The NHS is spending £20m to set up a security operations center that will oversee the health service’s digital defenses. It will employ “ethical hackers” to look for weaknesses in health computer networks, not just react to breaches. Such hackers use the same tactics seen in cyber-attacks to help organizations spot weak points.
In May, one-third of UK health trusts were hit by the WannaCry worm, which demanded cash to unlock infected PCs Ethical hackers. In a statement, Dan Taylor, head of the data security center at NHS Digital, said the center would create and run a “near-real-time monitoring and alerting service that covers the whole health and care system”. The center would also help the NHS improve its “ability to anticipate future vulnerabilities while supporting health and care in re-mediating current known threats”, he said. The operations center guidance would complement the existing teams the NHS used to defend itself against cyber-threats.
NHS Digital, the IT arm of the health service, has issued an invitation to tender to find a partner to help run the project and advise it about the mix of expertise is required. Kevin Beaumont, a security vulnerability manager, welcomed the plan to set up the center.
Many private sector organizations already have similar central teams that use threat intelligence and analysis to keep networks secure.”Having a function like this is essential in modern-day organizations,” Mr. Beaumont said.
“In an event like WannaCry, the center could help hospitals know where they are getting infected from in real time, which was a big issue at the time, organizations were unsure how they were being infected”.
In October, the UK’s National Audit Office said NHS trusts had been caught out by the WannaCry worm because they had failed to follow recommended cyber-security policies.
The NAO report said NHS trusts had not acted on critical alerts from NHS Digital or on warnings from 2014 that had urged users to patch or migrate away from vulnerable older software By Ethical hackers.
Reference: BBC News