Empowering Charities in Cyber Security

Who we are? The Empowering Charities Team is a temporary team set up from April to June 2023 as part of the Empowering Women to Lead in Cyber Security Training Programme.  The 5 members of the team are cyber security professionals from organisations across the Northern Ireland Public and Private Sector.

What we are trying to achieve? The aim of our project is to understand the cybersecurity needs of local charities and help support those needs.

What have we learned? That charities are busy often with limited resources and time, and in reality all the help and support they need is out there in different locations.

What have we created? A single website with simple, clear, concise advice charities can follow, with links to much of the content available to support them.

So what can charities do to make a practical difference to their cyber security:

Back up your data
  • Identify what data you need to back up
  • Keep your backup separate from your computer
  • Consider using the cloud
  • Read NCSC cloud security guidance
  • Make backing up part of your everyday business

Protecting your charity from malware
  • Install (and turn on) antivirus software
  • Prevent trustees, volunteers or staff from downloading dodgy apps
  • Keep all your IT equipment and software up to date (patching)
  • Control how USB drives (and memory cards) can be used
  • Switch on your firewall

Keep your devices (Phones, tablets/ipads and laptops) safe

  • Switch on password protection
  • Make sure lost or stolen devices can be tracked, locked or wiped
  • Keep your device up to date
  • Keep your apps up to date
  • Don’t connect to unknown Wi-Fi Hotspots

Using passwords to protect your data
  • Make sure you switch on password protection
  • Use two factor authentication for where possible
  • Avoid using predictable passwords
  • Consider using a Password manager to avoid “password overload”
  • Change all default passwords

Avoiding phishing attacks
  • Configure accounts to reduce the impact of successful attacks
  • Think about how you operate
  • Check for the obvious signs of phishing
  • Report all attacks
  • Check your digital footprint

Take advantage of free online resources (Links below)

  • Complete regular training, education and awareness, with your team
  • Utilise Microsoft non-profit opportunities
  • Create a Cyber Action plan from NCSC CyberAware program
  • Follow Charity Commission guidelines
  • Take advantage of Cyber Essentials Guidance from NICVA

Online Resources Available

Check to see if you qualify for Microsoft Office and 365 – 

Nonprofits Grants & Credits Eligibility | Microsoft Nonprofits 

Sign up for a free security assessment and free  training/resources/learning paths. Download a Non profit security strategy ebook – Secure and Protect Nonprofit Data | Microsoft Nonprofits

Download a Free “Be Cyber Smart Kit” – Cybersecurity Awareness – Microsoft Security 

Get your free tailored Cyber Action Plan – https://www.ncsc.gov.uk/cyberaware/home

Read the NI Cyber Security Centre “NI Cyber Security Research” report on SME’s and Charities – https://www.nicybersecuritycentre.gov.uk/