Social enterprise and charity sectors combine to combat cyber crime

by | Jan 16, 2025

Social Enterprise Scotland and the Scottish Council for Voluntary Organisations (SCVO) have come together to offer members free access to practical support and digital tools that will transform their ability to pre-empt and combat cyber-attacks.

The offer comes on the back of a collaboration between the two member organisations, cyber insurance specialist Coalition and the specialist team at Keegan & Pennykid Insurance Brokers. It will give members access to sophisticated digital tools that will dramatically enhance their ability to identify their cyber vulnerabilities and to take proactive action to manage and mitigate their exposures.

Statistics from the government’s 2024 Cyber Security Breaches Survey show that almost a third (32%) of charities experienced a cyber security breach or attack in the past 12 months. And the incidence of attack is rising steeply.

Cyber risk

Contrary to popular belief, the majority of cyber criminals don’t tend to target specific organisations. In reality, they’re more opportunistic. They look for the easy targets that will yield a quick return.

Car thieves don’t focus on vehicles with sophisticated security or complicating factors such as steering wheel locks. They go for the easy pickings and cyber criminals are no different. As they scan the digital landscape, they’re looking for openings that give them access to your IT estate for the least amount of effort.

So, what does this mean in practice? Well, in many cases, charities and social enterprises will be using off-the-shelf software. But how many have then configured the software’s security to their specific needs to make it more resilient to attack? How many have implemented additional software security or put in place physical security measures?

Most organisations rely on email for both their internal and external communications and send a significant volume of emails to existing and prospective supporters and clients. But are emails encrypted? Is two-factor authentication in place when users log on?

At a more general level, who has responsibility for cyber security within the organisation and have their responsibilities been clearly defined? What funding has been made available for cyber security?

Data from Coalition shows that cyberattacks are incredibly costly and its average claim from the not-for-profit sector amounts to £86,500. This covers investigating the loss, removing criminals from the technology estate and the remedial work required to shore up the system and restore its data and functionality.

And that’s before adding in the cost of legal representation, business interruption and potential reputational damage. One only needs to imagine the impact on future donations if the payment details of existing supporters were stolen by criminals.

Taking control of cyber risk

The partnership established by SCVO and Social Enterprise Scotland gives their respective members free access to Coalition’s cyber security risk management platform, Coalition Control. It scans your organisation’s entire digital footprint, including online domains, IP addresses, and all your individual ports. It also covers apps and services, and highlights data leaks and phishing risks.

Coalition Control provides users with an unparalleled view of their most pressing cyber risks and allows them to act before they turn into attacks. Without this level of insight, it’s difficult to know where to start when it comes to cyber security. The platform provides a prioritised list of vulnerabilities enabling organisations to deal immediately with those that could lead to the most disruptive and costly attacks.

After that, users can work towards improving their resilience in a consistent and logical fashion, making themselves more robust and less likely to suffer an attack. Indeed, research from Coalition found that Coalition Control users experience a whopping 64% fewer claims than organisations without access to the platform.

Final word

If organisations don’t have an overview of their technology estate and how easily it could be breached, it’s impossible to batten down the hatches effectively and protect themselves against the growing number of cyberattacks.

In today’s climate, cyber security is a must-have budget item for every organisation. Similarly, you need to consider how you would manage in the event of a cyber-attack and implement the crisis management steps necessary to mitigate its impact and get your operations back online again.

Insurance offers immediate access to the experts who can carry out this work, as well as providing a level of financial support to cover the associated losses.

The collaboration highlights the importance that the SCVO and Social Enterprise Scotland put on cyber security. It offers valuable support for members seeking to understand their cyber exposures and to ensure they have taken appropriate steps to protect both their own interests and those of their supporters and service users.

If you’d like guidance in safeguarding your operations, then please get in touch with us at Keegan & Pennykid and we can talk in more detail about protecting your organisation from cyber-attack.

Keep your people and property safe this winter

Keep your people and property safe this winter

Darker nights and wintry weather throw up all sorts of hazards for organisations. June Pennykid at Keegan & Pennykid offers some practical tips to keep your people and your property safe. The weather in the UK is pretty unreliable, except in the winter when it’s...

read more
Are you covered for Bonfire Night?

Are you covered for Bonfire Night?

Before the sparks fly on Bonfire Night, June Pennykid at Keegan & Pennykid talks through some of the logistics associated with holding an event and the insurance cover you’ll need before you go ahead. If you’re planning to hold a Bonfire Night event in the coming...

read more
Previous claims are only part of your premium calculation

Previous claims are only part of your premium calculation

In recent months, I’ve had lots of conversations with clients about the rising cost of insurance. In particular, those who haven’t made a claim want to know why they’re receiving renewal quotes with a double-digit hike in the premium. Often, the answer is market...

read more