British Healthcare System Spends £150m Extra On Cybersecurity

The NHS is to spend £150m to bolster its defences against the “growing threat” of cyber-attacks following the chaos caused by the WannaCry virus.

Amid warnings that hackers linked to Russia and other countries have been targeting Britain’s critical national infrastructure, including power networks, a new security contract has been drawn up with Microsoft.

The Department of Health and Social Care said the package would enhance security intelligence and give individual trusts the ability to detect threats, isolate infected machines and kill malicious processes before they are able to spread.
Jeremy Hunt, the health secretary, said: “We know cyber-attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust.

“We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat.

“This new technology will ensure the NHS can use the latest and most resilient software available, something the public rightly expect.”

It comes almost a year after the global WannaCry cyber-attack crippled parts of the NHS in May 2017, locking data on computers with demands for money.

At least 80 health trusts and 603 NHS organisations and GP practices were disrupted by the global ransomware attack, which caused 20,000 hospital appointments and operations to be cancelled as ambulances were diverted from some A&Es.
A scathing report by the National Audit Office said the “unsophisticated” attack could have been prevented if the NHS had followed basic IT security best practice.

“There are more sophisticated cyber threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks,” said head Amyas Morse at the time.
The government was warned of the risk of cyber-attacks a year before the incident and trusts were instructed to move away from outdated software like Windows XP as early as 2014.

The new measures will ensure all health and care organisations can use the most up-to-date Windows 10 software with its latest security settings, giving the Care Quality Commission (CQC) regulator will new powers to inspect cyber and data security capabilities. The government has separately invested £60m to address key cyber security weaknesses and the new £150m will be spread across three years.

A new digital security operations centre is being set up to prevent, detect and respond to incidents, allow NHS Digital to respond to cyber-attacks more quickly and increase the abilities of local trusts.

There will be £21m to upgrade protective firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts, £39m spent by NHS trusts on infrastructure weaknesses and a new a text messaging alert system able transmit information even if internet and email services are down.

All health and care organisations will be required to meet 10 standards set for data security and protection toolkit.
Lord O’Shaughnessy, a health minister, said: “Patient data must be properly protected and this significant investment will help to keep our systems resilient and up to date. “This will give patients greater confidence in how their information is managed by the NHS.”

Sarah Wilkinson, chief executive of NHS Digital, welcomed the announcement, adding: “The new Windows Operating System has a range of advanced security and identity protection features that will help us to keep NHS systems and data safe from attack.”

Independent

You Might Also Read:

NHS Trusts Failed Cyber Security Assessment:

Healthcare Suffers Most Cyber Security Incidents:
 

« TSB's IT Meltdown Was Evident A Year Before
Australia's Largest Bank Lost The Personal Financial Histories Of 12m Customers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

iTrinegy

iTrinegy

iTrinegy is a world leader in Application Risk Management offering solutions to mitigate all networked application deployment risks

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

Sum&Substance (Sumsub)

Sum&Substance (Sumsub)

Sum&Substance is a developer of remote verification solutions. Our technology allows online services around the world to meet regulatory requirements, prevent fraud and enhance customer confidence.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

Bolster

Bolster

Bolster (formerly RedMarlin) is an AI-based cyber-security platform designed to detect phishing and fraudulent sites in real-time.

Ministry of Information and Communications (MIC) - Vietnam

Ministry of Information and Communications (MIC) - Vietnam

The Ministry of Information & Communications of Vietnam is the policy making and regulatory body in the field of information technology and national information and and communication infrastructure.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Cyber1

Cyber1

CYBER1 is a leader in cyber security advisory and solutions. We are uniquely placed to help customers achieve cyber resilience and thus, safeguard reputation and value.

Elba

Elba

Employee security needs to be reinvented. SaaS security needs to involve end-user and awareness needs to be actionable. Meet elba, the 5-in-one cybersecurity hub with no compromises.

Benchmark Executive Search

Benchmark Executive Search

Benchmark specializes in finding elite talent for startup, emerging-growth and mid-cap companies offering game-changing technologies or innovative services to the federal and commercial markets.