British Healthcare System Spends £150m Extra On Cybersecurity

Uploaded on 2018-05-04 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The NHS is to spend £150m to bolster its defences against the “growing threat” of cyber-attacks following the chaos caused by the WannaCry virus.

Amid warnings that hackers linked to Russia and other countries have been targeting Britain’s critical national infrastructure, including power networks, a new security contract has been drawn up with Microsoft.

The Department of Health and Social Care said the package would enhance security intelligence and give individual trusts the ability to detect threats, isolate infected machines and kill malicious processes before they are able to spread.
Jeremy Hunt, the health secretary, said: “We know cyber-attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust.

“We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat.

“This new technology will ensure the NHS can use the latest and most resilient software available, something the public rightly expect.”

It comes almost a year after the global WannaCry cyber-attack crippled parts of the NHS in May 2017, locking data on computers with demands for money.

At least 80 health trusts and 603 NHS organisations and GP practices were disrupted by the global ransomware attack, which caused 20,000 hospital appointments and operations to be cancelled as ambulances were diverted from some A&Es.
A scathing report by the National Audit Office said the “unsophisticated” attack could have been prevented if the NHS had followed basic IT security best practice.

“There are more sophisticated cyber threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks,” said head Amyas Morse at the time.
The government was warned of the risk of cyber-attacks a year before the incident and trusts were instructed to move away from outdated software like Windows XP as early as 2014.

The new measures will ensure all health and care organisations can use the most up-to-date Windows 10 software with its latest security settings, giving the Care Quality Commission (CQC) regulator will new powers to inspect cyber and data security capabilities. The government has separately invested £60m to address key cyber security weaknesses and the new £150m will be spread across three years.

A new digital security operations centre is being set up to prevent, detect and respond to incidents, allow NHS Digital to respond to cyber-attacks more quickly and increase the abilities of local trusts.

There will be £21m to upgrade protective firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts, £39m spent by NHS trusts on infrastructure weaknesses and a new a text messaging alert system able transmit information even if internet and email services are down.

All health and care organisations will be required to meet 10 standards set for data security and protection toolkit.
Lord O’Shaughnessy, a health minister, said: “Patient data must be properly protected and this significant investment will help to keep our systems resilient and up to date. “This will give patients greater confidence in how their information is managed by the NHS.”

Sarah Wilkinson, chief executive of NHS Digital, welcomed the announcement, adding: “The new Windows Operating System has a range of advanced security and identity protection features that will help us to keep NHS systems and data safe from attack.”

Independent

You Might Also Read:

NHS Trusts Failed Cyber Security Assessment:

Healthcare Suffers Most Cyber Security Incidents:
 

« TSB's IT Meltdown Was Evident A Year Before
Australia's Largest Bank Lost The Personal Financial Histories Of 12m Customers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

TechInsurance

TechInsurance

TechInsurance is America's top technology insurance company offering a range of technology related products including Cyber Liability insurance.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

WISeKey

WISeKey

WISeKey is a leading cybersecurity company currently deploying large scale digital identity ecosystems for people and objects using Blockchain, AI and IoT.

Netenrich

Netenrich

The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures.

ClubCISO

ClubCISO

ClubCISO is a community of peers, working together to help shape the future of the information security profession by facilitating independent discussion on data security and cyber resilience.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Flawnter

Flawnter

Flawnter is a security testing software that finds hidden security and quality flaws in your applications.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.