CATEGORIES
Third Sector BulletinsThe CyberScotland Third Sector Cyber Resilience Bulletin is designed to provide you with cyber related information for the third sector.
Report cyber crime to Police Scotland by calling 101 & via OSCR concern form
Cyber Incident Response & Recovery Helpline: 0800 1670 623 (Weekdays 9am-5pm)
Common Threats
- According to 2025 UK Cyber Security Breaches Survey* phishing remains the top threat, ensure your staff/volunteers know what to do if you click a dodgy link.
- SCVO worked with Glasgow Council for the Voluntary Sector (GCVS) to include free cyber security modules in the TSI Learning Platform that explain how to stay safe online and simple steps leaders can take to secure their organisation.
- 30% of charities* experienced some form of cyber security breach/attack in the last twelve months, apply for free expert cyber support to improve, or assure, your protective measures and help keep your organisation safe online.
Organisations that are proactive in managing and handling threats can subscribe to regular reports here
Recent Incidents and Lessons Learned
- National Cyber Security Centre (NCSC) have published best practice to help organisations minimise the chances of falling victim to actors like this on the back of recent cyber incidents impacting UK retailers.
- Summary of a conversation with SAMH and The Royal Zoological Society of Scotland, about their experiences and key lessons learned, from cyber event last year.
- Information Commissioner’s Office (ICO) emphasise the importance of implementing multi-factor authentication (MFA, aka 2SV) to help mitigate cyber risk on back of lessons learned from a recent investigation.
Awareness and Guidance
- New cyber governance code of practice released by NCSC outlines critical actions to help boards effectively oversee cyber risks.
- Upcoming events include Helping the Third Sector Stay Safe Online (Inverness) and Lunchtime Learning: Improving cyber awareness (Online).
- 34% of charities reported* being insured against cyber security risks in some way. The UK government has recently commissioned research to help gain a better understanding of the state of the market, output of which will be shared once available.
Up-to-date advice and support on third sector cyber resilience can be found here.