Less than one per cent of charities are adequately protecting themselves from common cyber-attacks, such as fraudulent emails and phishing scams, a new study has found.
The research suggests that the vast majority of UK charities are leaving themselves, their donors and other stakeholders at risk.
This conclusion was reached after it was discovered that nearly 78,000 charity email domains are not currently protected by email authentication protocols such as Domain-based Message Authentication, Reporting and Conformance (DMARC).
As well as being an effective way of protecting emails, DMARC protection ensures that only trustworthy sources can send emails to charities purporting to be on behalf of a business.
Such protocols also discourage cyber criminals from targeting charities in the first place, as most criminals are more likely to attack targets they suspect won’t have protection.
Therefore, if charities were to use a DMARC product, they could protect themselves against the financial and reputational damage that would surely follow on from a cyber-attack.
As a spokesman for the Global Cyber Alliance, a not-for-profit organisation dedicated to reducing systemic cyber risk, pointed out, DMARC is a powerful tool to help combat some of the most difficult-to-detect types of email fraud.
The findings follow the recent publication of a Government report that found that, at 72 per cent and 27 per cent respectively, fraudulent emails and phishing attacks were amongst the most common types of breaches suffered by businesses in the UK.
As one of the report’s authors commented, fraudulent emails and phishing attacks pose a serious risk to businesses and the data they hold. As such it is very concerning that UK charities, which make huge social and economic contributions despite often working with limited resources, are so exposed to these potentially hugely damaging attacks.
For more information about Milsted Langdon’s services for charities, please contact us.