Almost half of charity workers have rarely or never changed their work passwords, highlighting significant security risks within the sector, research has found.
A new survey from cybersecurity company, ramsac, has revealed that 36% of workers have never changed their passwords; 23% changed it at induction and 20% changed it a year ago.
The number of workers who changed their passwords within the last three months sits at 3%.
It was also found that the majority of professionals had never received any form of cybersecurity training.
The study suggested charities implement a stricter policy that keeps their organisations safe from hacking attempts, unauthorised users logging in, and brute force tactics.
Not changing passwords makes workers and their charities more susceptible to being victims of cyberattacks, ramsac said.
The survey also showed that 44% of professionals’ passwords only contained a mix of letters and numbers, with only 22% of professionals having a password with at least one ‘special character’.
ramsac said charities should have a managed password policy that enforces a certain complexity and requires a regular change. "This is an easy and efficient way to improve the cybersecurity of an organisation," the firm said.
The firm's MD and founder, Rob May said: “Our survey clearly highlights that a reliable human firewall is pivotal to an organisation’s cybersecurity. Staff are not clued up about the significance of their decisions and this can result in huge consequences. Cybersecurity is only as good as its weakest link, so upholding a fantastic standard is essential in not putting an organisation at risk of attacks.
“Although the study revealed some worrying behaviour from professionals, the remedies are incredibly simple¸ showing why cybersecurity reviews are so important. Employees become better equipped to safely use the internet and the changes to improve are far more straight forward than some would initially think. The first step to quality cybersecurity couldn’t be easier; educate and train.”
The survey found the most common impact of a cyberattack on a charity was the temporary loss of access to files or networks, which 9% of charities experienced.
The most common form of cyberattack on charities were phishing attacks, which is when a fraudulent message is sent to trick the target into revealing sensitive information.
Latest News
-
Experienced interim CEO takes temporary charge of RSPCA
-
Fewer charities suffering financial loss from fraudsters, report finds
-
Value of legacy funds set to dip by 6% over next three years
-
Campaigning takes place to tackle charity sector fraud
-
Creative agency gives away £15,000 worth of branding support to charities
-
Children’s charity latest to quit Elon Musk’s X and move to Bluesky
Charity Times video Q&A: In conversation with Hilda Hayo, CEO of Dementia UK
Charity Times editor, Lauren Weymouth, is joined by Dementia UK CEO, Hilda Hayo to discuss why the charity receives such high workplace satisfaction results, what a positive working culture looks like and the importance of lived experience among staff. The pair talk about challenges facing the charity, the impact felt by the pandemic and how it's striving to overcome obstacles and continue to be a highly impactful organisation for anybody affected by dementia.
Charity Times Awards 2023
Mitigating risk and reducing claims
The cost-of-living crisis is impacting charities in a number of ways, including the risks they take. Endsleigh Insurance’s* senior risk management consultant Scott Crichton joins Charity Times to discuss the ramifications of prioritising certain types of risk over others, the financial implications risk can have if not managed properly, and tips for charities to help manage those risks.
* Coming soon… Howden, the new name for Endsleigh.
* Coming soon… Howden, the new name for Endsleigh.
Better Society
© 2021 Perspective Publishing Privacy & Cookies
Recent Stories