Charities have experienced an average of 32 cyber incidents over the last year, researchers have found.

This is 7% higher than the national average for all organisations and comes despite two in five charities spending more than £25,000 a year on cyber protection measures, including carrying out vulnerability tests.

Among charity representatives surveyed more than a quarter (28%) believe their current cyber security budget is inadequate to protect them from growing threats.

Just over half of charities have seen an increase in threats over the last two years, with a similar proportion noting a rise in cyber security insurance premiums over the same period.

More than a third of charities warn that budget constraints is one of the biggest barriers to improving their cyber security.

The survey has been carried out by tech company Iomart and research firm Oxford Economics and involved the views of 29 charity executives, as part of a wider survey of 500 UK organisations.

The biggest threats to all organisations are malware and phishing, which are experienced by more than half of those surveyed.

Advice on tackling cyber threats

Iomart recommends charities invest in protection but “avoid panic buying and throwing precious budget down the drain” by not first assessing where investment is needed, for example improving staff training.

It adds that hiring a third-party expert to “point you in the right direction” can help avoid making inappropriate cyber security investments.

Involving staff is also key to a successful cyber security strategy, advises Iomart.

“You need a team that has awareness of both the complexities and significance of a strong cyber strategy—and you need them to implement it successfully,” it said. “Whether it’s upskilling and reskilling employees or bringing in people with specialised skills, there are many ways your employees can become a key line of defence in combatting threats.”

“Following the COVID-19 pandemic, the adoption of digital technology accelerated at rapid pace, and with donations and other services having increasingly moved online, not-for-profits have become more vulnerable to attack,” added Iomart chief executive Lucy Dimes.

“And while it is clear that the threat of cybercrime is rising, there’s a lack of confidence in organisations’ abilities to protect themselves against it.

“There are many factors at play that are influencing this, from rising energy costs and increased insurance premiums to skills shortages and staff burnout, which are causing huge challenges for businesses.

“While this may be the case, there are ways to relieve these pressures, with effective strategies being developed and new technologies such as AI being embraced. Working alongside trusted partners can also ensure companies have adequate cyber strategies tailored to their business needs and challenges.”

Share Story: