NHS Digital is planning to develop a cyber business intelligence and risk platform for the health service as one of its plans for improving data security over the next two years.
The organisation’s chief information security officer Dan Pearce has said it should help local and arm’s length bodies in the NHS to better understand and plan for cyber risks.
While providing no further details, he said it will accompany NHS Digital’s efforts to provide best practice standards, cyber security architectural patterns, and process and policy templates. It also plans to work on engraining cyber secure behaviours in the day-to-day work of the NHS.
“We cannot be complacent,” Pearce says in a blogpost. “The threat we face is growing and constantly changing, and it will require a continued and concerted effort across the health and care system to effectively combat it.”
His statement comes soon after NHS Digital – which provides digital services to the NHS in England – produced new good practice in cyber security guidance for NHS staff. It includes a series of assets that can be downloaded from its website.
Pearce also highlights a number other steps over the past two years, including the setting up of a Cyber Security Operations Centre, the introduction of Windows Advanced Threat Protection for NHS devices, and the development of a Cyber Security Support Model that includes on-site assessments and training for board members.
It also recently signed a contract with Accenture to provide perimeter cyber security services.
Image from GOV.UK, Open Government Licence v3.0