NHS Digital to Change Approach on Cyber Security

NHS Digital to Change Approach on Cyber Security

NHS Digital firmly intends to improve its cyber security, says NHS Digital Data Security Centre’s chief operating officer, Rob Shaw.

He said as part of his presentation at a recent Healthcare conference:

“We are not planning to do this alone, but will work closely with the National Cyber Security Centre (NCSC).”

Shaw said that healthcare is dealing with the same kind of cyber threats that other industries, are but has a second challenge of offering cyber security while maintaining patient care as the primary concern.

He said that the NHS Digital’s new approach is acknowledging that it is about maintaining data confidentiality, not technology.

Shaw said that changing attitudes around data protection is a key to this new approach and that leadership is required.

He added:

“We need a better culture [around cyber security] because it cannot just be something that is added on at the end.”

NHS Digital has established 10 standards to help implement cyber security in every part of the healthcare sector in the UK.

Shaw said:

“Although the amount of malicious traffic on the national NHS network (N3) is around the same level of other sectors of 0.3%, security and integrity of data in healthcare is absolutely critical.”

He said that, as in other sectors, spoofed emails are regularly used in targeting healthcare organisations, whereby an email was seemingly sent by someone regarding a relevant subject.

Shaw added:

“When he clicked on the email it appeared to fail to open, but he had compromised his machine, and it took two weeks before the compromise was detected.

“The healthcare sector needs to address these risks in order to change the culture to one that is more concerned with cyber security.”

Another challenge facing the sector is unsupported software, with Microsoft Windows XP being an example.

NHS Digital predicts XP accounts for more than one in seven Windows installations in the healthcare sector are XP. Shaw said that there is no quick fix to this.

NHS Digital knows the risks and has established a plan for making computers running XP more secure.

Shaw said that there remain a number of organisations in the sector that are not cyber savvy, and this is where NHS Digital comes in. It is also capable of offering support in the event of a breach.

He added that cyber threats are a common problem and when they do occur, how an organisation responds is important.

NHS Digital is setting a good example, and perhaps even demonstrating an effective framework for other sectors on how to approach cyber security. Cyber threats come in many forms, such as spoofing emails, as mentioned above, and target all sectors. Organisations and SMEs within those sectors need to come to the fore when it comes to combatting threats, whether regarding prevention or damage control. They need to create more IT security jobs in order possess the capabilities within to deal with any pending threats or the aftermath of an attack. Doing so would greatly improve their chances of surviving unscathed.

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy