NHS Digital has entered a deal with Microsoft for protecting IT infrastructure. Microsoft’s Enterprise Threat Detection Service can allow NHS Digital’s Data Security Centre to provide targeted alerts to organisations that enable it.
The alerts provide organisations with detection of issues, down to single computers and other devices. They provide a full description of the problem and remediation advice. The contract for the service was agreed following a pilot with NHS Digital and Blackpool Teaching Hospitals Foundation Trust. The service has already been deployed on over 30,000 machines and has the ability to cover all devices within health and care settings in England, such as hospital trusts and GP practices.
Dan Taylor, Director of Security at NHS Digital, said: “This deal will further bolster protection against cyber security issues in the NHS. It is our role to alert organisations to known cyber security threats and advise them of appropriate steps to minimise risks. This marks a step change in our capability to provide high quality, targeted alerts to allow organisations to counter these threats and ensure patients’ needs continue to be met.”
NHS Digital provides cyber security services for the health and care system, including a service to share threat intelligence and remediation advice, on-site data security assessments for NHS organisations and specialist support for organisations affected by cyber security incidents.
As background, a National Audit Office (NAO) investigation on the ransomware attack’s impact on the NHS and its patients; why some parts of the NHS were affected; and how the Department and NHS national bodies responded to the attack; found that in March and April 2017, NHS Digital had issued critical alerts warning organisations to patch their systems to prevent WannaCry. However, before May 12, 2017, the day the Wannacry virus struck, the National Health had no formal mechanism for assessing whether local NHS bodies had complied with their advice and guidance and whether they were prepared for a cyber attack.
Comment
Rob Bolton, Director and GM for Western Europe at Infoblox, said: “The NHS faces major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. However, while digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly for the good of their patients, these new technologies also introduce new cyber risk that must be mitigated.
“Our recent survey of UK healthcare IT professionals found that, following the devastation caused by WannaCry last year, one in four didn’t feel confident in their organisation’s ability to defend against a cyber-attack. It’s encouraging then, that Microsoft and NHS Digital are working together on a system that will enable healthcare providers to react more quickly to threats to their IT networks and, hopefully, take the steps necessary to prevent these threats from causing any lasting damage.”
