In February 2018, the Government published ‘Securing cyber resilience in health and care: A progress update’, which set out the actions taken to improve the cyber security of the health and care system before and after last year’s largest ever WannaCry global ransomware attack, as well as its plans for the future. Since February, government efforts have focused on:
- Increased investment in securing local infrastructure in 2017/18 to over £60 million
- Signing a Windows 10 licensing agreement with Microsoft which will allow local NHS organisations to save money, reduce potential vulnerabilities and increase cyber resilience
- Agreeing £150 million of investment over the next three years
- Procuring a new Cyber Security Operations Centre, boosting the national capability to prevent, detect and respond to cyber attacks
- Launching the Data Security and Protection Toolkit
- Agreeing plans to implement the recommendations of the Chief Information Officer for Health and Care’s review of the May 2017 WannaCry attack
- Supporting 25 local NHS organisations to improve their cyber resilience via the NHS Digital “Blue Teams” pilot
- Estimating the costs of the WannaCry attack.
NHS Digital are continuing to work closely with local areas to build resilience. This work forms part of the Data and Cyber Security Programme being led by the Department of Health and Social Care with its Arm's-Length Bodies to improve the cyber security of the health and care system.
The ‘Securing cyber resilience in health and care – progress update October 2018’ can be accessed at: https://www.gov.uk/government/publications/securing-cyber-resilience-in-health-and-care-october-2018-update