Government launches seven-year NHS cyber strategy

The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike

Alex Scroxton

By

Published: 22 Mar 2023 14:45

The Department for Health and Social Care has launched a cyber security programme designed to enhance cyber resilience across the NHS and the social care sector in England over the next seven years, supposedly protecting vital services and the patients who rely on them.

The Cyber Security Strategy for Health and Adult Social Care, which forms part of a wider programme of work centred on building a “stronger, more sustainable NHS”, is built on five core pillars that the government hopes will both minimise the risk of cyber security incidents in the first place, and improve response and recovery should one occur.

These pillars are as follows:

  • To identify areas of the health and social care sector where cyber disruption would cause the most harm to patients, through data breaches or service downtime;
  • To unifying the sector to help its various constituent bodies take advantage of economies of scale, and benefit from national cyber resources and expertise, to help them respond faster to incidents and minimise disruption;
  • To enhance the sector’s security culture to engage leaders and grow the cyber workforce, and to enhance training for frontline clinicians and carers, and other staffers;
  • To embed security into the framework of emerging technology being taken up within the sector;
  • And to support health and care organisations to minimise the incident of, and recovery time from, cyber incidents when they happen.

The programme will also see enhancements made to NHS England’s existing Cyber Security Operations Centre (CSOC), the production and publication of a data-led landscape review of cyber security in adult social care, and updates to the Data Security and Protection Toolkit (DSPT) to help organisations own their cyber risk.

“We’re harnessing the power of technology to deliver better, safer care to people across the country – but, at the same time, it’s crucial we’re also bolstering the defences of our health and care services,” said health minister Nick Markham, Baron Markham.

“This new strategy will be instrumental to ensure every organisation in health and adult social care is set up to meet the challenges of the future. This is an important step to ensure we’re building an NHS which is sustainable and fit for the future, with patients at the centre.”

The health sector is currently experiencing a rapid transformation in how people use technology to access services and information – more than 40 million people now have an NHS login to book appointments, track referrals and manage medication, and over half of providers now use digital social care records.

As such, said the government, it is vital that the sector is able to protect these resources from malicious actors, and it believes the new strategy will prove a great help in enhancing its cyber resilience, which has already come on in leaps and bounds since the 2017 WannaCry incident.

NHS Trusts already benefit from a direct link to NHS England’s Cyber Security Operations Centre, which delivers real-time protection from suspicious activity to almost two million devices, and blocks approximately 21 million potentially dangerous emails every month.

An implementation plan setting out the proposed activity over the coming years is scheduled to be published during the summer of 2023.

Douglas McKee, principal engineer and director of vulnerability research at Trellix, said: “The healthcare industry is a core part of our critical infrastructure, entrusted with protecting lives and patient data. Despite this, healthcare systems are often outdated and run on legacy software, meaning they are an easy target for threat actors and are particularly vulnerable to attack. In fact, our recent research has found the healthcare sector has become the most prominent ransomware target, representing 16% of global attacks in Q4 2022.

“A successful breach could have a devastating impact on the healthcare industry, with the potential to compromise sensitive patient data or prevent healthcare professionals from providing necessary care. Amid rising risks, it is therefore crucial for healthcare organisations to enhance their security practices.

“With over half (54%) of security professionals in the healthcare sector believing organisations are held back by the limitations of their existing cyber security infrastructure – overhauling legacy systems and bolstering security measures is imperative.”

Read more on Privacy and data protection

Read More
Marquis Pepper

Latest

3 Reasons to Apply for Inc.’s Power Partner Awards

Please enable JS and disable any ad blocker

World Cup betting markets shift after Jordan Henderson’s bizarre celebration injury

Jordan Henderson, the 36-year-old England midfielder, will miss the remainder of the 2026 FIFA World Cup after suffering a serious wrist and forearm injury during post-match celebrations on July 6. He wasn’t even playing when it happened. Henderson was an unused substitute in England’s dramatic 3-2 victory over Mexico in the round of 16. The

Kraken’s World Cup debut and Brazil’s collapse: what crypto gets from the beautiful game

Brazil came into the 2026 World Cup as one of the tournament favorites. They left in the Round of 16, beaten 2-1 by Norway, undone in part by a tactical decision that raised eyebrows across the footballing world: deploying 34-year-old Casemiro as a central striker, a position he hadn’t occupied in years. Haaland scored both

FIFA overturns Balogun’s red card, Trump intervenes for US World Cup match

https://www.nytimes.com/athletic/7424790/2026/07/06/folarin-balogun-red-belgium-explanation/ FIFA’s Disciplinary Committee has overturned the red card suspension of Folarin Balogun, a key player for the U.S. Men’s National Team, allowing him to participate in the upcoming Round of 16 match against Belgium. This decision, made under Article 27 of the FIFA Disciplinary Code, places Balogun on a one-year probationary period, enabling him

Newsletter

Don't miss

3 Reasons to Apply for Inc.’s Power Partner Awards

Please enable JS and disable any ad blocker

World Cup betting markets shift after Jordan Henderson’s bizarre celebration injury

Jordan Henderson, the 36-year-old England midfielder, will miss the remainder of the 2026 FIFA World Cup after suffering a serious wrist and forearm injury during post-match celebrations on July 6. He wasn’t even playing when it happened. Henderson was an unused substitute in England’s dramatic 3-2 victory over Mexico in the round of 16. The

Kraken’s World Cup debut and Brazil’s collapse: what crypto gets from the beautiful game

Brazil came into the 2026 World Cup as one of the tournament favorites. They left in the Round of 16, beaten 2-1 by Norway, undone in part by a tactical decision that raised eyebrows across the footballing world: deploying 34-year-old Casemiro as a central striker, a position he hadn’t occupied in years. Haaland scored both

FIFA overturns Balogun’s red card, Trump intervenes for US World Cup match

https://www.nytimes.com/athletic/7424790/2026/07/06/folarin-balogun-red-belgium-explanation/ FIFA’s Disciplinary Committee has overturned the red card suspension of Folarin Balogun, a key player for the U.S. Men’s National Team, allowing him to participate in the upcoming Round of 16 match against Belgium. This decision, made under Article 27 of the FIFA Disciplinary Code, places Balogun on a one-year probationary period, enabling him

UK Foreign Secretary Warns World Cannot Wait for ‘AI Hiroshima’ Before Acting

UK Foreign Secretary Yvette Cooper has warned that the world cannot wait for an AI equivalent of Hiroshima before acting, urging global powers to build consensus on artificial intelligence (AI) safety principles and standards. Cooper made the case in an essay, positioning Britain to lead international talks on the technology. ...

Business seminar in Munich highlights Hong Kong’s strategic roles amidst global shifts (with photos)

Business seminar in Munich highlights Hong Kong's strategic roles amidst global shifts (with photos) ******************************************************************************************      The Hong Kong Economic and Trade Office, Berlin (HKETO Berlin), promoted Hong Kong's unique advantages and strategic roles at the seminar "Hong Kong's strategic role amidst geopolitical tensions" on June 18 (Munich time) in Munich, Germany.             Senior executives, investors

AI for business services: From job fears to productivity

AI for business services: From job fears to productivity

Business Insurance-AZ Achieves Record Response Times for 2026 Arizona Construction Bids

Business Insurance-AZ achieves milestone response speeds for commercial construction bids across Arizona, accelerating documentation delivery to keep local projects moving forward without delay. Phoenix, AZ, June 06-2026, ZEX PR WIRE — Business Insurance-AZ has achieved record-breaking processing speeds and response times for commercial construction bids throughout Arizona, directly supporting the state’s massive infrastructure and advanced manufacturing boom