Government report exposes charity leaders’ lack of understanding of cyber security

Charity leaders are lagging behind their counterparts in the public and private sectors in their understanding of cyber security, according to latest research.

In a raft of areas of cyber security, from reporting breaches and staff training to understanding the digital security risks facing their organisations, charity senior managers are behind business leaders and public sector management.

The findings have emerged in report on cyber security skills in the UK labour market, published by the Department for Digital, Culture, Media and Sport (DCMS).

It found that “indicators on incident response and staffing tend to be less positive in charities” than among businesses and public sector organisations.

The report asked cyber team heads how well their organisation’s senior managers understand digital security issues.

While around eight out of ten in the public sector (79%) and large businesses (81%) say senior management understand cyber security risks, the proportion dips to just six in ten (62%) among charities.

Less than half (44%) say charity management understand staffing needs regarding cyber security training and skills within their organisation, compared to 72% in the public sector and 64% among businesses.

There is a similar lack of knowledge in senior charity roles compared with other sectors around dealing with serious cyber breaches and incidents, the report found.

In the public sector eight in ten cyber heads (82%) say managers are aware of the need to report breaches. The proportion is similar among large businesses (79%). However, among charities the figure dips to just 56%.

In relation to managing a cyber security incident less than half (42%) of senior charity manager know what steps to take, compared to two thirds (65%) of public sector managers and 74% of cyber heads at large businesses.

A lack of confidence in performing basic cyber security tasks, such as setting up firewalls and removing malware, has also been revealed among charities.

Among public sector organisations, 12% of staff are not confident in setting up configured firewalls, this proportion rises to a third (33%) among charities.

Similarly, only 8% of staff in public sector organisations and 5% of in businesses lack confidence in detecting and removing malware. Among charities the proportion increases to 30%.

In terms of restricting software, storing data securely, setting up automatic updates and controlling who has admin rates, the charity sector performs worse than the public and private sectors, the report adds.

    Share Story:

Recent Stories


How your property strategy can help beneficiaries in the long-term
In this podcast, editor Lauren Weymouth is joined by Jonathan Rhodes, national head of valuation at Cluttons and Nick Sladden, head of charities at RSM, to discuss how the current economic climate is impacting the property market for charities and how to implement a strategy that puts beneficiaries first.

Better Society