What is cyber security?
Cyber security is where measures are put in place to protect an organisation from cyber-attacks. Attacks could take place on networks, systems, programs, devices and data. These attacks could result in irrecoverable damage (financial, legal and reputational) for the charity involved.
Under the General Data Protection Regulations (GDPR), there is also a legal requirement to have appropriate measures in place to protect personal data. The measures put in place include different processes, controls and technologies, and these all aim to reduce risk when it comes to cyber-attacks.
Types of cyber attacks
There are various types of cyber-attacks to be wary of, and small charities could be affected by any of them - especially if they’re embracing the digital world. These could include:
- Phishing – Where the attacker tries to get staff to hand over specific information (such as bank details).
- Malware – Where an application is placed on digital devices and malicious activity is carried out.
- Malicious apps – Where sensitive data could be stolen, files could be encrypted with ransomware etc.
- Various other types of attack such as ‘man-in-the-middle’ (MITM), distributed-denial-of-service (DDoS), SQL injection, zero-day exploit, DNS tunnelling and more.
Go to Section 2.
1. What is cyber security and what are cyber attacks?
2. Importance of risk management and assessments
3. How to reduce cyber risk
4. Cyber security guidelines