Data Privacy Day

On Data Privacy Day, Managing Director of Nisyst Bob Chunilal, explains why the need for charities to address their cyber security is more important than ever.

Data Privacy Day, an international effort held annually on 28 January to create awareness of the importance of respecting privacy, safeguarding data and enabling trust, is a reminder that online security is increasingly an issue that organisations must address.

Even with today’s technology and ever-advancing levels of security, spurred on by the GDPR regulations introduced in 2018, cyber-attacks can still occur. Now, more than ever, charities are being urged to protect themselves against a specific type of cyber-attack; ransomware.

The ‘WannaCry’ ransomware has been targeting Microsoft Windows since Friday, 12 May 2017. More than 230,000 computers in 150 countries have already been affected. WannaCry demands ransom payments in bitcoin, a type of digital currency in 28 different languages.

This highlights just how important it is for charities to be protected.

Are charities at risk?

It’s not clear yet whether charities are affected by WannaCry, but the truth is IT systems and existing protection always needs to be kept updated. After all, according to James Mulhern, chief information security officer at Eduserv, charities are a big target for cyber criminals because they have valuable data, including personal information which is of huge value to attackers.

The Cyber Security Breaches Survey 2019 also reveals that 32% of businesses and 22% of charities identified a breach or attack, with an average annual cost of £4,180 and £9,470 respectively for those that have lost data or assets after breaches. Businesses that hold electronic personal data are more likely than average to have experienced breaches or attacks (39% v 32% overall), highlighting the severity of the issue and the importance of protecting this information.

The most common attacks occur through fraudulent emails, which try to get staff and consumers to reveal personal information, as well as passwords. Malware and viruses in attachments and links are also common, as is ransomware.

How can charities remain protected?

Charities can protect themselves by using donated security software, according to Richard Craig, CEO of charity software specialist Technology Trust:

“A lot of problems have been caused by organisations using legacy systems, predominantly Windows XP, which is no longer supported by Microsoft. It’s understandable that charities try to send as much money through to their cause, but this shows what can go wrong if you postpone upgrading. Microsoft donates Windows operating systems to charities so that at least takes a lot of the cost away.”

Backing up systems, having an up-to-date antivirus in place, and investing in high-quality technology can minimise the risk of cyber-attacks. It is also important that staff have the necessary skills to identify an attack or to respond to it and make sure everyone is trained in cyber security (or has enough knowledge of it).

For more information about Nisyst’s work in this area, be it to prevent ransomware or any other security breaches, please log onto www.nisyst.co.uk or call us on 01204 706000