This website uses cookies for anonymised analytics and for account authentication. See our privacy and cookies policies for more information.





The voice of Scotland’s vibrant voluntary sector

Published by Scottish Council for Voluntary Organisations

TFN is published by the Scottish Council for Voluntary Organisations, Mansfield Traquair Centre, 15 Mansfield Place, Edinburgh, EH3 6BB. The Scottish Council for Voluntary Organisations (SCVO) is a Scottish Charitable Incorporated Organisation. Registration number SC003558.

How prepared is your organisation to defend against a cyber-attack?

This opinion piece is over 2 years old
 

Sponsored content: how charities can be resilient against online threats

The Scottish Business Resilience Centre has been expertly delivering non-technical, cyber resilience training to public, private and third sector organisations for many years and has received a positive response.

With more third sector organisations coming forward and seeking help and guidance with planning for responses to data breaches, SBRC is calling out to all third sector organisations in Scotland to join our free, non-technical Exercise in a Box workshops, and prepare their respective organisations against possible cyber-attacks. 

Third sector organisations are important for a multitude of reasons. Most notably for how they support the public and the wider society through their hard work and dedication. Third sector organisations include charities, social enterprises and voluntary groups that primarily deliver essential services, support people’s wellbeing, and contribute to economic growth.

They provide knowledge and resources to society, aid those in need, create safe spaces, and help communities grow by communicating on a local level. Unfortunately, the third sector has increasingly become more of a target and taken advantage of by cybercriminals due to the lack of awareness of how quickly the world of cyber is growing. 

With well over half of charities dealing with sensitive data according to the National Cyber Security Centre’s survey on the state of cyber security in the UK’s charity sector, conducted by Charity Digital, it is of utmost importance that this data is kept as secure as possible, especially with organisations handling data surrounding gender based violence and similar such sensitive human rights issues. However, worryingly findings from the survey state that exactly 50% of charities responded that they are likely to experience cyber-attacks.

As technology grows, it is difficult to keep up with the evolving processes used for protecting your data. Many know about the simple things like making sure you have a secure password to access your accounts and installing an anti-virus software. This was evident in Charity Digital’s report, as the top answer for ‘which cyber security software was used by their organisation’ was ‘antivirus’. But it’s easy to get lost when trying to implement simple defenses like these and lose focus on what you are defending yourself against.

With a mix across all organisations on who is responsible for ensuring data, money and integrity of businesses is protected, third sector organisations look for urgent and crucial support in the field of cyber security. Upon this, the Scottish Business Resilience Centre, in collaboration with the Scottish Government, is currently delivering, a selection of free Exercise in a Box workshops for third sector organisations to attend and educate themselves in the field of cyber security, or to begin their cyber journey and learn about the very basics of securing data online and offline.  

Exercise in a Box is a free, 90 minute non-technical workshop which helps organisations find out how resilient they are to cyber-attacks and practise their response in a safe environment. It is expertly delivered by the Scottish Business Resilience Centre across Scotland (developed by the National Cyber Security Centre) and started its life as a self-use tool to help organisations test and practise their internal response to a plethora of cyber issues.

Currently, SBRC’s Exercise in a Box sessions offer four scenarios, Working from Home, ‘Digital Supply Chain’, ‘Ransomware’ and ‘Micro Exercises’. The scenario that we would highly recommend for third sector organisations would be, ‘Micro Exercise in a Box’, as the session combines aspects of each of the above mentioned, with additional, broader cyber security learnings and dive into the basics of cyber resilience, within a 90 minute session to ensure all organisations, regardless of their sector or level of cyber knowledge, can benefit.

The following Micro Exercise in a Box virtual events are already live on our website and up for registrations - 26th May, 28th June and 28th July. These workshops will discuss some of the basics of good cyber housekeeping. Specific topics to be covered include:

  • Ensuring password security
  • Identifying and reporting phishing emails
  • Connecting securely during remote work
  • Responding to a ransomware attack

Please feel free to book a space for your organisation and members, for the upcoming sessions here.

For any queries regarding the project delivery, or to set up a private event for your respective organisation, please write to enquiries@sbrcentre.co.uk