Jakub Jirsák - stock.adobe.com

Government launches £500k healthcare security plan

A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic

The government has set up a £500,000 funding scheme to cover the cost of beefing up cyber security defences at small and medium-sized healthcare firms, reflecting the heightened cyber threat to the UK’s healthcare sector during the Covid-19 coronavirus pandemic.

Announced on 10 September as part of London Tech Week by digital minister Matt Warman, both medical suppliers and primary care providers – excluding GPs who procure security services through a central agreement – are being invited to apply for free certification and training through the Cyber Essentials programme, a joint initiative run by the National Cyber Security Centre (NCSC) and the Department for Digital, Culture, Media and Sport (DCMS).

“We know there is a heightened cyber threat for healthcare businesses at the moment so we are releasing new funding to help those playing a vital role in the pandemic response to remain resilient,” said Warman.

“I also urge all organisations to sign up to the government’s Cyber Essentials programme, which contains a number of simple steps firms can take to get the fundamentals of good cyber security in place.”

Participants will receive a package of services including guidance, support and training to ensure devices are kept up to date, firewall technology is used correctly to secure internet connections, and user access controls to manage employee access to services are understood.

They will also be able to take advantage of security consultancy from NCSC experts to help evaluate their organisation’s risk profiles and develop bespoke security and business continuity plans.

NCSC operations director Paul Chichester said: “Protecting healthcare has been our top priority during the Covid-19 pandemic and we have been working hard to ensure organisations can keep themselves secure.

“While we will continue to support them, signing up to initiatives such as Cyber Essentials is an excellent way for organisations to help themselves.

“Those who have not already taken up this offer should do so – it will help ensure they have fundamental security protections in place, even in the most challenging of times.”

A Cyber Essentials scheme participant from the healthcare sector added: “As a key supplier of medical equipment to the NHS, we qualified for government funding for a Cyber Essentials check on our IT systems.

“It was simple to arrange, we found the assigned partner easy to work with and overall the service has been an excellent sanity check on our IT systems and processes to ensure we are working to the best current security practices. It is definitely worth doing if you can.”

Read more about healthcare security

  • Healthcare IT and security administrators must understand the evolving challenges of protecting healthcare IoT devices and data to keep patients safe.
  • What can the healthcare industry learn about security from finance, retail and manufacturing? Two CISOs who came to healthcare from other industries give their take.
  • Healthcare IT professionals and medical device manufacturers must bolster IoT security with the growing number of connected devices, regulations and the future of remote care.

Read more on Business continuity planning