The NHS is the fifth biggest employer in the world. It is the only British employer that can claim a spot on the top ten biggest organisations list, with an estimated 1.7 million workers across England, Wales, Scotland and Northern Ireland. The sheer size of the NHS and the volume of patient data it holds makes it a key target for cyber attackers. The NHS is notoriously lacking in security preparedness – its fragile data management and technical processes leave our health system extremely vulnerable to major reputational and financial loss. It is essential to address these potential threats to patient safety.
The NHS and the threat of cyber security
NHS Digital, the national provider of information, data and IT systems for health and social care in England, was founded in 2013. The systems controlled by NHS Digital allow the secure sharing of information between different parts of the NHS and forms the basis of the Electronic Prescription Service. This is an essential service that the wider NHS relies upon for its service to work effectively and efficiently across NHS bodies in the UK. It is also entirely run using an IT network.
As modern technology practices surge across the NHS, the cyber security threat increases, compromising the health information and safety of millions of people. In May 2017, WannaCry ransomware attacked organisations around the world, including the NHS, where it hit one in three hospital trusts and one in twelve GP practices. The hack caused more than 19,000 appointments to be cancelled, costing the NHS £20 million between 12 and 19 May 2017, and £72 million in subsequent upgrades to its IT systems.
The drive towards greater cyber security and safety
Since the cyber attacks in 2017, the NHS has made significant progress in increasing its cyber security. In October 2019, it was announced that NHS Digital had signed a new security contract with IT company Accenture, that will provide free premier security features to hospital trusts. This software will enable NHS organisations to better detect, analyse and prevent cyber security threats to avoid further high-profile breaches like the WannaCry incident.
According to the latest statistics released by NHS Digital, an investment of £150 million will be spent on cyber security over the next three years. This is in addition to the £60 million that the Government had previously invested in upgrading to the new centralised Windows 10 operating system.
Cyber Essentials is crucial for all businesses
As the wave of cyber attacks around the world in 2017 showed, no organisation is immune to cyber threats or breaches – they remain a persistent threat for everyone, whether you’re as vast as the NHS or a small start-up company. Cyber Essentials is a government-backed, industry-supported scheme which is suitable for all organisations of any size, in any sector.