Manage your cyber risks

With reports of cyber crime on the rise, the ACNC is reminding charities of cyber-security risks, giving guidance and practical tools to help to reduce them.

Australian Cyber Security Centre data showed an increase in the number and sophistication of cyber threats in the past financial year.

ACNC commissioner Sue Woodward said it was critical that charities protected electronic data from unauthorised access.

‘The people who run a charity are ultimately responsible for managing cyber-security risks. They must also make sure staff and volunteers have a basic understanding of safe practices. For example, there may be legal requirements for the way personal and sensitive information is stored and collected that everyone in a charity should understand’, Ms Woodward said.

‘Some charities, due to a lack of resources or time, may not have considered cyber security. Charities can fall victim to cyber attacks – even smaller ones. And the consequences can be significant, including high costs to restore data, loss of crucial information, disruption to services, and damage to trust and reputation.

‘When a charity has inadequate security for its computer systems, it is more vulnerable to attacks and less likely to be able to detect them. This can make responding to attacks more difficult and increase the time and cost of recovery.’

The ACNC’s Cyber Security Governance Toolkit contains helpful tools such as a template for responding to a data breach, a cyber security checklist, and steps that every charity can take to help protect against threats.

‘Most of the actions outlined in our guidance are simple. But if you think your organisation doesn’t have anyone with enough knowledge and experience, you may need to look for outside help’, Ms Woodward said.