to be in place first.
While technologies and attack techniques are constantly changing, the human element remains the same. New-school security awareness training can create a culture of security within your organization by giving your employees practical knowledge of social engineering threats.
Charity Digital News has the story: https://www.charitydigitalnews.co.uk/2020/01/27/cyber-attack-warning-issued-to-charities-by-ncvo/