NHS Digital issues £20m tender for Security Operations Centre
[London, UK] NHS Digital has issued a £20m tender to find a strategic partner to support with the delivery and development of a new Security Operations Centre.
Details of the plan were first made public in the Fit for 2020 report from the NHS Digital Capability Review published in July.
Suppliers can submit requests to participate until 20 December.
The centre will not replace NHS Digital’s CareCERT services or its Data Security Centre, but ‘enhance’ cyber defence capabilities across the health and care sector and allow standardisation of processes under a ‘single unified’ Security Operating Model.
According to Conservative MP for Thurrock and Health Minister Jackie Doyle-Price, NHS Digital’s CareCERT blocks more than 90 million ‘harmful activities’ every month to prevent cyber attacks.
In its response to the National Data Guardian Data Security, Consent and Opt-Outs and the Care Quality Commission Safe Data, Safe Care reviews, published in July, the Department of Health said it would boost investment to improve cyber resilience of the NHS above the £50m identified in the Spending Review, with an initial £21m capital fund set up for major trauma sites.
However, Barts Health NHS Trust, one of the worst-hit in the WannaCry cyber-attack from May this year, revealed last month it had not received any of the funding promised to strengthen its cyber defence. The trust had to shut down its major trauma centre after the ransomware infiltrated 1,700 PCs out of 8,000 at one of its sites in only seven minutes on 12 May.
NHS Digital’s latest board papers indicate 460 NHS organisations are due to sign up to CareCERT services before the end of the month.