Charity Sector Vulnerable To Data Breach

Published on: 5th September 2018

In this week's security news, The Stack observed that recent enforcement statistics from the ICO show a high proportion of charities on their list of reported prosecutions. These include national charities, education bodies and religious groups. The Stack goes on to point to the recommendations of the ICO to help prevent these data breaches.

The higher reported incidence may arise from a number of reasons. Firstly, the breaches often affect large numbers of people. Secondly, there is a greater chance that breaches will be reported by the public as they will be especially concerned by the breach of trust and goodwill they invest in the charity. Thirdly, with a high number of transient and volunteer staff, it is harder to enforce cyber security standards (increasing risk) and finally, as the breaches affect trust and goodwill, charities need to face this publicly and swiftly to mitigate any reputational damage.

These factors together make the likelihood of reporting and enforcement more likely than for smaller businesses and organisations, but charities are no more risky than other organisations and the lessons learned are the same for everyone:

Review - Protect - Educate - Repeat.

Staff training and strong IT security processes are essential to making sure that all businesses are as strong as possible in preventing data security incidents. Grass roots education is key, and a organisation-wide culture of security awareness will provide the best protection against accident and disaster.

Find out how PYXI for GDPR can help.

PYXI GDPR Team: 5th Sep 2018 10:21:00