Third Sector

Relevant information for Third Sector organisations

What is cyber resilience

Cyber resilience is about ensuring that your organisation is prepared for a cyber attack and can continue to operate when it happens.

Cyber security is about protecting your IT systems and data to help ensure you are not a target of malicious cyber activity, reducing the risk of cyber attack.

Why is it important within third sector

Cyber resilience is just another part of overall business resilience which is about making sure that you have a plan in place to keep operating, even when things go wrong. As organisations move online, they are more vulnerable which can result in:

  • loss of service
  • people you work with/staff being put at risk
  • financial and reputational impact

Unfortunately the third sector is not exempt, according to 2024 UK Cyber Security Breaches Survey almost one in three (32%) charities experienced some form of cyber security breach/attack in last twelve months. The good news is that taking the first steps to improving your cyber resilience is easier than you might think. There is lots of support out there to help you start to prioritise cyber risk, protect against the most common threats and ensure you are prepared to respond to cyber incidents when they inevitably occur.

What can third sector do

The Scottish Government has produced advice and guidance for voluntary sector organisations as part of their Third Sector Action Plan, which focuses on:

What are CyberScotland doing to support third sector

SCVO have appointed a Cyber Resilience Co-ordinator, who will work closely with Scottish Government through the CyberScotland partnership, to help coordinate implementation of the action plan across Scotland’s voluntary sector to support them in becoming more cyber resilient. They will be guided by a Third Sector Cyber Resilience Working Group, made up of a range of people from across the sector, who will help shape the development of the work programme to ensure it is impactful and relevant. As these themes develop this page will be updated with new initiatives and opportunities.

Relevant News

incident icon
GENERAL

New collaboration aims to reduce cyber risk to third sector organisations in Scotland

To help support charities in addressing cyber risks, a Third Sector Cyber Resilience Working Group, made up of a range of people from across Scotland’s voluntary sector, has been established to shape and guide a programme of work aligned to Scottish Government’s Third Sector Cyber Resilience Action Plan.

Relevant Resources

Cyber Essentials Readiness Tool

The Cyber Essentials Readiness Tool helps you meet Cyber Essentials requirements. The tool includes questions related to the main Cyber Essentials criteria and provides tailored advice to prepare you for certification. This resources provides support with Cyber Essentials readiness and certification

Read more Cyber Essentials Readiness Tool in modal dialog

Small Charity Guide

The advice in the Cyber Security: Small Charity Guide will significantly increase your protection from the most common types of cyber crime. The five topics covered in the guidance are easy to understand, and are free or cost little to implement. 

Read more Small Charity Guide in modal dialog

Available Support

  • Read the CyberScotland Advice & Guidance to further understand the risk to you and your organisations
  • Read our guidance on Responding To An Incident
  • Scottish charities are also required to report cyber crime to OSCR via raise a concern form, as well as report an incident.
  • If you are interested in becoming more cyber resilient and want to discuss this with SCVO, please contact Alison Brogan, Third Sector Cyber Resilience Co-ordinator at alison.brogan@scvo.scot
Back to top of the page