The Threat Facing Charities and Social Enterprises

The 'How Prepared is the Third Sector to Secure their Information' Survey, conducted by IS Know How; discovered that 74% of respondents stated that their third sector organisation wouldn't know if it suffered a data security breach. It also found that 83% of respondents said that their charity does NOT utilise a Strong Password Policy and yet 68% of those responding to the survey, claimed that they are aware of the Gravity and effect that a Data Security Breach would likely have on their organisation, including the resulting reputational damage.

IS Know How's CEO & Founder Robert Stones, believes that; 

"Third Sector organisations are the next proving ground for many threat actors, due to the type and depth of data that they process and maintain. Add to this the often unique personnel, legal and financial structure for most organisations; they are unfortunately often a very soft target. Therefore, the sector deserves to have the very same best of breed Data and Cyber Security resources at its disposal, that has been completely tailored to their various needs - including as sector wide affordability throughout and affording the ability to mitigate the many threats."

The fines that can be levied by the Information Commissioner’s Office (ICO) for third sector organisations that fail to comply with the protection of data, is currently set at £500,000 per infringement but under the EU General Data Protection Regulation (GDPR), that is due be enforced from 25 May 2018; these fines could be far higher and involve a much longer lasting impact.

How Cyber Essentials certification can help Charities and Social Enterprises protect data

Cyber Essentials is a government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations situated within the third sector. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of common cyber attacks. These five controls are as depicted below;

Cyber Essentials - Secure Configuration

Secure Configuration

Cyber Essentials - Boundary Firewalls & Internet Gateways

Boundary Firewalls & Internet Gateways

Cyber Essentials - Access Control

Access Control

Cyber Essentials - Patch Management

Patch Management

Cyber Essentials - Malware Protection

Malware Protection

There are Two Levels of Certification.

There are two levels of Cyber Essentials certification available to your organisation: Cyber Essentials and Cyber Essentials Plus.

Cyber Essentials

The Cyber Essentials certification process includes a self-assessment questionnaire (SAQ) around the adoption of the five controls, as well as an external vulnerability scan of the externally facing IP addresses. The external vulnerability scan provides independent verification of your cyber security status and is only offered as part of a CREST-accredited Cyber Essentials certification.

Cyber Essentials Plus

The Cyber Essentials Plus certification includes all of the assessments for the Cyber Essentials certification but includes a technical review of the organisation’s workstations and an on-site assessment. Cyber Essentials Plus is a more thorough assessment of the organisation and, as a result, may provide greater security assurance.

Why IS Know How have Partnered with IT Governance to Deliver Cyber Essentials

IT Governance is a leading CREST-accredited certification body that has awarded hundreds of Cyber Essentials certifications already, including certificates to Action for Children, Barnardos, Core Assets Children’s Services Limited and The Poppy Factory.

This partnership allows Charities and Social Enterprises to conduct the entire certification process online at an incredibly competitive price. The partnership also provides a choice of packaged solutions designed to help organisations of varying levels of experience and expertise through the scheme.

Benefits of Becoming Cyber Essentials / Plus Certified?

With Cyber Essentials you can focus on your core business objectives, knowing that you’re protected from the vast majority of common cyber attacks. You will also be able to drive business efficiency, save money and improve productivity by streamlining processes.

Achieving certification will also help you to address other compliance requirements such as the EU General Data Protection Regulation.

Cyber Essentials - Demonstrate Security

Demonstrate Security

Demonstrate to clients, insurers, investors and other interested parties that you have taken the precautions necessary to reduce cyber risks. 

Increase Opportunities

Increase Opportunities

Be able to bid for UK Government contracts that involve the handling of personal and sensitive information, and increase your chances of securing business within the private sector.

Save Vital Funds

Save Vital Funds

Insurance agencies look favourably on organisations with Cyber Essentials, resulting in lower insurance premiums.

To Begin Reducing Your Risks and Securing Your Reputation!

 Sentinel5

24x7x365 Managed Security Monitoring and Mitigation For Your Organisations Endpoint & Server Devices.

Increase Your Third Sector Cyber Security Resilience & Mitigation

WebSentinel

24x7x365 Managed DDoS Multi-Layer Threat Monitoring Service For Your Third Sector Organisations Website(s).

Increase Your Third Sector Cyber Security Resilience & Mitigation

MCRS

24x7x365 Combined Best-of-Breed Managed Cyber Resilience Service (MCRS) For Your Organisations Devices.

Increase Your Third Sector Cyber Security Resilience & Mitigation

Contact Us

Phone
02921-679-021 (Sales ONLY)
Address
Britannia House, Caerphilly Business Park, Van Road, Caerphilly, Wales, UK. CF83 3GG
Legal Reg Info
Information Security Know How Ltd. is a Limited Company, Registered in England & Wales.

Company No: 09648503
VAT No: GB 232 2137 53

ISKH Site Newsletter

Sharpen your Third Sector Data & Cyber Security Mitigation Knowledge, by Subscribing to Our 'Mitigation Bits & Bytes'. Sharing a Myriad of Sector and Security Focused News, Infrequent Updates about IS Know How's Managed Cyber Security Service(s) Offers, Surveys, Research, Discussions and more...

Third Sector Organisation Personnel?

captcha 




By selecting 'Yes, Sign Me Up!' above, You Consent that we may Collect, Store and Process your Personal Data in accordance with Our Privacy Policy, Cookies Policy & Website Terms & Conditions.
All Newsletter Emails include an Unsubscribe / Modify Subscription link, where you may Opt-Out or Amend your Preferences at any time. You can also do the same from the 'My Account' menu, if you Register for a full FREE IS Know How Account.

Proud Members Of:

IS Know How is a Proud Member of Cyber Exchange

Our CEO & Founder, Robert Stones is also a ‘Member of the Fraud Advisory Panel’ See more information about them here: About the Fraud Advisory Panel

Payments By:

Powered by Stripe Logo
Stripe Subscription Accepted Payment Cards

Subscribe to the IS Know How 'Mitigation Bits & Bytes' Newsletter.

ISKHIcon100x100Instantly begin your Third Sector Data & Cyber Security Mitigation Journey Today!ISKHIcon100x100

Sharpen your Third Sector Data & Cyber Security Mitigation Knowledge, by Subscribing to Our 'Mitigation Bits & Bytes'. Sharing a Myriad of Sector and Security Focused News, Infrequent Updates about IS Know How's Managed Cyber Security Service(s) Offers, Surveys, Research, Discussions and more...

Third Sector Organisation Personnel?

captcha 




By selecting 'Yes, Sign Me Up!' above, You Consent that we may Collect, Store and Process your Personal Data in accordance with Our Privacy Policy, Cookies Policy & Website Terms & Conditions.
All Newsletter Emails include an Unsubscribe / Modify Subscription link, where you may Opt-Out or Amend your Preferences at any time. You can also do the same from the 'My Account' menu, if you Register for a full FREE IS Know How Account.