
Empowering Charities in Cyber Security
Who we are? The Empowering Charities Team is a temporary team set up from April to June 2023 as part of the Empowering Women to Lead in Cyber Security Training Programme. The 5 members of the team are cyber security professionals from organisations across the Northern Ireland Public and Private Sector.
What we are trying to achieve? The aim of our project is to understand the cybersecurity needs of local charities and help support those needs.
What have we learned? That charities are busy often with limited resources and time, and in reality all the help and support they need is out there in different locations.
What have we created? A single website with simple, clear, concise advice charities can follow, with links to much of the content available to support them.
So what can charities do to make a practical difference to their cyber security:
Back up your data
- Identify what data you need to back up
- Keep your backup separate from your computer
- Consider using the cloud
- Read NCSC cloud security guidance
- Make backing up part of your everyday business
Protecting your charity from malware
- Install (and turn on) antivirus software
- Prevent trustees, volunteers or staff from downloading dodgy apps
- Keep all your IT equipment and software up to date (patching)
- Control how USB drives (and memory cards) can be used
- Switch on your firewall
- Switch on password protection
- Make sure lost or stolen devices can be tracked, locked or wiped
- Keep your device up to date
- Keep your apps up to date
- Don’t connect to unknown Wi-Fi Hotspots
Using passwords to protect your data
- Make sure you switch on password protection
- Use two factor authentication for where possible
- Avoid using predictable passwords
- Consider using a Password manager to avoid “password overload”
- Change all default passwords
Avoiding phishing attacks
- Configure accounts to reduce the impact of successful attacks
- Think about how you operate
- Check for the obvious signs of phishing
- Report all attacks
- Check your digital footprint
- Complete regular training, education and awareness, with your team
- Utilise Microsoft non-profit opportunities
- Create a Cyber Action plan from NCSC CyberAware program
- Follow Charity Commission guidelines
- Take advantage of Cyber Essentials Guidance from NICVA
Online Resources Available
Nonprofits Grants & Credits Eligibility | Microsoft Nonprofits
Sign up for a free security assessment and free training/resources/learning paths. Download a Non profit security strategy ebook – Secure and Protect Nonprofit Data | Microsoft Nonprofits
Download a Free “Be Cyber Smart Kit” – Cybersecurity Awareness – Microsoft Security
Read the NI Cyber Security Centre “NI Cyber Security Research” report on SME’s and Charities – https://www.nicybersecuritycentre.gov.uk/
Cyber Security Guide actions to follow — https://www.nicva.org/resource/cyber-security-guide-actions