Story image

NHS signs £150m cybersecurity deal with Microsoft – but is it enough?

03 May 18

​News has emerged of NHS finally bolstering its defences in light of the ‘growing threat’ of cyberattacks.

NHS has signed a deal with Microsoft worth £150 million to upgrade its security systems.

This comes almost a year after the fiasco caused by the WannaCry virus where at least 80 health trusts and 603 NHS organisations and GP practices were disrupted by the global ransomware attack, causing the cancellation of around 20,000 hospital appointments and operations with ambulances being diverted from some A&Es.

Since 2017 the government says it has invested £60 million to address these issues, so the additional £150 million to be spent over three years will be a big boost.

Health and Social Care secretary Jeremy Hunt says the investment will enhance security intelligence to give individual trusts the ability to detect threats, isolate infected machines and kill malicious processes before they can spread.

“We know cyber attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust,” says Hunt.

“We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat. This new technology will ensure the NHS can use the latest and most resilient software available – something the public rightly expect.”

However, Skybox Security director Peter Batchelor argues the problem can’t just be fixed by throwing money at it. The first step, Batchelor says, should start from a goal of assuring availability of uninterrupted medical services, and cybersecurity is critical for ensuring this continuity.

“Cybersecurity for cybersecurity’s sake, including an obsession with metrics of malware blocked, isn’t appropriate when what’s of prime importance to the NHS is that patient services will not be interrupted by another cyberattack,” Batchelor says.

“Visibility of threats and vulnerabilities is key but not if it simply hands a small and overstretched team of NHS IT specialists an even longer to do list. They are desperate for practical support that tells them what the priorities are to work on immediately and automates much of the workload of closing down vulnerabilities effectively.”

Batchelor says despite the widespread criticism, NHS Digital and other stakeholders are all working incredibly hard to make NHS more secure for all of the United Kingdom.

“Their prime concern is delivering excellent medical services and outcomes for patients. Cybersecurity must serve this end but must not get in the way,” says Batchelor.

“Letting teams see and assess the risks and security priorities clearly, being able to run attack simulation on a daily/weekly basis and at the touch of a button without interrupting medical care or placing additional burden on the limited NHS IT resources, is what the NHS requires and, in our experience, is already working towards.”

Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.