Community is exceptionally important to the team at the IT Security Guru. We believe that building community and supporting one another is where our industry thrives, that’s why we’re platforming charities and networks that work within the industry, as well as the wider community.
One exceptional charity that are doing just that is CybAid, a non-profit committed to offering complimentary cyber consultancy services to industries dedicated to helping others. Our Gurus spoke with Amelia Hewitt, Founder of CybAid, to find out more.
What’s CybAid’s mission?
CybAid CIC connects experienced cyber professionals volunteering their time and expertise to support charities and small businesses looking for cyber advice and action, for free, bringing accessibility to a historically underserved market.
How did you get started? Where did the idea come from?
The first exposure to how varied the cyber challenges were in the charity and small business sectors came from the ‘Empowering Women To Lead Cyber Security’ program cohort I was part of last year, whereby our graduation project had us explore the sector, and how it can better be better served in regards to cyber. However, the catalyst for starting CybAid came from a more personal angle. I lost my grandfather in November of last year, and his work in local Government was truly awe-inspiring, with his impact positively reaching several charities, and I wanted to channel the ethos of serving our communities into the cyber world, where there are so many individuals who want to donate their time and expertise, but don’t have a formalised route to do this.
What do small businesses/charities get wrong about cybersecurity?
Every sector has misconceptions around cyber and their needs, but in my experience, thus far, there are two key errors that charities and small businesses make when considering their cybersecurity status. Firstly, I find that many CEOs and Founders express that ‘we are so small that we don’t think we need Cyber’, or ’we don’t know where to start’. We seek to empower the organisations that we work with to understand that cyber should be implemented as early as possible to ensure that defences scale appropriately as an organisation grows.
Secondly, and potentially through the fault of the cyber industry, as opposed to what our clients ‘get wrong’ is the misconception that getting a specific certification (such as Cyber Essentials), is the right route to secure their organisation. Certifications can be an excellent testament to an organisation’s commitment to cyber, however, it can be a snapshot, rather than the bigger picture in how to build an effective security program. We encourage open discussions with our clients about the ‘why’ they are looking to become accredited, to ensure that they are choosing support that will have a long-term benefit to their organisation.
What do you want small businesses/charities to know about cyber?
The operative message that I try to get across, and I hope the wider CybAid operation does in our work, is that cyber has not been their priority, so it is natural if a charity or Ssall business feel lost in how to proceed. I have found that cyber can cause anxiety to those outside of the industry, as it has become sensationalised in media, and whilst it is a risk to consider, it should not be something that organisations feel burdened by. Charities and small businesses are mostly working to tight budgets and resource constraints, and their main priority is being both operational, and drawing in profits, so we take a compassionate approach to ensuring that they understand that our role is to provide the support to enable them to grow- we aren’t expecting them to be experts.
You help organisations that help others, giving back to the community, which is particularly pertinent. Why do you feel it’s so important to do so?
My immediate response when I am asked this is ‘why wouldn’t you?’, and that seems overly simplified, however, it is a driving principle for CybAid’s development. There are an abundance of organisations that work tirelessly to provide support to those in need, or provide innovative solutions to issues that impact the lives of many, and for CybAid to be a small part in how they can continue to deliver these services is incredibly gratifying for all involved. We are the experts in our field so that they can continue to be the experts in theirs.
How do you empower small businesses/charities? How do you get people (perhaps with little background in the area and with little time, as volunteers) to engage with cybersecurity?
Our values are integral to how we empower the organisations that we work with. We work from a place of both empathy and compassion, which I personally believe is a strong component of building sustainable cyber programs, as we can address cyber-related concerns in an environment that clients feel supported and empowered within. Through making cyber relatable and tailored to the organisations we work with, we aren’t giving them a ‘one size fits all’ approach that often leads to disengagement towards cyber, rather a solution to their specific needs.
How can people get involved?
As our demand increases, our need for skilled volunteers also increases. If you’d like to volunteer with us, or you know of an organisation who may benefit from our services, please get in touch via our website: www.cybaid.co.uk