Cyber Security in the Third Sector event in Edinburgh

On a glorious Thursday in Edinburgh, the DMA attended an event on Cyber Resilience in the Third Sector run by Holyrood Magazine.

The event, hosted by Willie Roe CBE, covered how the third sector can conform to data protection and other data resilience laws while maintaining an ability to grow the donor base. The third sector is, in comparison, less aware and less prepared for issues relating to cyber resilience. Only 54% of charities polled had heard of GDPR.

Nonetheless, the attendance was varied and showed the willingness of the third sector to adapt and grow in light of new regulation.

The ICO’s David Freeland gave an interesting talk iterating the key points the ICO will be looking for when assessing GDPR compliance. Echoing Elizabeth Denham at the ICO conference, David said that the ICO did not expect full compliance by 25 May. However, they did want to see evidence of how charities had implemented processes and increased their transparency. Equally important was performing internal auditing from a data privacy and security point of view. Spotting the weak links in systems will do wonders for preventing data breaches and generally maintaining the health of a charity’s infrastructure.

The DMA’s own Zach Thornton also spoke at the event. Covering the main points of GDPR and how it will apply to the third sector, Zach highlighted the opportunities for growing a donor base by giving examples of the successful use of legitimate interest and consent legal guidelines.

The message from the conference was clear: while the third sector faces greater challenges of implementation and conformity due to budget restrictions and manpower, it is vital that charities and not-for-profit bodies do conform to legislation to avoid fines. However, implementing cyber resilience as a core business strategy is an opportunity for more successful and efficient marketing and fundraising.

To read the DMA's article about GDPR in the Third Sector in Holyrood Magazine, click here.