NHS Digital turns to ‘ethical hackers’ with new £20m cyber security unit

  • 27 November 2017
NHS Digital turns to ‘ethical hackers’ with new £20m cyber security unit

NHS Digital is spending £20 million on a new cyber security unit that will employ white hat hackers to help test its defences against cyber-attacks.

NHS Digital has tendered a contract in the hopes of procuring the services of so-called “ethical hackers” for its new Security Operations Centre (SOC), which will “provide enhanced monitoring of national services across health and care.”

The unit will be used to test the cyber defences of NHS organisations in order to identify any vulnerabilities and patch them before they can be exploited by cyber criminals.

On-site intelligence monitoring will take place that will enable NHS Digital to gather security intelligence and share it across NHS organisations, as well as with other health and care suppliers.

The SOC will also provide ‘near real-time’ monitoring of nationwide NHS systems and services, and will provide support to NHS organisations suspected of having been affected by cyber-attacks.

Dan Taylor, head of the Digital Security Centre at NHS Digital, said the new Security Operations Centre would “enhance” NHS Digital’s data security services that protect sensitive patient information.

“The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities,” Taylor added.

“It will also allow us to improve our current capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software, and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats.”

NHS Digital has been ramping up its cyber security efforts in the wake of May’s WannaCry incident, which affected at least 81 of 236 NHS trusts in England.

The National Audit Office (NOA) report into the ransomware attack concluded that the NHS was woefully underprepared for a cyber security incident, having failed to participate in rehearsals or keep computer software up-to-date.

It also lambasted NHS Digital for reacting slowly to the outbreak, with the organisation later admitting that it needed to patch holes in its communications so that it could respond more quickly to future events.

Recent research from Digital Health Intelligence found that only 28% of acute NHS trusts and 16% of mental health trusts had conducted cyber penetration testing prior to the WannaCry outbreak.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

ICBs allocated £48m for digital pathways, demand and capacity tools

ICBs allocated £48m for digital pathways, demand and capacity tools

NHS England have announced funding of £48m for integrated care boards to fund capabilities relating to digital pathways and demand and capacity tools.
NHS App to show estimated waiting times for treatment, prescription details 

NHS App to show estimated waiting times for treatment, prescription details 

Patients will have access to two new features allowing them to see the estimated waiting time for hospital treatment and view all prescription details. 
Digital Health’s monthly roundup of contracts and go lives

Digital Health’s monthly roundup of contracts and go lives

Our latest roundup features Wellola’s patient communication platform going live in Birmingham and The Christie NHS Foundation Trust deploying CardMedic.

3 Comments

  • Need any help with all the recruitment you will have to be dealing with pal?

  • Vacancies have almost been ever present from NHSD on Dice, LinkedIn and NHS jobs this year for security specialists.

  • Where and when will these vacancies be advertised.

Comments are closed.