NHS Digital has drafted in IBM in a bid to boost its cyber security defences in the wake of the devastating WannaCry attack that hit hospitals more than a year ago.
Under the three-year deal, reportedly worth 30 million, NHS Digital will gain access to a range of IBM's advanced cyber security services, such as vulnerability scanning and malware analysis, in an expansion to its Cyber Security Operations Centre (CSOC).
The CSOC, which monitors NHS networks for known threats and provides defensive support to health and social care organisations, will also be able to rely on IBM's X-Force repository of threat intelligence.
NHS Digital said this repository will provide insight, guidance, and can offer a wealth of advice to NHS organisations.
"This partnership will enhance our existing CSOC, which is delivered from NHS Digital's Data Security Centre," said Dan Taylor, programme director of the Data Security Centre at NHS Digital.
As part of the agreement, dedicated IBM engineers will offer the NHS extra support "during times of increased need".
"It will build on our existing ability to proactively monitor for security threats, risks, and emerging vulnerabilities, while supporting the development of new services for the future and enabling us to better support the existing needs of local organisations," Taylor added.
"This will ensure that we can evolve our security capability in line with the evolving cyber threat landscape."
The deal will also encompass security monitoring pilots in select NHS organisations to test their cyber security capabilities, with a view to rolling the pilots out across the wider health service, as well as an 'innovation service' allowing NHS Digital to access new tools and expertise to address emerging threats as and when they arise.
Taylor added that while the partnership will strengthen the security of sensitive patient information it will also enable knowledge and skills-sharing between NHS and the industry, allowing the health service to continue developing its own cyber security expertise.
Scrutiny on the NHS's cyber security measures has increased since last summer's WannaCry attack. All 200 trusts failed to pass basic security standards earlier this year despite getting 21 million from the Department for Health in July 2017 to improve its defences.
The NHS has taken various measures to boost its security credentials in recent months, including reaching an agreement with Microsoft to upgrade legacy Windows operating systems to Windows 10 by 2020.
IBM's deal comes as Privitar, the privacy engineering company, also won an NHS Digital contract to develop a de-identification software process, dubbed De-ID, to enable the de-identification of patient records across the NHS, and protect patient identity.
NHS Digital's executive director of data, insights and statistics, Tom Denwood, said that De-ID will replace various de-identification methods across the NHS, bringing one consistent process to all patient data as it flows through different NHS systems.
It follows the introduction of NHS Digital's data-sharing opt-out tool for patients across England who want to scrub their confidential information from being used for research and planning.
-
This DeepSeek-powered pen testing tool could be a Cobalt Strike successorNews ‘Villager’, a tool developed by a China-based red team project known as Cyberspike, is being used to automate attacks under the guise of penetration testing.
-
NinjaOne expands availability on CrowdStrike MarketplaceNews CrowdStrike Falcon customers now have simplified access to NinjaOne’s automated endpoint management capabilities
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
