After WannaCry ransomware attack, the NHS is toughening its cyber defences

£20m to be spent on Security Operations Centre in order to help protect the UK's hospitals and health services against cyber attacks
Written by Danny Palmer, Senior Writer

The NHS is looking to help protect itself against cyber attacks with a new security centre.

Image: iStock

The National Health Service is to spend £20 million on a new security operations centre in order to help protect hospitals against cyber attacks and hackers.

By establishing the new Security Operations Centre, the NHS hopes to improve on its current capabilities in areas of information security including ethical hacking, vulnerability testing and analysis of malware. The centre will also provide cyber security advice and guidance to local NHS Trusts.

The announcement of the new centre and the tens of millions in funding to support it comes six months after large swathes of the NHS were brought to a standstill by the WannaCry ransomware outbreak. UK hospitals were some of the highest profile victims of the global cyber attack - which left some NHS Trusts without fully functioning IT systems for weeks.

A recent report by the National Audit Office suggested that the NHS was left vulnerable to cyber attacks because some Trusts hadn't applied basic security measures, such as applying critical patches to systems.

One of the key tasks of the Security Operations Centre will be based around ensuring organisations are following best practices, with ongoing monitoring of NHS national systems and services.

The investment is also set to ensure that NHS Digital - national information and technology partner of the healthcare system - can boost existing capabilities by providing a monitoring service which analyses intelligence from multiple sources and shares threat intelligence and guidance to all who need it in healthcare.

See also: Ransomware: An executive guide to one of the biggest menaces on the web

The Security Operations Centre will also provide specialist support for any NHS organisation which believes it has fallen victim to a cyber security incident, as well as providing on-site data security assessments for NHS organisations in order to help them identify potential security weaknesses.

"The Security Operations Centre will enhance NHS Digital's current data security services that support the health and care system in protecting sensitive patient information," said Dan Taylor, Head of the Digital Security Centre at NHS Digital.

"It will also allow us to improve our current capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software, and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats," he added.

NHS Digital is looking for a partner to help support the Security Operations Centre project, in order to help 'flexibly bring in additional specialist expertise' and increase capability as and when required.

"This could include on-the-ground or remote support for future incidents, any increased need for assurance or input so national systems are secure-by-design, or during times of change when new services are being implemented into the centre," an NHS Digital spokesperaon told ZDNet.

The new centre will be based in Leeds, but there's currently no specified date as to when it will open.

In an annual review published last month, the National Cyber Security Centre said the WannaCry ransomware outbreak which so badly affected the NHS was its biggest challenge of the year.


Editorial standards