The United Kingdom’s National Health Service (NHS) is looking to invest £20 million in a bid to help its hospitals and health centers stave off cyberattacks.
NHS Digital, the health service’s IT arm, will spend the funds on a devoted cybersecurity center, which will probe and oversee the NHS’s defenses and provide specific advice and guidance to local NHS organizations.
The investment into the Security Operations Centre (SOC) is intended to beef up and complement the existing services provided by NHS Digital, including monitoring of its systems and services, the sharing of analyses of threat intelligence and remediation, and on-site data security assessments.
"By creating a national, near-real-time monitoring and alerting service that covers the whole health and care system, the SOC will drive economies of scale, giving health and care organizations additional intelligence and support services that they might not otherwise be able to access," said Dan Taylor, head of the Digital Security Centre at NHS Digital.
The health service is now on the lookout for a partner to help run the project, having invited interested parties to tender for a contract that is set to run for three to five years. The new center is set to be based in the English city of Leeds.
According to Taylor, the partnership will allow the NHS to bolster its “capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software, and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats”.
Put simply, the NHS is aiming to act pre-emptively, rather than only respond to breaches. The ethical hackers (or ‘white hats’) whose help will be enlisted, will be tasked with poking and prodding for ‘chinks in the NHS’s cybersecurity armor’ and, naturally, with plugging the holes before criminals have the chance to exploit such vulnerabilities for onslaughts against the NHS.
The investment comes on the heels of a large-scale WannaCryptor ransomware attack in May that, according to findings of the UK’s National Audit Office (NAO), hobbled one in three NHS organizations in England. As a result, 19,500 medical appointments were cancelled, computers at 600 GP surgeries were locked, and five hospitals had to divert ambulances elsewhere.
“It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice. There are more sophisticated cyberthreats out there than WannaCryptor so the Department [of Health] and the NHS need to get their act together to ensure the NHS is better protected against future attacks,” NAO head Amyas Morse was quoted as saying.