| answer text |
<p>The National Health Service is putting in place robust measures to protect IT systems
against cyber-attacks. Since May 2017 the Government has invested £60 million to support
NHS providers to improve their security position, with a further £150 million pledged
up until 2021 to improve the NHS’s resilience against attacks.</p><p><br> The Department
published its progress report in February 2018 entitled ‘Securing cyber resilience
in health and care: progress update’. The report is available at the following link:</p><p>
</p><p><a href="https://www.gov.uk/government/publications/securing-cyber-resilience-in-health-and-care-progress-update"
target="_blank">https://www.gov.uk/government/publications/securing-cyber-resilience-in-health-and-care-progress-update</a></p><p>
</p><p>Key actions taken since February 2018 include:</p><p>- signing a Windows 10
licensing agreement with Microsoft which will allow local NHS organisations to save
money, reduce potential vulnerabilities and help increase cyber resilience;</p><p>-
enhancing the capability of the Cyber Security Operations Centre boosting the national
capability to prevent, detect and respond to cyber-attacks through the procurement
of IBM as a specialist partner;</p><p>- launching the Data Security and Protection
Toolkit which provides an accessible dashboard enabling trusts to track their progress
in meeting the 10 Data Security Standards;</p><p>- agreeing plans to implement the
recommendations of the Chief Information Officer for Health and Care’s review of the
May 2017 WannaCry attack;</p><p>- provided specialist face to face security training
(System Security Certified Practitioner - SSCP) for over 100 staff; and</p><p>- in
May 2018 the Network and Information Security Regulations came into force which requires
operators of essential services (including some NHS healthcare providers) to put appropriate
security measures in place and to report significant incidents that occur.</p>
|
|
