A UK magazine ‘Third Sector’ which is dedicated to delivering news about the not-for-profit and voluntary sector recently undertook a survey to measure the awareness of cyber security issues within the charity sector.
The survey was made in response to a report released by the ICO (Information Commissioner Office) raising concern that over a third of charities had no education programme in place for training staff in the handling of personal data, lacked enforcement of basic security principles and didn’t meet the minimum requirements for password complexity.
The survey was undertaken to find out how participating charities are protecting themselves against a potential cyber breach of security.
In total there was a total response rate of 414 charities, social enterprises, and other voluntary and not-for-profit organisations.
Results were overall positive, with many groups highly aware that data protection was a key issue and that data must be protected. Worryingly 11.35% of respondents had highlighted that they had compromised data accidentally, and even more worryingly 12.08% were unaware if they had compromised data accidentally.
12.62% of the responses (52) had reported that they either had data stolen or had been subject to a cyber attack and 88.29% (362) of the responses were aware that the loss or theft of data would impact negatively with their supporters, with 67.56% concerned that any data loss/theft would also impact on future funding opportunities.
On a positive note 76.57% (317) of the responses highlighted that staff and volunteers had received training on the importance of protecting information, yet 18.12% (75) reported no formal training. Meanwhile 78.38% (319) of the response reported that data protection formed a part of their internal risk management processes.
The results were in the main positive for third sector organisations with the majority of respondents acutely aware of the threats of data loss and cyber attacks and the importance of protecting data from accidental loss and theft.
However, a significant minority require further education and support to ensure that their organisation is adopting more effective security protocols to strengthen their organisation against the accidental loss or theft of sensitive data.
For further information about the research, please visit the Third Sector magazine at: http://www.thirdsector.co.uk/