The UK has more than 131,000 social enterprises that employ around 2.3 million people and generate a combined turnover of £78bn. The sector encompasses organisations of all shapes and sizes, but one of the things they all have in common is their increasing exposure to a cyberattack.
The latest Cyber security breaches survey 2025, which the Department for Science, Innovation & Technology published in April 2025, highlighted that cyber risk was also a major issue for the charity sector. Stating that 30 per cent of charities – in excess of 60,000 organisations had reported a cyber security breach or attack in the past 12 months.
In this short blog we examine what this actually means for organisations right across the charity, voluntary, not-for-profit and social enterprise landscape. We explore the following issues – What are the most common types of attack? What impact do they have on operations? What protection does cyber insurance offer?
According to one cyber insurance provider, its four most frequently covered claims are for data breaches, ransomware attacks, financial theft and phishing. Let’s look at these in turn.
Data breaches
The Information Commissioner’s Office (ICO) says a data breach is the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This can range from records being accessed by unauthorised individuals due to an IT security failure, right down to an email with personal information being sent to unintended recipients.
You might hold medical or financial information and this can make you a target for criminals. You will need to investigate the breach and alert those affected. You may also need to monitor the impact of the breach going forward and defend your organisation from civil claims arising from the breach. All these activities come at a cost and require you to appoint the required experts quickly. Cyber insurance can help on both of these fronts.
Ransomware
The sensitive nature of the data held by many organisations makes it a valuable target for fraudsters. And this explains, in part, why ransomware attacks are so common. These attacks rely on malicious software called malware to encrypt your data and make it inaccessible. Criminals then demand a ransom for the return of your data. They may threaten to destroy or publish the data if you do not pay the ransom.
You will need to commission IT experts to identify the cause of the attack, remove the malware and to restore your systems to normal operational order. While you are locked out, day-to-day activity will be hampered, if not impossible, inevitably generating business interruption losses. Cyber insurance will provide cover towards these costs and can help cover the cost of the ransom. It will also help towards paying for the legal representation that you may need.
Theft
Theft is damaging in any guise and the digital environment has enabled criminals to develop a wide range of means by which to steal money from individuals and organisations. Whether manipulating staff to transfer money on the back of false pretences or issuing fake invoices and bank details, fraudsters can secure significant payments erroneously.
Cyber insurance will typically cover the loss from such fraudulent transactions, which a bank may not if they feel your security protocols were insufficient or a member of staff has been negligent. There will also be investigation costs and potential legal costs associated with the loss and cyber insurance can again help to cover these.
Phishing
The ICO describes phishing when: “Criminals use scam messages to trick people into sending sensitive information, pay money, or click on a link which contains a virus or takes you to a fraudulent website.”
An employee might be tricked into replying to an email that supposedly comes from a genuine source. One example is of people replying to an email they thought was from Microsoft and providing password details. This gave criminals access to the email system who then emailed supporters for donations giving them fake account details. It could also have given them access to other data on your system such as stored credit card details.
In this scenario, you might need to credit monitor those people whose details were potentially compromised. You’ll certainly need IT experts to investigate exactly how your system was compromised and to secure it for ongoing operations. You may also need to defend resulting legal actions and have incurred business losses as a result of the attack.
Cyber insurance provides cover for these losses, as well as access to the requisite expertise, helping to minimise their impact.
The Association of British Insurers highlights the fact that cyber policies differ and not all provide the same cover or carry the same exclusions. It states: “Exclusions will vary between insurers, so it is important to understand terms and conditions. Speak to your broker or insurer directly if you are unsure about any terms.”
If you would like to discuss exactly what cover you need and the policy that best provides that protection, then please get in touch with one of our experienced experts at Keegan & Pennykid for an initial chat.
