Third sector organisations lagging behind on cyber security risk management

by Meg Bratley $|$ Oct $7,2023$

Lack of cyber security risk management software exposes third sector to increased threat of cyber

fraud

$$ Over half $(57$ per cent$)$ of charities are concerned about the rising threat of cyber$-$crime to

their organisation.

$27$ per cent say they had been a target of cyber fraud and $20$ per cent had experienced a

health and safety breach in the past $12$ months

$$ Increased adoption of technology within the sector is putting many at risk

$$ Despite this, just $24$ per cent had introduced risk management software and security

monitoring tools

Less than a third $(24$ per cent$)$ of charities, social enterprises or not$-$for$-$profit organisations have

introduced the necessary cyber security risk management software to prevent themselves from

falling victim to data breaches or cyber$-$attacks, new research from Endsleigh reveals.

The Rewarding Industries $2023$ report surveyed financial decisionmakers across the third sector to

analyse how organisations are responding to the challenges faced in today$$s climate. It has revealed

how charities are lagging behind in their defence response to cyber security, despite the fact that $57$

per cent fear that their organisation faces an increasing threat of cyber$-$crime.

As more organisations look to integrate technology into their fundraising models, many charities are

exposing themselves to threats of cyber$-$attacks. In the last $12$ months alone, $27$ per cent say they

had been a target of cyber fraud and $20$ per cent had experienced a health and safety breach. And

for cyber insurance, only a third of charities reported being insured, with just $11$ per cent reviewing

the risks posed by their digital suppliers, as found in the Cyber security breaches survey $2023.$

The most popular uses of technology within the third sector include the adoption of technology to

support new fundraising efforts $(40$ per cent$),$ increasing the amount of fundraising happening online

$(33$ per cent$),$ investment in digital payments systems $(32$ per cent$)$ and the use of online games to

encourage donations $(27$ per cent$).$

Alison Meckiffe, CEO Endsleigh Insurance, says: $$Third sector organisations hold extremely

sensitive data, which can be devastating if they fall victim to data breaches, potentially putting

vulnerable people at risk. Cyber fraud is also a huge cause for concern for the sector as many move

towards digital fundraising models.

$$At Endsleigh, we are passionate about protecting third sector organisations. As specialists in the

sector, we provide tailored cyber insurance services to charities, social enterprises and not$-$for$-$profit

organisations based on their individual needs.$$

QUESTION ONE $[25]$

$1\mathrm{.}1.$ Identify and explain which component of Operational risk technology falls under $(10)$

$1\mathrm{.}2.$ With reference to the case study, list the various cyber security concerns

identified by the Charity and what were the most popular uses of technology $(6)$

$1\mathrm{.}3.$ Explain the significance of learning from risk to businesses.