How to Stay Cyber Secure with Volunteers

With guidance from the National Cyber Security Centre (NCSC) Charity Digital look into how charities can strengthen their cyber security while working with volunteers.

Unfortunately, it can often be a challenge for a charity to foresee the level of disruption and violation a security breach can cause until it’s happened.

Just like any other crime, cyber criminals and hacktivists will look for an easy target. They will search for signs of weakness or vulnerable areas within the system they want to invade.

This means preventative measures and plans of action are so important as a first line of defence.

Businesses will always be open to risk of being a target for their assets, their data or their funds. As a result, that company’s valuable reputation and trust is at stake.

This includes charities and nonprofit organisations more so.

It is a given that there should be a need for cyber security in charities, but limited budgets or resources, lack of expertise or know how, and not considering the potential risks of working with other companies can get in the way of this.

Apparently, even a charity’s dependence on volunteers can also hinder putting in place robust digital prevention measures, making them the weakest link in their cyber security plans.

But it’s not the fault of the Volunteer
A charity could already have reliable cyber security plans in place; with staff members updated about phishing emails, phishing simulations or malware, and they get regular security awareness training.

But then that organisation starts to introduce new people who have just come in to help for the day, giving them access to charity data - and who have not done any cyber security awareness or training.

All of a sudden, there is a massive uncertainty in place.

How much do the volunteers know about social engineering? What charity information would they have access to? Do they know not to use computers to search the internet for personal interests during downtime?

Or what about clicking on that suspicious weblink in an email that came through to the charity’s inbox?

In this example, the best answer to rule out any digital risks is for the charity to extend the same level of cyber security awareness training to volunteers as it does to full-time employees: This could be a squeeze on a charity’s already tight budget, but it would pay off in the long term.

Whilst the threat of cyber-attacks is on the increase, more can now be done to always improve awareness and decrease any risks.

Newscaster Charity Digital look at how charities can strengthen their cyber security while working with volunteers.

With help from the National Cyber Security Centre (NCSC) they offer guidance so that everyone in a charity can be in control of staying secure online.

To read the guidance, visit the Charity Digital website.