Alison Brogan provides an update on work underway to help reduce cyber risk to third sector organisations in Scotland
Back in April TFN reported on recent cyber research, from the 2024 UK Cyber Security Breaches Survey, which studies cyber resilience in the UK to help inform government policy.
It showed that around a third of charities suffered a cyber security breach over the past year.
The UK Cyber Security Breaches Survey showed that organisations from every sector continue to face cyber security breaches and attacks (most common being phishing), and charities are no exception.
This is likely to remain a threat so it is important to take steps to keep systems and data safe and prepare for when the inevitable happens. The research highlights cyber is a priority for most charities, with an increase in those who have a cyber strategy in place, however activity to improve cyber resilience has remained the same as 2023.
To help support charities in addressing this a Third Sector Cyber Resilience Working Group, made up of a range of people from across Scotland’s voluntary sector, has been established to shape and guide a programme of work aligned to Scottish Government’s Third Sector Cyber Resilience Action Plan. The working group is part of the CyberScotland partnership, which brings together partners from all sectors across Scotland to boost cyber resilience, with focus so far on:
- Hosting a free conference with ScotlandIS, as part of CyberScotland Week 2024, designed specifically for the sector to help renew focus on cyber resilience - read all about it here.
- Aligning with partners to create single source of third sector cyber resilience advice and guidance, within CyberScotland portal, which will continue to evolve as work in this space develops.
- Designing new Third Sector Cyber Resilience Bulletin to provide quarterly update on common threats and progress of programme of work, first issue due on portal in July.
- Commissioning work to design cyber resilience awareness training campaign and research barriers to cyber security certificationwithin third sector, recommendations to be included in next delivery phase. There’s a survey currently live for anyone who would like to help support the third sector in staying secure online.
Over the coming year this group will continue to work with the broader CyberScotland partnership to deliver realistic and relevant resources.
It is hoped that these will help third sector organisations in their journey to becoming more cyber resilient and positively impact findings within future breach surveys – let’s work together to prioritise cyber risk.
Alison Brogan is SCVO’s cyber resilience co-ordinator.