In the realm of cybersecurity, Northern Ireland’s leading authority, Vertical Structure, has emerged as a beacon of hope for local charitable organisations seeking to bolster their digital defenses. Through the UK government’s latest cybersecurity initiative, Cyber Essentials Plus, dozens of charitable organisations in Northern Ireland have benefited from Vertical Structure’s expertise.
Charities may not traditionally be perceived as prime targets for cyberattacks, yet a 2022 report from the National Cyber Security Centre (NCSC) revealed that 30% of UK charities fell victim to cyberattacks in the past year. These attacks had significant consequences, with 38% impacting services and 19% leading to negative outcomes. Considering that the UK boasts 200,000 registered charities with a collective annual income of £100 billion, the vulnerability of this sector to cyber threats becomes evident.
As cybercriminals increasingly shift their focus away from large enterprises, they are turning their attention to smaller, more susceptible organisations like charities. This shift underscores the critical need for the charitable sector to fortify its defenses against cyber threats.
The Northern Ireland Council for Voluntary Action (NICVA), a prominent advocate for the nonprofit sector, has long recognised cybersecurity as a governance priority. NICVA actively promotes resource-sharing to empower charities in enhancing their cybersecurity posture.
Sandra Bailie from NICVA explained, “Cyber Security is a major risk for charities in Northern Ireland and working in partnership with experts NICVA provides the sector with the help and support they need to improve their cyber security and reduce their risks. We work closely with The NI Cyber Security Centre, signposting to their resources and delivering training and Vertical Structure has provided practical support to many of our members.”
In 2022, the UK government’s National Cyber Security Centre (NCSC), operating under GCHQ, introduced a funding initiative called Cyber Essentials Plus. Its primary aim is to assist UK organisations in elevating their cybersecurity defenses and safeguarding against common cyber threats.
Lorraine McCafferty, Head of the NI Cyber Security Centre (NICSC), which provides funding for the initiative, stated, “The NICSC is committed to supporting the NCSC National CE+ Funded programme and ensuring access to ring-fenced funded spaces for N.Ireland organisations. In 2022/23, NICSC supported 30+ N.Ireland charities to secure CE/CE+ funding and we will continue to provide N.Ireland charities with the opportunity to avail of CE/CE+ funding for 2023/24. NICSC highly recommend the CE+ scheme as an exemplar approach to helping protect your organisation against cyber attack.”
Being a fully funded scheme, Cyber Essentials Plus allows charitable organisations to attain certification without straining their already limited budgets. For organisations that typically operate with tight financial constraints, cybersecurity can often take a back seat. This funding initiative serves as a lifeline for the sector, enabling charities to stay ahead of cyber threats.
Furthermore, having an experienced certification body like Vertical Structure as a guiding partner throughout the certification process transforms what could be a daunting experience into a positive one.
Joanne Madine, Office Manager at Bolster Community, attested to this, saying, “Vertical Structure guided us through what could have been a very time-consuming process, we had Cyber Essentials implemented in a matter of months with next to no downtime on our end.”
As an accredited service provider for Cyber Essentials, Vertical Structure has collaborated with over 35 Northern Ireland charities, securing funding and expertly navigating them through the certification process, achieving remarkable success.
Simon Whittaker, CEO at Vertical Structure, expressed his satisfaction, stating, “Working with local charitable organisations under this scheme has been hugely rewarding for us all. All too often, we see cyber security being deprioritised due to a lack of funds. This scheme has countered that issue and ignited huge interest from charities across Northern Ireland.”
While the initial scheme has concluded, there remains a similar opportunity in 2023/24 for charities with fewer than 50 employees based in Northern Ireland to enhance their cybersecurity defenses.