Tag Archive for: data protection

Storytelling to Support Your Goals 

Storytelling to Support Your Goals 

Slide 1 

Hello and welcome to this recording from Support Cambridgeshire, a partnership of Cambridge CVS and Hunts Forum. This is one of several recordings we have developed to support small charities.   

To accompany the recording there are guidance links, available at the end of the transcript which will provide you with any materials or links we mention.  

 

Slide 2 What we’ll cover: 

During this short introduction, we will cover 

  • Why we tell stories 
  • The power of purpose 
  • Story structure 
  • Sharing stories – how to maximise your efforts   

I will also be referring to some case studies to provide real-world practical examples showing how charities have used storytelling in practice to promote their cause. This on-demand training is aimed at individuals linked to community and voluntary groups and small charities, the goal is to encourage you to take your first steps on your storytelling journey and to briefly introduce you to how to make the most of your stories. 

 

Slide 3 Why Should You Tell Stories 

Its important to get the fundamentals of storytelling right first. Why should you as a (not for profit) tell stories ?  

  • Stories build interest, awareness, and empathy 
  • Your story is what attracts people to you—and what keeps them coming back.  
  • They are the basic building blocks for reaching every goal you have as listed on the slide this includes raising money, recruiting partners and volunteers and building relationships.  

 

Slide 4 How do you begin your story? 

How do we start putting your story together? As we all appreciate, everyone has limited time – you as an individual, as an organisation, and your target audience. So thinking through how a story can help you achieve your aims and make a difference is important. So how do you create a story that achieves the outcome you want?  Like a lot of things, it starts with questions. Keeping these points in mind when creating content or a campaign could help you achieve your storytelling goals. 

  • Who are you telling your story to? 
  • Why are you telling it? 
  • What do you want to happen and when?  

I will discuss each question in a little more detail over the next few slides.  

 

Slide 5  Who are you telling your story to 

So lets start with the “who?”  

It’s really important that you get to know your audience. This will help you to create a more targeted campaign. You might think about segmenting your audience  –  introductory guides on how to plan your campaign are included in the links. Consider what barriers your audience are they facing – that are perhaps stopping them from engaging with your cause – is it time, digital or other access needs, finances etc. Also think about how they might want to get involved, based on what you know about them – so for example busy working individuals may want quick information on how they can support your cause outside of core working hours 

 

Slide 6 WHY are you telling your story? 

WHY are you telling your story? There could be many reasons or just one, but thinking about this will help you to achieve your goals with your story. Don’t tell a story or share content for the sake of it. Think through the outcomes you want to achieve early on and this will inform the story you tell and how you tell it  

 

Slide 7 What do you want to happen and when?  

What do you want to happen and when? What would you like the reader of your story to do or how you would like your story to impact your reader? It can be helpful to categorise your story to shape your message. You might think along the lines of a hard or specific ask for example; you want your reader to “donate here” or “volunteer now”.  Or perhaps you want your story to have a “soft ask” so that your story shares information and inspires your reader to access further information or to further action.  

Make sure your call to action is clear, for example, “click here to donate.” It is clear to your audience “when” they should take action. 

 

Slide 8  Case study 

This case study highlights how simple it can be to share a story. I found this very straightforward yet powerful story on the COOP website 

The story is: Ian is a talented conductor, he has been a part of the Paisley Abbey choir for 20 years, he started a new community group called The Paisley Senior Singers. The group aims to attract seniors in the local area and beyond to join their singing and social group, on a weekly basis. The story shares details of when and where and who to contact for further details. There is also some text about sharing your own story about how your community has come together to support each other.  

Referring back to our starter questions: Who, Why, What and when…… 

  • Who: Ian is a volunteer who wishes to support his community in particular the lonely older people, he is a talented conductor. 
  • Why: The aim is to decrease loneliness, improve well being and increase community engagement  
  • What: Ian used his experience to set up a group to engage with the local community to improve well being. The call to action is to share your community engagement story  
  • When: Coop are asking community groups to share their stories about how their community has come together to support each other, there is a clear Call to action: “Share your story” button on the page. 

 

Slide 9 Be More Cat 

A useful tool to support you with starting to tell your own stories: it is to be more CAT  

So looking at our Paisley Senior Singers case study again 

  • Challenge: Decrease loneliness and increase community engagement 
  • Action: engage with local community to improve well being  
  • Transformation: volunteer used his experience to set up a group to engage with local community to improve well being. The call to action/transform is: share your own story on how you transformed your community for the better.   

 

Slide 10 A second case study 

A second case study. This is actually about a cat. This is a Cats Protection social media post. The story is about a cat called Gizmo who was found 20 miles away from his home, he had jumped into a delivery van, but he was microchipped so when he was found he was returned to his owners without further delay. The post included a direct quote from the joyful owners of Gizmo. 

So there was a Facebook post, with text and pictures 

Breaking the story down using the questions I posed earlier  

Who is the story aimed at – cat owners – and what do cat owners like – pictures and stories of cats. This social media story includes a cute pic of a cat to ensure a wide reach with a personal story and a happy ending, where Cats Protection has played a positive and vital role, and how the target audience as cat owners can help Cats Protection to continue their work. 

Why share this story – to keep cats safe. Cats Protection mission include rehoming cats and championing their rights, ensuring they return to their owners when they are lost forms part of their key objectives.  

What outcomes does Cats Protection want to achieve with this story: If cats are lost, they can be returned home quickly and safely, and microchipping cats ensures this happens. So increase the number of cats being microchipped.  

So; the final call to action is to Find out more about microchipping with a link 

I have also posted a screenshot of some of the comments just to show how a Social Media post can engage an audience and continue the story, with re-shares, comments by other cat owners with their own stories and likes etc. So the one story about Gizmo can generate a conversation and “microchipping movement.” 

Looking at this same case study using the CAT tool: 

The Challenge is to engage with cat owners to encourage them to microchip their cats 

The Action is to share Gizmo’s successful story and to inspire cat owners 

The Transformation is for cat owners to be inspired to learn more about microchipping and microchip their own cats. 

 

Slide 11 Sharing stories and how to maximise your efforts – less can be more 

Moving on to sharing stories and how to maximise your efforts. Really helpful to remember that when thinking about digital storytelling, especially social media, think less is more. A few top tips are included on the slide 

  • Keep sentences short (20 words maximum) 
  • Keep films short 2/3mins maximum 
  • Use short words  
  • Don’t over-do punctuation  
  • Be concise 
  • Use every day English  
  • Be authentic  

 

Slide 12 sharing stories and how to maximise your efforts – accessibility 

Sharing stories – how to maximise your efforts. Accessibility. There are a lot of free readability and accessibility software to assist you with this, including Microsoft which can help with accessibility, Grammarly can help with readability and CHAT GPT and AI can also be used to create content BUT be careful and make sure you are checking over any AI created content, so that it is your story and it makes sense.  There are also some helpful, straightforward style guides when using various software tools. For example; Social media now have Alt text features and most have their own accessibility guides that tell you what to do. But across all platforms think about your presentation including your font and colours etc. There are some helpful links and resources on the slide  

 

Slide 13 Memorable stories  

To be able to maximise our efforts we want to make sure we are creating and sharing memorable stories, but what makes a memorable story? There is a clear beginning, middle, and end. The story is fairly short.  It offers some action or transformation. We have already discussed this when we looked at story structure and how to create our stories, remember our initial questions, why are we telling the story and what do we want to happen, and the CAT tool, what’s the challenge, action and transformation. Also, remember Less is More (from the previous slide) when sharing our stories. When we looked at our initial questions, we did look at “who are we telling our story to.”  And this also forms part of creating memorable stories, we should aim to tell and share a story that is personally relevant to you or the person who shared it with you so that it creates that all-important emotional connection with your audience.  

The links on the slide provide further information and guidance on this idea of emotional connection with your audience when telling and sharing stories. The first step in making this emotional connection is your story’s voice, which we will discuss next. 

 

Slide 14 “Person first Charity second.” Third Case Study. 

If you are sharing someone’s story, you want to ensure an authentic voice to create that emotional connection. You need to be respectful and ethical. Remember; person first and charity second. On the slide is our third case study, from the Anthony Nolan website (they are a blood cancer charity). The links are to a short YouTube video and blog post with photos, sharing Jo’s lived experience. This case study shows that successfully sharing someone’s story, using their own voice doesn’t have to be slick professionally created content, instead user-generated low-quality footage but with quality content can be authentic and engaging, this is because Jo is charismatic, positive and confident. The audience is left rooting for her and it’s an inspiring story of lived experience created and shared authentically in Jo’s own voice. But remember that sharing lived experience can be complex depending on the people your charity works with, you will need to make judgements about what is appropriate. You must ensure that consent and ongoing consent is properly obtained and recorded. (We have provided links to further resources in the final slides and transcript.) The key to sharing lived experiences and others’ stories, ethically is to ensure that you build a consensual relationship based on trust, which continues even after the story has been created and shared.  

 

Slide 15 Choosing your platform  

Where do we start with what platform to use to share our stories? 

This initial first question can already be overwhelming before we have even begun to share. As you are probably aware different platforms can reach different audiences. On the slide there is a link to We are Social Digital 2024 which does break this down a little. So for example the younger generations tend to use snapchat and tik tok and perhaps older generations use Facebook. 

Think about your knowledge and capacity, as an individual and as an entire team. 

If you think back to the Cats Protection case study – when I shared the screenshot of the comments section to Gizmo’s story – those comments can be just as important as the original post in creating that engagement and momentum, keeping the story alive and present. So, the knowledge and capacity to monitor and engage with the comments.  

And remember that you can reuse or edit your content so that it can be used on more than one platform. Thinking back to Jo’s story with the Anthony Nolan Trust on the previous slide it was a blog post with a photo and also YouTube videos – which were then shared and posted on different Social Media platforms as well as their website. 

Finally, remember essentially you are a matchmaker – matching your story to the best platform – so that as many people as possible will see it / hear it and action it  

 

Slide 16 It’s part of a Process 

In summary, storytelling is part of the bigger picture of your group’s story and it is all part of a process starting with: 

  • Your audience – who are you telling your story to? 
  • How can you connect with them – create that emotional connection 
  • Collecting and curating those connections, those lived experiences and voices and include everyone – your entire team;  
  • Producing the stories. Remember structure – beginning, middle and end. Remember CAT – challenge, action and transformation. 
  • When you hit share it’s not the end – watch what the impact is – learn from it so that when you consider your next story and digital campaign you can improve on the outcomes.  

 

Slide 17 Policies and procedures 

I am ending with a couple of important resources slide. You may already have in place policies around safeguarding, EDI (Equality, Diversity and Inclusion) and health and safety. But as you consider storytelling it is important to make sure that you also have policies for the way you work through digital channels and on digital platforms. I have listed a few policies here that you may not already have, and you may need to think about adopting, including:  

  • Data protection & GDPR   
  • Consent & Photography  
  • Copyright 
  • Training & Guidelines  
  • Digital Strategy  
  • What to do if things go wrong? Dealing with complaints and negative comments 
  • Social Media  

 

Slide 18 Resources 

Some further resources that may be of assistance 

 

Slide 19 Here to Help 

We hope that this training has been of assistance as you embark upon your storytelling journey. Please do reach out to us directly with any further support needs and do check out our website for further training resources. 

 

Guidance and support links: 

Charity Digital, Eight Steps to Planning Marketing Campaigns 

Facebook, Understand Audiences  

The Process of Effective Story 

1st Case study: Paisley Senior Singers 

From raw content to stand out stories – Chris Flood,  

content and search lead, Cancer Research UK. Charity Comms.  

Pixar in a Box, The art of storytelling, Introduction to Structure 

2nd Case study Cats Protection – Gizmo and Microchipping 

Microsoft Word’s built-in readability guidelines 

Content Design London’s readability guidelines 

Diversity & Ability  

Lisa Riemers, accessibility resources,  

Charity Comms, Accessible Communication: a starting point to foster inclusive comms. 

Thekar Pekar, Lesson from Retelling Stories, NeuroCooking   

It drew me in… Christmas advertising is not only about storytelling, it is about the story of us as humans – Walnut Unlimited 

3rd Case study: Jo’s story – Anthony Nolan and Youtube video – Jo’s story 

The Power of Human Stories; How to be an authentic storyteller. Charity Comms  

We are Social: Digital 2024 UK 

The Catalyst, how to tell your story with digital 

 

Policies and Procedures  

Policies & procedures: NCVO help and Guidance (National Council for Voluntary organisations) 

Data Protection & GDPR  

Consent & Photos 

Copyright 

Complaints 

Training & Guidelines   

Digital Strategy   

Guidance support on social media from NCVO 

Resources 

Charity Comms  

Charity Digital 

Canva tutorials 

The Curve  

Catalyst  

Lisa Riemers  

Diversity & Ability 

Gov.uk Accessible Formats 

Digital Culture Network 

Pixar in a Box 

Heritage Digital  

Cambridge Online, YouTube 

Here to Help 

www.supportcambridgeshire.org.uk 

To contact CCVS  

enquiries@cambridgecvs.org.uk 

To contact Hunts Forum 

info@huntsforum.org.uk 

Cybersecurity for Small Charities

 

Slide 1

Cybersecurity

Hello and welcome to this recording from Support Cambridgeshire, a partnership of Cambridge CVS and Hunts Forum. This is one of several recordings we have developed to support small charities.

To accompany the recording there are guidance links, available at the end of the transcript which will provide you with any materials or links we mention.

 

Slide 2

What we’ll cover:

This training uses resources and training developed and supplied with consent from the National Cyber Security Centre (NCSC) and the National Association for Voluntary Community Action (NAVCA)

During this short introduction, we will cover:

  • Awareness of NCSC
  • Why Cyber security is important
  • What you and your group should be aware of and looking out for when it comes to cyber attacks
  • Where can you access support and resources for you and your group for free

This on-demand training is aimed at individuals linked to community and voluntary groups and small charities, the goal is to encourage you to consider your cyber security position.

 

Slide 3

Awareness of the NCSC

Who are the National Cyber Security Centre?

The National Cyber Security Centre or NCSC are formally a part of GCHQ, one of the 3 main UK intelligence agencies. The NCSC mission is to help make the UK the safest place to live and work online. The NCSC provides key and up-to-date guidance for charities which are free to use. Their website is a one-stop shop for any of your cyber questions. You can contact the NCSC via their enquiries page. There is a helpful link from Charity Digital article; An A-Z glossary of cybersecurity terms and definitions

 

Slide 4

What is a cyberattack?

A cyber attack is considered any malicious attempt to damage, disrupt or gain unauthorized access to computer systems, IT networks or devices (such as laptops, phones and tablets). Specifically without your knowledge and permission.

Recent cyber attacks have made news headlines; in June 2024 the NHS was attacked and several GP surgeries and hospitals were affected causing serious disruption. The British Library were also victim of a cyber attack in October 2023.

 

Slide 5

What is Cybersecurity?

In the opposite way Cyber security is the actions you take to protect your systems and devices from such an attack. By protecting your systems sufficiently, you stand a significantly stronger chance of keeping your systems and charity safe from an attack. Just as the internet is a fundamental part of life in keeping your charity running and accessible to all, so is your cyber-security.

 

Slide 6

Why are Charities and groups at risk?

Charities hold funds (often electronically), personal, financial and commercial data of interest to individuals and often of monetary value to a criminal. Often this data is sensitive, valuable and vulnerable to attack. Think about how your supporters would feel if their data was taken from your systems.

The Impact of a cyber-attack can range from missing data, stopping your operations temporarily or permanently, costs of a breach or lost revenue including the time taken to recover, and finally the reputation of your charity.

A Cumbria-based community charity, The Milom Network Centre, which supports local people with its food pantry, second-hand furniture sales and educational programmes, lost all of its charitable funds in May 2024 when it fell victim to fraud. Scammers emptied its entire bank account. Before the bank agreed to the refund the charity, they faced the very real fear of closure.

 

Slide 7

Who could attack a charity?

Cyber Criminals might attack a charity. This can be either untargeted or targeted. No matter which way it is, it’s usually always for financial gain. There is no information to say charities are specifically targeted over other sectors. However we know criminals scan the internet for organisations that have weak security defences.

If you think about an opportunistic burglar walking down street looking for properties with open windows. The burglar or cyber criminal won’t care if those windows belong to a small or large charity. It’s not just ransomware. Criminals can steal money through other routes like pretending, to be a supplier and asking for urgent payment on an invoice.

Nation States; There is currently no evidence of nation states targeting the charity sector but it is possible to be caught up in un-targeted attack by a nation state.

Lastly the Insider threat. And by that I mean a member of staff, volunteer, or trustee that’s working in the charity. The overwhelming majority of cyber incidents caused by insiders are accidental. However they can still have a significant impact on the operation of the charity. Its really important for charities not to foster a culture of blame for accidental ‘insider’ cyber incidents. It is so easy to make a mistake whether it’s clicking on a suspicious link or opening an attachment which could unleash a virus. The important thing is that staff feel that they can report without fear of repercussions. That way IT can be up and running quicker and data recovered faster.

But there could be a chance that the insider threat could be on purpose. Perhaps a member of staff is disgruntled or a trustee feels they have been ignored.

All these threats, whether targeted or untargeted, accidental or on purpose, can be mitigated by using some key cyber security approaches.

 

Slide 8

How are charities being attacked?

Ransomware is a type of malware that makes data or systems unusable until the victim makes a payment. Typically, the data is encrypted, but it may also be deleted or stolen, or the computer itself may be made inaccessible. Following the initial ransomware attack, those responsible will usually send a ransom note demanding payment to recover the data. Law enforcement do not encourage, endorse, nor condone the payment of ransom demands. If you pay. There is no guarantee that you will get access to your data or computer. Ransomware attacks can have a devastating impact on organisations, with victims spending significant amounts of time and money to reinstate critical services. Often skills need to be bought in from elsewhere. Replacing or upgrading expensive IT equipment is also often required.

The British Library and NHS cyber attacks I referred to earlier were Ransomware attacks.

Malware is malicious software that is designed to interfere with a computer’s normal functioning and that can be used to obtain information and commit cybercrimes.

Phishing is where untargeted, mass emails are sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website. Most of us have heard about not opening suspicious looking attachments or weblinks, but these attacks do still regularly happen. Criminal groups will use charity branding or logos to make the emails look more legitimate, these can be obtained from websites or a simple google search.

A couple of examples on the slide. In May 2024 Companies House sent out an email warning of scam letters being sent out claiming to be from Companies House, the letters claimed that the recipient needed to make payment for Enhanced Web Filing Access.

In June 2024 we at CCVS posted on LinkedIn that we had been made aware by the Cambridge City Council of a fraudulent message aimed at Homes for Ukraine visa holders that was circulating online. The message falsely claimed to be from the Home Office and requested personal data.

 

Slide 9

What can you do to protect your charity?

What can you do to protect your data?

We will look at each area in a little more detail.

  1. Backing up your data
  2. Protecting against malware
  3. Keeping devices secure
  4. Create strong passwords
  5. Defend against phishing

 

Slide 10

What can you do to protect your charity?

1. Back up your data

Backing up your data is your vital first step in your cyber security strategy. You must ensure not only that your charity is taking regular back-ups of important data but test that they can also be restored. This will reduce the inconvenience of any data loss from theft, fire, other physical damage or ransomware.

Identify what needs to be backed up. Usually, this includes documents, emails, contacts, legal information, calendars, financial records and supporter or beneficiary databases.

Ensure the device containing your backup is not permanently connected to your network either physically or over a local network.

Consider backing up to the cloud. This means your data is stored in a separate location (away from your offices/devices), and you’ll also be able to access it quickly, from anywhere. Link to Cloud security guidance from the NCSC is on the slide.

 

Slide 11

What can you do to protect your charity?

2. Protect against malware

Protecting your charity against malware (which is malicious software including viruses) doesn’t have to pricey or complicated, I have listed a few low cost and simple options on the slide

  • Use antivirus software on all computers and laptops. Only install approved software on tablets and smartphones, and prevent users from downloading third party apps from unknown sources.
  • Patch all software and firmware by promptly applying the latest software updates provided by manufacturers and vendors. Use ‘automatically update’ options where available.
  • Control access to removable media such as SD cards and USB sticks. Consider disabling ports, or limiting access to sanctioned media. Encourage staff to transfer files via email or cloud storage instead.
  • Switch on your firewall (included with most operating systems) to create a buffer zone between your network and the Internet.

There is a link on the slide to smartphone and device security guidance from NCSC

 

Slide 12

What can you do to protect your charity?

3. Keep Devices secure

Smartphones and tablets (which are used outside the safety of the office and home) need even more protection than ‘desktop’ equipment.

  • Switch on PIN/password protection/fingerprint and face recognition for mobile devices.
  • Configure devices so that when lost or stolen they can be tracked, remotely wiped or remotely locked.
  • Keep your devices (and all installed apps) up to date, using the ‘automatically update’ option if available.
  • When sending sensitive data, don’t connect to public Wi-Fi hotspots – use 3G or 4G connections (including tethering and wireless dongles) or use VPN’s.
  • Replace devices that are no longer supported by manufacturers with up-to-date alternatives.

There is a link to a NCSC blog post about mobile device management software on the slide

 

Slide 13

What can you do to protect your charity?

4. Creating strong passwords

Passwords – when implemented correctly – are a free, easy and effective way to prevent unauthorized people from accessing your devices and data.

  • Make sure all laptops, MACs and PC’s use encryption products that require a password to boot. Switch on password/PIN protection or fingerprint and face recognition for mobile devices.
  • Use two-factor authentication (2FA) for important websites like banking and email if you are given the option. Two factor authentication requires using a password and one other form of protection like a finger print, face recognition, pin or text message
  • Avoid using predictable passwords (such as family and pet names). Avoid the most common passwords that criminals can guess (like passw0rd).
  • Do not enforce regular password changes: they only need to be changed when you suspect a compromise.
  • Change the manufacturers’ default passwords that devices are issued with, before they are distributed to staff.
  • Provide secure storage so staff can write down passwords and keep them safe (but not with the device). Ensure staff can reset their own passwords, easily.
  • Consider using a password manager. And if you do use one, make sure that the ‘master’ password (that provides access to all your other passwords) is a strong one.

Links to further information and resources from the NCSC are on the slide

 

Slide 14

What can you do to protect your charity?

5. Defend against phishing

Phishing attacks are when scammers send fake emails asking for sensitive information (such as bank details), or the emails include links to bad websites and the emails encourage you to click on the links. To defend your charity against phishing attacks you can:

  • Ensure staff don’t browse the web or check emails from an account with Administrator privileges. This will reduce the impact of successful phishing attacks.
  • Scan for malware and change passwords as soon as possible if you suspect a successful attack has occurred. Don’t punish staff if they get caught out (it discourages people from reporting in the future).
  • Check for obvious signs of phishing, like poor spelling and grammar, or low quality versions of recognisable logos. Does the sender’s email address look legitimate, or is it trying to mimic someone you know? This is challenging as emails are increasingly sophisticated

Link on the slide is to 5 top tips to avoiding phishing attacks from NCSC

 

Slide 15

What to do if you are a victim of a cyber attack?

Despite your best efforts, cyber attacks can happen and if you think your charity has been the victim of a cyber attack – an online fraud, scams or extortion, you should report this through the action fraud website, there is a link on the slide.

You must report certain incidents that you’re legally obliged to report to the Information Commissioner’s Office (ICO) regardless of whether your IT is outsourced. This includes a personal data breach under the GDPR or the Data Protection Act.

You will also have to report it as a serious incident to the Charity Commission through the Charity Commission (England and Wales) website.

Reporting incidents will demonstrate that you have taken responsible action to identify problems within your charity. It also helps the Commission to gauge threats that may affect the wider sector and to take steps to address these with targeted advice and guidance.

If you are not sure if you have been attacked or need further advice, you can contact the NCSC enquiries.

 

Slide 16

NCSC Resources

The NCSC has produced a number of tools called the Active Cyber Defence tools or ACD. These are offered to organisations across certain sectors including charities for free. There are 3 tools which are worth looking into for your charity. They are Mail and web check and Early Warning.

 

Slide 17

NCSC Resources and guidance

The NCSC also has a lot of free resources including guides, support and advice. On the slide are a few resources that are useful to smaller charities in particular.

  • Small charity guide
  • Infographics: these are useful if your team has any specific questions or wants to learn more. They are available on the NCSC website and can be downloaded and printed.
  • E learning courses: this includes “top tips for staff”. The training can be completed online or downloaded and built into your own training platform. It takes less than 30 minutes to complete and is deliberately non-technical. This training is aimed at small organisations so some of the terminology is not aimed at charities but it is a useful resource for colleagues who may like some basic cyber skills.

 

Slide18

The Future

The future. Technology is constantly developing at an ever-increasing pace, with policy, legislation, and security furiously trying to play catch up. Plans for future legislation have again been amended with a new labour Government elected in July 2024.

AI briefly appears on the agenda but the focus appears to be on data protection matters and privacy rights.

We plan to update this training transcript with any relevant updates

The link is to the Data Protection Network article July 2024 which discusses possible changes in legislation with the new Labour Government.

 

Slide 19

Here to help

We hope that this training has been of assistance in increasing your awareness of what is cyber security, who is the National Security Council and how you can protect yourself and your charity from possible cyber-attacks. Please do reach out to us directly with any further support needs and do check out our website for further training resources.

 

Guidance and support links:

www.supportcambridgeshire.org.uk

To contact CCVS

enquiries@cambridgecvs.org.uk

To contact Hunts Forum

info@huntsforum.org.uk

National Cyber Security Centre (NCSC) https://www.ncsc.gov.uk/

National Association for Voluntary Community Action (NAVCA) https://www.navca.org.uk/

Action Fraud Website https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime

Information Commission Office (ICO) https://ico.org.uk/for-organisations/report-a-breach/

Charity Commission – reporting a serious incident (RSI) https://www.gov.uk/guidance/how-to-report-a-serious-incident-in-your-charity

 

 

NCSC resource links

NCSC general enquiries https://www.ncsc.gov.uk/section/about-this-website/contact-us

NCSC Small Charity Guide https://www.ncsc.gov.uk/collection/charity

NCSC infographic cybersecurity small charity guide https://www.ncsc.gov.uk/files/Cyber%20Security%20Small%20Charity%20Infographic.pdf

NCSC E-courses for small organisations https://www.ncsc.gov.uk/training/cyber-security-for-small-organisations-scorm-v3/scormcontent/index.html#/

NCSC Active Cyber Defence tools or ACD:

  1. Mail Check – https://www.ncsc.gov.uk/information/mailcheck
  2. Web Check – https://www.ncsc.gov.uk/information/web-check
  3. Early Warning – https://www.ncsc.gov.uk/information/early-warning-service

NCSC Infographics https://www.ncsc.gov.uk/information/infographics-ncsc

NCSC Cyber Security eLearning training https://www.ncsc.gov.uk/blog-post/ncsc-cyber-security-training-for-staff-now-available

 

NCSC guidance links

NCSC cloud security guidance https://www.ncsc.gov.uk/collection/cloud

NCSC Smartphone and device security guidance https://www.ncsc.gov.uk/collection/device-security-guidance

NCSC blog post: Which Mobile Device Management software is the best? https://www.ncsc.gov.uk/blog-post/ncsc-it-mdm-products-which-one-best-1

NCSC Actionable advice https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/use-a-strong-and-separate-password-for-email

NCSC Three Radom Words passwords https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0

NCSC password managers https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0

NCSC avoiding phishing attacks https://www.ncsc.gov.uk/collection/small-business-guide/avoiding-phishing-attacks

 

Links to articles:

Charity Digital: An A-Z glossary of cybersecurity terms and definitions  https://charitydigital.org.uk/topics/an-a-z-glossary-of-cyber-security-terms-and-definitions-11473

British Library Blog Post March 2024 Lessons from the cyber attack https://blogs.bl.uk/living-knowledge/2024/03/learning-lessons-from-the-cyber-attack.html

Guardian Article June 2024 Cyber-attack on London Hospitals https://www.theguardian.com/society/article/2024/jun/11/cyber-attack-on-london-hospitals-to-take-many-months-to-resolve

BBC News article May 2024 Scammers emptied charity’s account https://www.bbc.co.uk/news/articles/cn40vrpz2v2o

Gov.UK Reporting scams to Companies House

https://www.gov.uk/guidance/reporting-scams-pretending-to-be-from-companies-house?utm_content=&utm_medium=email&utm_name=&utm_source=govdelivery&utm_term=

CCVS LinkedIn post-June 2024. Cambridge City Council warning about fraudulent messages aimed at Homes for Ukraine visa holders

https://www.linkedin.com/posts/cambridge-council-for-voluntary-service_welcome-to-govuk-activity-7209137701105582080-hElO/

Data protection July 2024 Labours plans for data protection, cybersecurity and AI https://dpnetwork.org.uk/labours-plans-data-protection-cyber-security-ai/?utm_source=Data+Protection+Network&utm_campaign=91f7d54770-EMAIL_CAMPAIGN_2023_08_28_04_14_COPY_01&utm_medium=email&utm_term=0_-7337095521-%5BLIST_EMAIL_ID%5D