Older trustees at small charities are ‘more vulnerable to cybercrime’, warns regulator

23 Oct 2019 News

Smaller charities are more vulnerable to cybercrime because they are more likely to have older trustees with lower awareness of the problem, the Charity Commission has warned.

The Commission has today published a report, Preventing Charity Cybercrime: Insight and Action. It says the link between age and cyber-ability means that smaller charities could be more vulnerable than equivalent organisations in the private or public sectors.

Nearly half of the 3,300 charities surveyed in partnership with the Fraud Advisory Panel said their board had overall responsibility for cybersecurity.

Meanwhile, nearly 500 charities said that no one was responsible for cybercrime at their organisation.

The Commission’s advice is that charities should clarify who is responsible for their cybercrime risks and make it a governance priority for the board.

One in six large charities will be victims of cybercrime

The report predicts that one in six large charities will be victim to cybercrime in the next two years. It emphasises that many charities will fall victim to cyberattacks without ever realising.

It adds that 3 per cent of charities are known to have suffered a successful cyberattack in the past two years.

The report also says charities are four times more likely to discover cybercrime through internal IT controls or from staff raising concerns than by all other external sources combined.

Just under one quarter (23 per cent) of attacks were discovered by accident.

More than a third (36 per cent) of respondents did not know the type of cyberattacks the charity is most vulnerable to.

The most common types of cyberattacks across charities were found to be phishing or malicious emails and hacking or extortion.

Less than a third report cybercrime to police

Less than a third of charities were found to be reporting cybercrimes to the police, while a quarter reported the crime to their bank.

32 per cent did not report the cybercrime to anyone outside their organisation.

Over a third of charities that had suffered a cybercrime said it had no impact on the organisation.

Of charities that suffered negative consequences from an attack, 19 per cent reported financial loss and 15 per cent reported loss of data.

Civil Society Media’s next Charity Technology Conference takes place on 6 November. View the full programme and book on the event page.

Older trustees at small charities are ‘more vulnerable to cybercrime’, warns regulator

One in six large charities will be victims of cybercrime

Less than a third report cybercrime to police

Related articles

More than half of charities that suffer fraud know the perpetrators

Charity Commission issues cybercrime alert for trustees

Paul Mackman: Top tips for charities when handling fraudulent cybercrime

More on

Priya Kantaria

Lankelly Chase trustee says ‘the system itself is broken’

‘Serious failings’ by trustees as charity files accounts late for eight consecutive years

Charities ‘leaning in’ to trend of TikTok being used as a search engine

London Marathon announces charity partner for 2025

Charity leaders facing ‘unfair personal scrutiny’, says regulator chief

Charity ‘shocked’ as fundraising manager’s theft is revealed

Philanthropist Julia Rausing dies aged 63

Alcohol charity ordered to pay brewer after losing Dry January trademark case

Emergency care charity files serious incident report after staff denounce ‘toxic’ culture

Charities invited to apply for free TikTok training on how to use platform

Search

Browse

Topics

Communications

Finance

Fundraising

Governance & Leadership

Policy & politics

Technology

The Charity Awards