With reports of cyber crime on the rise, the Australian Charities and Not-for-profits Commission (ACNC) is reminding charities of cyber security risks and guidance and practical tools available to help reduce the risk of cyberattacks.
Australian Cyber Security Centre data showed an increase in the number and sophistication of cyber threats last financial year.
ACNC Commissioner Sue Woodward AM said it is critical that charities protect electronic data from unauthorised access.
‘The people who run a charity are ultimately responsible for managing cyber security risks. They must also make sure staff and volunteers have a basic understanding of safe practices. For example, there may be legal requirements for the way personal and sensitive information is stored and collected that everyone in a charity should understand,’ Ms Woodward said.
‘Some charities, due to a lack of resources or time, may not have considered cyber security. Charities can fall victim to cyber attacks – even smaller ones. And the consequences can be significant, including high costs to restore data, loss of crucial information, disruption to services and damage to trust and reputation.
‘When a charity has inadequate security for its computer systems, it is more vulnerable to attacks and less likely to be able to detect them. This can make responding to attacks more difficult and increase the time and cost of recovery.’
The ACNC Cyber Security Governance Toolkit contains helpful tools such as a template plan for responding to a data breach, a cyber security checklist and steps that every charity can take to help protect against threats.
‘Most of the actions outlined in our guidance are simple. But if you think your organisation doesn’t have anyone with enough knowledge and experience, you may need to look for outside help,’ Ms Woodward said.
Read more in the Cyber Security Governance Toolkit.