While the coronavirus pandemic has been causing chaos for many of us, for one group of ne’er-do-wells, it’s been a blessing. This is cybercrime in the age of COVID.
Although COVID-19 and the unprecedented way it’s impacted organisations has been major news for some time now, the resulting vast increase in cybercrimes – especially against charities – is in direct competition for the headlines.
This certainly isn’t the first time essential non-profits have been targeted by nefarious actors – last year, over a quarter of UK charities experienced cyber-attacks, and this percentage has been creeping up over the years. In the midst of this global pandemic, however, hackers are seemingly determined to kick charities while they’re down.
Fighting Back Against Pandemic Cyber Criminals
Although it’s a confusing and unsettling time, cyber-criminals are, unfortunately, a constant threat – so while it’s great to defend yourself in the short-term, there’s also a long-term advantage for after the pandemic.
Let’s look at what charities can do to secure themselves against these threats:
1. Education is Everything
Your team is an important line of defence against cyberattacks, so providing relevant cybersecurity training and awareness is a must. Inform staff about the threats that are out there, how to avoid them, and how to report them to give your organisation a fighting chance.
2. This is Everybody’s Fight
Cybercrime is everybody’s problem, and not a conversation that should be reserved exclusively for leaders and IT professionals – you need to involve trustees, managers, employees, volunteers, and beneficiaries in the fight.
3. Secure Remote Working
The pandemic has caused a noticeable shift from office-based roles to remote working. In response, you can’t afford for security to be an afterthought. Remote employees need to be able to communicate and collaborate in a safe, managed environment, such as Microsoft Teams – a staple for many organisations and their remote working strategies.
4. Lock Down Passwords
While passwords do provide a basic level of security, they often remain easy to crack if a determined attacker sets their mind to it. Adding several layers of verification before access is granted is a great way to deter cybercriminals, and Multi-Factor Authentication provides those layers.
5. Never Trust, Always Verify
Adopt a Zero Trust policy when it comes to data protection: verify absolutely every entry request from within or outside of your organisation’s perimeter before allowing any access to your systems. Remember: never trust, always verify.
6. Secure BYOD
It’s common for employees and volunteers to use their own mobile phones, laptops, and other devices for work purposes, but are they doing so securely? Adopt all aspects of secure BYOD by managing devices, keeping protection up to date, establishing easy communication between your IT department and the rest of your team, and cultivating a culture of trust.
7. Beware Insider Threats
Unfortunately, sometimes your own people can pose a deadly threat to your organisation; 53% of charities affected by fraud in the past two years knew the perpetrator, so keep an eye out for malicious insiders within your organisation.
8. Be Prepared to Invest
As digital fraud grows more sophisticated each day, it’s important to invest in robust cybersecurity. Effective prevention can save charities from the financial loss and reputational damage that often come with a data breach.
Hackers are making what has already been a testing time for businesses all the more challenging. Hopefully, as we continue to navigate these choppy waters together, organisations of all kinds can adapt and proactively protect themselves in response. By learning tough lessons from this pandemic and looking to what comes next, charities of all kinds can successfully keep cybercriminals at bay and focus on doing the work that really matters.
Want to know more about how we work with the non-profit sector to protect vital services from hackers? Just get in touch with a member of our dedicated team.