US firm offers cyber security scheme for small charities

Security firm scheme enables buyers of security assessments to donate matching services to small charities with small budgets.

James Hayes | 17th Aug 18
Two people seen conferring with a tablet PC. Web portal CharityBase allows advanced filtering of charity database information and the downloading of the results for offline analysis by researchers and others.

A US cyber-security consultancy has launched an initiative designed to give smaller charities – including those based in the UK – access to professional-quality cyber-security support.

The ‘Buy One/Give One’ initiative, from Baltimore based  Independent Security Evaluators (ISE), is based on a ‘match services’ model: when a company invests in a security assessment or consulting engagement with ISE, ISE will donate a matching service to a charity of the customer’s choice.

According to ISE, with the ‘Buy One/Give One’ initiative:

  • The enterprise that pays for the original assessment benefits from an improved cyber-security posture.
  • The purchasing enterprise gets to support a cause they care about by giving an assessment to a charity of their choice.
  • The charity that receives the elite service also gains an improved information security posture for which they otherwise might not be aware of or are unable to justify an investment in.

The purpose of the campaign is to support charitable organisations that might not have the resources to adequately invest in security, explained Ted Harrington, Executive Partner at ISE.

“Charities rightly allocate as much of their funding as possible to the causes they exist to support, thereby leaving only minimal resources for operational overhead, including security,” said Harrington, “yet, charities are enticing targets for a variety of attacker types. We wanted to do something about that. Cyber-safety in society shouldn’t be limited to those with huge budgets and the expertise to implement a program.”

ISE and ITSPmagazine will be promoting the campaign during the Black Hat and DEF CON events in Las Vegas, as well as for the remainder of the campaign, which runs until September 30 (2018).

Enterprises can get involved by procuring security assessments for their own organisation, and then designating which charitable entity to donate the matching service to.

Charities and not-for-profit organisations in the UK can get involved by working with their board members, the organisers, and the broader community to encourage enterprises to select them as recipients for the donation match.