techUK news and views
27 Jan 2026

NHS announces next phase of supply chain engagement

The NHS has announced the next phase of its supply chain engagement, setting out plans to work more closely with suppliers on future priorities and delivery. The update outlines how engagement will support efficiency, resilience and long-term improvement across the supply chain.

On 22 January, NHS England published an open letter to its current suppliers and the wider health and care system, announcing the next phase of its approach to strengthening supply chain cyber resilience through more direct engagement with suppliers from January 2026.

This initiative represents a natural progression following the publication of the Cyber Security Supply Chain Charter in May 2025 and aligns with recommendations outlined in the Cyber Security and Resilience Bill and the recently published Government Cyber Action Plan.

What this programme will involve

From January 2026, NHS England or relevant contracting authorities may proactively engage suppliers to:

This programme is not intended to be an audit. Instead, it is a fact-finding and risk-identification exercise designed to support collaborative discussions with suppliers. The aim is to identify risk areas and agree proportionate, practical solutions that strengthen cyber resilience across the wider health and care system.

What suppliers can do now

To prepare for engagement, all suppliers are encouraged to review and understand the expectations outlined in the Cyber Security Supply Chain Charter. Key areas of focus include:

  • Keeping systems supported and patched against known vulnerabilities.
  • Maintaining a “Standards Met” status within the Data Security and Protection Toolkit (DSPT).
  • Applying Multi-Factor Authentication (MFA), including enabling it on NHS-facing products where appropriate.
  • Deploying effective monitoring and logging across critical IT infrastructure.
  • Ensuring immutable backups are in place, alongside regularly tested recovery plans.
  • Conducting board-level cyber security and resilience exercises.
  • Following the Department for Science, Innovation and Technology (DSIT) and National Cyber Security Centre (NCSC) Software Code of Practice.
  • Engagement with Suppliers

Suppliers across the UK may be contacted directly by NHS England or by the organisation holding their contract. The NHS has emphasised its intention to work in a transparent and collaborative manner, ensuring suppliers are supported in providing the required information while maintaining strong and constructive relationships.

Suppliers’ cooperation is welcomed to help make the process as efficient and effective as possible.

Next steps

techUK is in the process of organising a briefing for members on this development with NHS England to ensure members have an opportunity to learn more and ask questions. When the details of this session are confirmed, we will be sure to post them on this page, so please do check back soon and keep an eye on your inbox for updates.

Olivia Staples

Olivia Staples

Junior Programme Manager - Cyber Resilience, techUK

Olivia Staples joined techUK in May 2025 as a Junior Programme Manager in the Cyber Resilience team.

She supports the programs mission to promote cyber resilience by engaging key commercial and government stakeholders to shape the cyber resilience policy towards increased security and industry growth. Olivia assists in member engagement, event facilitation and communications support.

Before joining techUK, Olivia gained experience in research, advocacy, and strategic communications across several international organisations. At the Munich Security Conference, she supported stakeholder engagement and contributed to strategic communications. She also worked closely with local and national government stakeholders in Spain and Italy, where she was involved in policy monitoring and advocacy for both public and private sector clients.

Olivia holds an MSc in Political Science (Comparative Politics and Conflict Studies) from the London School of Economics (LSE) and a BA in Spanish and Latin American Studies from University College London (UCL).

Outside of tech, Olivia enjoys volunteering with local charities and learning Norwegian.

Email:
[email protected]

Read lessmore

Cyber Resilience Programme activities

techUK brings together key players across the cyber security sector to promote leading-edge UK capabilities, build networks and grow the sector. techUK members have the opportunity to network, share ideas and collaborate, enabling the industry as a whole to address common challenges and opportunities together. Visit the programme page here.

 

Upcoming events

27 January 2026

techUK/DSIT roundtable: international cyber regulatory cooperation

London Roundtable
29 January 2026

How can cyber SMEs break into the UK’s fastest-growing sectors?

London Forum
6 February 2026

techUK/DSIT roundtable: international cyber regulatory cooperation

Online Roundtable

Latest news and insights 

Learn more and get involved

 

Cyber Resilience updates

Sign-up to get the latest updates and opportunities from our Cyber Resilience programme.

 

 

Here are the five reasons to join the Cyber Resilience programme

Download

Join techUK groups

techUK members can get involved in our work by joining our groups, and stay up to date with the latest meetings and opportunities in the programme.

Learn more

 

Become a techUK member

Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.

Learn more

 Meet the team 

Jill Broom

Jill Broom

Head of Cyber Resilience, techUK

Jill leads the techUK Cyber Resilience programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.

Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.

Email:
[email protected]
Website:
www.techuk.org/
LinkedIn:
https://www.linkedin.com/in/jill-broom-19aa824

Read lessmore

Annie Collings

Annie Collings

Senior Programme Manager, Cyber Resilience, techUK

Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023. 

In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.

Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.

Email:
[email protected]
Twitter:
anniecollings24
LinkedIn:
https://www.linkedin.com/in/annie-collings-270150158/

Read lessmore

Olivia Staples

Olivia Staples

Junior Programme Manager - Cyber Resilience, techUK

Olivia Staples joined techUK in May 2025 as a Junior Programme Manager in the Cyber Resilience team.

She supports the programs mission to promote cyber resilience by engaging key commercial and government stakeholders to shape the cyber resilience policy towards increased security and industry growth. Olivia assists in member engagement, event facilitation and communications support.

Before joining techUK, Olivia gained experience in research, advocacy, and strategic communications across several international organisations. At the Munich Security Conference, she supported stakeholder engagement and contributed to strategic communications. She also worked closely with local and national government stakeholders in Spain and Italy, where she was involved in policy monitoring and advocacy for both public and private sector clients.

Olivia holds an MSc in Political Science (Comparative Politics and Conflict Studies) from the London School of Economics (LSE) and a BA in Spanish and Latin American Studies from University College London (UCL).

Outside of tech, Olivia enjoys volunteering with local charities and learning Norwegian.

Email:
[email protected]

Read lessmore

 

 

 

Return to listing