Government launches £500k healthcare security plan

The government has set up a £500,000 funding scheme to cover the cost of beefing up cyber security defences at small and medium-sized healthcare firms, reflecting the heightened cyber threat to the UK’s healthcare sector during the Covid-19 coronavirus pandemic.

Announced on 10 September as part of London Tech Week by digital minister Matt Warman, both medical suppliers and primary care providers – excluding GPs who procure security services through a central agreement – are being invited to apply for free certification and training through the Cyber Essentials programme, a joint initiative run by the National Cyber Security Centre (NCSC) and the Department for Digital, Culture, Media and Sport (DCMS).

“We know there is a heightened cyber threat for healthcare businesses at the moment so we are releasing new funding to help those playing a vital role in the pandemic response to remain resilient,” said Warman.

“I also urge all organisations to sign up to the government’s Cyber Essentials programme, which contains a number of simple steps firms can take to get the fundamentals of good cyber security in place.”

Participants will receive a package of services including guidance, support and training to ensure devices are kept up to date, firewall technology is used correctly to secure internet connections, and user access controls to manage employee access to services are understood.

They will also be able to take advantage of security consultancy from NCSC experts to help evaluate their organisation’s risk profiles and develop bespoke security and business continuity plans.

NCSC operations director Paul Chichester said: “Protecting healthcare has been our top priority during the Covid-19 pandemic and we have been working hard to ensure organisations can keep themselves secure.

“While we will continue to support them, signing up to initiatives such as Cyber Essentials is an excellent way for organisations to help themselves.

“Those who have not already taken up this offer should do so – it will help ensure they have fundamental security protections in place, even in the most challenging of times.”

A Cyber Essentials scheme participant from the healthcare sector added: “As a key supplier of medical equipment to the NHS, we qualified for government funding for a Cyber Essentials check on our IT systems.

“It was simple to arrange, we found the assigned partner easy to work with and overall the service has been an excellent sanity check on our IT systems and processes to ensure we are working to the best current security practices. It is definitely worth doing if you can.”