NHS Digital has entered into a three-year strategic partnership with IBM to provide data security and cyber security response services to health and care bodies. NHS Digital says this will expand its Cyber Security Operations Centre (CSOC)3 and add to its capability to monitor, detect and respond to IT security risks and threats across the NHS, and offer guidance.
The CSOC will include vulnerability scanning and malware analysis, allowing NHS Digital to offer specialist advice to NHS bodies; and analysis of data from multiple sources to detect threats across NHS Digital’s national systems and services. The digital and tech arm of the NHS will have access to IBM’s X-Force repository of threat intelligence; and it will run IT security monitoring pilots across selected NHS bodies, to test what could be rolled out across the NHS estate. An innovation service will allow NHS Digital to access new tools.
Dan Taylor, Programme Director, Data Security Centre at NHS Digital, said: “This partnership will enhance our existing Cyber Security Operations Centre which is delivered from NHS Digital’s Data Security Centre. It will give us, during times of increased need, the ability to draw on a pool of dedicated professionals from IBM. It will build on our existing ability to proactively monitor for security threats, risks, and emerging vulnerabilities, while supporting the development of new services for the future and enabling us to better support the existing needs of local organisations. This will ensure that we can evolve our security capability in line with the evolving cyber threat landscape.
“This partnership will allow us to share knowledge and skills from the information security industry, whilst continuing to develop our internal expertise and supporting health and care organisations to build their own cyber resilience. This partnership will strengthen how we help to keep patient information and services safe and secure, enabling NHS staff and patients to have confidence in the security of our system.”
NHS Digital recently launched a new Data Security and Protection Toolkit, replacing the previous Information Governance Toolkit. Visit: https://www.digital.nhs.uk/data-security-protection-toolkit. In April the Department of Health and Social Care announced a new Microsoft security package will ensure all health and care organisations can use the most up-to-date software with the latest security settings; as a lack of updates to Windows laid the NHS open to vulnerability, as seen in the Wannacry malware attack of May 2017.
In March NHS Digital sought to add to its contracted suppliers, for Data Security On-site Assessments, testing and audits, forensics and investigations, and emergency incident response. On firm under this Specialist Security Services framework, worth about £20m in services business, is MTI Technology. It’s led by Scott Haddow, formerly of Trustmarque, who was installed as the CEO of MTI by its private equity backers. He has been joined by Angelo Di Ventura, Chief Sales and Marketing Officer, and Ben Cranham, COO, both former members of the leadership team at Trustmarque.
Scott Haddow said: “Being awarded this security services framework is a significant win for MTI and illustrates just how seriously we take our growth and investment plans. Cyber and data security is now one of the top priorities for CIOs in both private and public sector organisations. MTI’s capabilities in this space coupled with our wider IT transformation and managed service experience positions us an ideal partner with NHS Digital, as they look to further support the health and care sector to modernise local IT environments while minimising risk.”
