NHS Digital selects IBM to boost cybersecurity

NHS Digital enters three year partnership with IBM to enhance data security and expand Cyber Security Operations Centre,

[London, UK] NHS Digital has announced a three-year £30m strategic partnership with IBM to provide enhanced data and cybersecurity services to health and care organisations through its Cyber Security Operations Centre (CSOC).

These services will support NHS Digital’s current capability to monitor, detect and respond to a variety of security risks and threats across the NHS, and include vulnerability scanning and malware analysis. This will enable NHS Digital to offer specialist advice to individual NHS organisations, calling on the knowledge drawn from IBM Security.

The deal will also give access to IBM’s X-Force repository of threat intelligence, which provides insight and advice to enable health and care organisations to take appropriate action to prepare for, or mitigate against, identified risks and threats.

The contract, which was originally tendered in late 2017, will also enable the CSOC to provide enhanced monitoring capability to detect threats across NHS Digital’s national system and services; deliver security monitoring pilots across selected NHS organisations to identify solutions that could be rolled-out across the NHS estate; and establish an innovation service to test out new technologies.

“This partnership will allow us to share knowledge and skills from the information security industry, whilst continuing to develop our internal expertise and supporting health and care organisations to build their own cyber resilience", said Dan Taylor, Programme Director, Data Security Centre at NHS Digital.

“It will build on our existing ability to proactively monitor for security threats, risks, and emerging vulnerabilities, while supporting the development of new services for the future and enabling us to better support the existing needs of local organisations. This will ensure that we can evolve our security capability in line with the evolving cyber threat landscape.

The deal will also help NHS Digital strengthen how it helps to keep patient information and services safe and secure, he added, “enabling NHS staff and patients to have confidence in the security of our system”.

NHS Digital’s CSOC monitors the Health and Social Care Network (HSCN), providing protection and monitoring services for known cyber threats and vulnerabilities. Its services feature incident response support for NHS organisations, including the rapid on-site deployment of a specialist team of cyber experts. It aims to be a national, near-real-time monitoring and alerting service that covers the whole health and care system.

The original tender was for £20m, but this was increased to £30m earlier this year as the NHS released additional cybersecurity funding.

The partnership is one of several cybersecurity measures underway since the WannaCry ransomware attack of last year, including the deal between Microsoft and the Department of Health and Social Care (DHSC) to have all NHS systems equipped with up-to-date software in an effort to minimise cyber threats amid increasing concerns.

Related News

Three regions selected as Local Health and Care Record Exemplars

Greater Manchester, Wessex and One London will receive up to £7.5m during the next two years to build on existing local shared record initiatives

'Urgent need' to improve public awareness of NHS patient data use

New report from educational charity Corsham Institute calls on the NHS to improve the public’s understanding of patient data security, storage and use

Researchers set out roadmap to restore trust in big data for health science

In the wake of the Cambridge Analytica - Facebook data scandal, researchers warn the health and science community needs to restore public trust