Awareness of cyber risk is increasing, and many charities are doing a good job of tackling it.
But there is more work to be done. Recently, the ICO reported on advisory visits it had made to a number of charities and revealed several areas that required improvement.

According to the ICO, roughly half of the charities visited had failed to disable USB ports and DVD/CD drives on computers, leaving them open to the removal of data or uploading of malicious code.
A significant proportion of these organisations didn’t have minimum requirements for password complexity, nor did they enforce basic security principles, such as regular password changes. Over a third of the charities had no education programme in place for training their staff that handles personal data.

While it is hard for third sector organisations to devote time and money to data and IT security, they must prioritise it. Charities are the same as any other company when it comes to information security and the possibility of a cyber attack.
Through this survey, Third Sector Insight, together with Markel, wants to find out how your charity is protecting itself against or preparing for a cyber breach of security.

The survey will take no more than a few minutes of your time – and as a thank you, we will enter you into a prize draw for the 1st prize of a set of Virtual Reality goggles and a 2nd prize of £100 worth of John Lewis vouchers.

*In taking part in this survey you agree to our terms and conditions, to view these click here. To view the Privacy Policy, click here. Entries for the survey and prize draw close 31st July 2016.

* 1. How well protected and secure do you think your charity's IT systems are?

* 2. Do you think your charity is equipped to fend off a cyber security attack?

* 3. Do you have any cyber security support to help your charity protect itself?

* 4. Much vulnerability is exploited by software. How often is your charity's software updated?

* 5. How familiar and up-to-date are you with the Data Protection Act?

* 6. Do you have procedures in place to protect your data such as encrypting?

* 7. Do you have a process in place to raise staff awareness of the importance of cyber and data security?

* 8. Accidents do happen. Data might get lost or hackers might compromise systems. If the worst happens, do you have a written response plan?

* 9. On your website, are there any interactive areas such as log-in areas, forums or online donations?

* 10. Are you aware which of the following products or services Markel offer? 

* 11. Does your charity have cyber risks insurance?

* 12. Which additional services would you find valuable as part of your insurance cover. Please rank in order of importance. (1 being most important, 6 the least important)

* 13. Which of the following topic areas would you like advice on? (tick all that apply)

* 14. First name

* 15. Surname

* 16. Charity

* 17. Job title

* 18. Charity size

* 19. Do you buy insurance direct or through a broker?

* 20. Broker name

* 21. Insurance policy renewal month

* 22. Work email

* 23. Telephone number