UK government extends Cyber Essentials to charities

The UK government has partnered with the IASME consortium and the Give01Day not-for-profit organisation to offer Cyber Essentials certification to UK charities to help them keep safe online.

UK government extends Cyber Essentials to charities
UK government extends Cyber Essentials to charities

The partnership aims to educate, inform and spread the word on the scheme – which has been established to set out a “baseline” for best IT security practices - whilst also ensuring that signed-up charities meet the standards required. 

Charities are eligible to sign up for Cyber Essentials (a self-assessment questionnaire which is later verified by a certified body to ensure the standards have been met) or Cyber Essentials Plus (which involves external testing of the charity's cyber-security practices).

To most companies, this registration is not an inconsiderable cost, however, Give01Day says that it is offering a “limited" number of wholly subsidised certifications to a limited number of charities, with this being helped by funding support from various companies – including well-established security companies such as LogRhythm and Tripwire.

As an added bonus, any UK-based certified organisation that meets the requirements will be eligible to receive free cyber-liability insurance, so long as their annual turnover is less than £20 million per annum. This insurance will cover them for up to £25,000 in the event of a cyber-breach.

Give01Day – formerly GiveADay – and IASME will begin hosting a series of free educational webinars for charities from February onwards. These webinars will signpost all charities to the Cyber Streetwise website as the first step to learn about cyber-security.

Ed Vaizey, minister for culture and the digital economy, said in a statement: “The UK is leading the way in cyber-security and we want to remain one of the most secure places to do business and operate online. Our Cyber Essentials scheme helps businesses and organisations of all sizes protect themselves and their valuable assets against online threats.

“Achieving Cyber Essentials certification will help ensure charities can operate safely online and continue the fantastic work they are doing across the country.

Amar Singh, the founder of Give01Day, added that the news is positive, especially considering all businesses and not-for-profit organisations are increasingly moving online.

“We are really excited about helping certify UK charities to the Cyber Essentials baseline certification. Given the increasing dependency on everything cyber, this certification and the accompanying awareness and education will help uplift the security posture of charities and help in protecting their sensitive personal data stores. In addition, many of the charities will benefit from free cyber-liability insurance.”

CERT-UK added that it welcomed the move because it "represents another step in encouraging UK businesses and charities (big and small) to take cyber-security seriously."

“We're delighted to be a part of Give01Day and IASME's scheme to help charities ensure their cyber-security is up to scratch," says Ross Brewer, VP and marketing director for international markets at LogRhythm. "Charities hold a vast amount of personal information and it's important that they can continue to focus on all the great work that they do, with the peace of mind that their security is up to scratch. 

“At LogRhythm, we're working hard to ensure that businesses of all types are protecting sensitive information to the best of their ability. Today, it is very much a case of when you get hacked, rather than if, and we want to ensure that organisations know how to mitigate risk and deal with anything untoward on their networks as quickly and efficiently as possible.”