Contact Us

Contact Us

Please get in touch using the form below

Side Pop-out Form
View our full Privacy Policy
Industry Solutions


Cyber Security for Charities and Nonprofits

A rise in the number of cyber-attacks targeting not-for-profit organisations has increased the need for charities, foundations and trade organisations to prioritise cyber security and protect the personal information of supporters and donors.

Nearly two thirds of high-income charities recorded a cyber security incident in 2018.

Common security challenges in the nonprofit sector include:

Protecting aging IT infrastructure against threats
Working with limited budgets and competing spending priorities
Protecting the personal information of donors and supporters
Keeping up with continuous workplace digitisation
Educating staff on cyber risks like phishing and ransomware

Key security questions for nonprofits

Questions charities and other nonprofits should be asking about their cyber security:

  • Is data protected against unauthorised processing?
  • How often are networks and websites tested for vulnerabilities?
  • Are security controls in place to prevent sophisticated threats?
  • Are systems able to identify threats that bypass the perimeter?
  • Are staff sufficiently trained about cyber security risks?
  • Is there a plan in place to detect, remediate and report breaches?
  • Is donation processing PCI DSS compliant?

Cyber security compliance in the nonprofit sector

Redscan’s range of cyber security services can help organisations in the nonprofit sector to ensure that controls and processes are in place to protect key systems and data to the highest standards.

Since the enactment of the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA 2018), all organisations that handle personal data, including donor and employee information, must ensure that strong data security standards and breach reporting procedures are in place.

€20 million or 4% of global turnover (whichever is greater)
The maximum GDPR penalty for a cyber security breach.

Nonprofits that process card payments also need to comply with the Payment Card Industry Data Security Standard (PCI DSS). Among the requirements of the PCI DSS is the need for organisations to maintain a secure network, implement robust security policies, regularly test systems for weaknesses and proactively monitor network resources.

About Redscan

Security Awards

Redscan has extensive experience working with organisations across the nonprofit sector, helping them to assess cyber security risks, eliminate vulnerabilities and proactively detect and respond to the latest cyber security threats.

View our case studies

Our cyber security services

Managed Detection and Response

ThreatDetect™ is an award-winning MDR service that operates as an extension of organisations’ in-house resources, supplying the capabilities needed to hunt for, contain and remediate cyber-attacks and breaches, 24/7.

Red Team Operations

A real-world cyber-attack simulation designed to test organisation’s cyber resilience and ability to detect and respond to the latest adversarial techniques.

Penetration Testing

Our CREST-approved, fully customisable pen test engagements help to identify and address vulnerabilities in infrastructure and applications in order to reduce security risk.

What our customers say


The COVID-19 pandemic is causing unprecedented disruption for businesses around the world, many of which are struggling to overcome the many challenges the outbreak has created.   At Redscan, we’ve …

Case Study

A private hospital with royal patronage chose ThreatDetect™, Redscan’s Managed Detection and Response service, to protect patient data through proactive network and endpoint monitoring.

Cyber Security News

We use cookies for security, to optimise your browsing experience and anonymously analyse site traffic.
Accepting necessary cookies is required to provide you with a minimum level of service. Cookie Statement