After WannaCry knocked it offline, UK's National Health Service banks on new security center to improve cybersecurity

The new $27 million project will provide the NHS Security Operations Center with enhanced monitoring capabilities, ethical hacking, vulnerability testing and malware analysis.
By Jessica Davis
03:08 PM
NHS WannaCry ransomware

The U.K. National Health Service recently launched a 20 million pound -- or about $27 million -- project on a new security operations center to help its hospital and health centers fend off cyberattacks.

The new Security Operations Center will improve the health system’s current security capabilities, including ethical hacking, malware analysis and pen testing. The center is also tasked with giving NHS Trusts cybersecurity guidance.

[Update: Trump administration says North Korea 'directly responsible' for WannaCry]

The announcement comes on the heels of the massive global WannaCry attack. Over 50 NHS Trusts were impacted by the attack, including about 600 surgeries and more than 19,000 appointment cancellations. In fact, five hospitals were forced to divert ambulances to other facilities.

The attack was the largest cyberattack ever experienced by the health system -- although individual trusts were hit by other hacks prior to the May 12 attack.

A National Audit Office report in October found that outdated and unsupported operating systems still in use by NHS and a lack of basic security measures left the organization vulnerable to attack.

[Also: WannaCry victim NHS Lanarkshire hit by new ransomware strain]

One of the security center’s tasks will be to ensure all NHS Trusts are following best practices. Further, the center will perform ongoing monitoring. The funding will also invest in NHS Digital, the national IT partner of the health system, which will provide a monitoring service to analyze intelligence over multiple sources. NHS Digital will also share threat intelligence to all health providers.

The security center will give all NHS organizations dealing with a cybersecurity incident specialist support and on-site security assessments. To NHS Digital Security Center Head Dan Taylor, the partnership will provide needed resources during peak periods and help proactively monitor the web for emerging threats.

[Also: New WannaCry variant takes down North Carolina provider]

“It will also allow us to improve our current capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats,” said Taylor in a statement.

"By creating a national, near-real-time monitoring and alerting service that covers the whole health and care system, the SOC will drive economies of scale, giving health and care organizations additional intelligence and support services that they might not otherwise be able to access," he added.

Twitter: @JessieFDavis
Email the writer:

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.