Kurhan - Fotolia

From front line to back office – how supporting the cyber community keeps the NHS safe

NHS Digital’s chief information security officer describes how the Cyber Associates Network benefits security experts in health and care

Cyber security is a collaborative effort which relies on everyone in an organisation doing their bit to keep information, networks and applications safe.

There are more than 8,000 organisations that make up the NHS, and many more across the wider health and care sector, so the challenges of maintaining robust cyber security cover a wide spectrum.

From the Security Operations Centre (SOC) here at NHS Digital, where we are scanning the wider system for threats and supporting organisations to improve their security, to a local administrator for a clinical commissioning group (CCG) trying to keep primary care systems safe in their patch, by working together, we can help to build a stronger, safer network for everyone.

Across the health and care system, we have to learn from each other and share our experiences so we can find new ways to combat increasingly sophisticated threats, and test and deploy our solutions in a way that provides a cyber defence that is stronger both on a local level and a national level.

This is why we established the Cyber Associates Network (CAN) last year, in partnership with NHSX. The CAN is a peer-led group of cyber security experts from across health and care. They network, develop professionally and share their knowledge, embracing the technological changes that improve their organisations’ security whilst also prioritising patient safety.

We now have well over 1,000 members drawn from all levels of expertise, from those just starting their career in cyber security to those who have decades of knowledge. It covers many different types of organisations, from trusts and primary care to local authorities and pharmacies. Bringing together this breadth of experience gives members the ability to connect and to support each other to tackle every challenge.

CAN members shape and influence the cyber landscape in health and care, while getting early access to new and enhanced services and pilots which help to develop products from the Data Security Centre at NHS Digital. 

“When one organisation is stronger, we all benefit, from the centre to the front lines, and we are always looking for new cyber professionals to join the Cyber Associates Network”
Neil Bennett, NHS Digital

Over the past couple of years, members have had the chance to pilot NHS Secure Boundary before the rest of the sector, as well as tools such as Bitsight and the Vulnerability Management Service (VMS), reaping the benefits of these initiatives while providing crucial feedback that has improved them for the sector at large.

We all know that professional development is important in this fast-evolving field. Having direct access to senior leaders and subject matter experts when they need it is crucial for many members.

Shaun van Niekerk, head of ICT and Cyber at Dartford and Gravesham NHS Foundation Trust, and current CAN Development Group joint chair, has been with the network since inception and represents one of the founding member organisations of the CAN Development Group.

“The potential for the network is unimaginable. Direct communication and engagement between local professionals is so important – it’s only by hearing each other’s stories, journeys and collective challenges that we can share, influence, learn, advance and protect our NHS,” he says.

“As CAN members, we have one chance to create a unified, cohesive relationship between the centre and the front lines, and help each other to build tomorrow’s defences and leaders in cyber security.

“If you join this fantastic group, you can expect to learn, to grow, to challenge others and be challenged yourself. You’ll meet new, amazing colleagues from across the NHS and really make a difference to cyber security development in the public sector. It’s a simple truth that what you put in, we all get out!”

This year, the challenges of keeping our sector safe have been even more complex for every security specialist. The pandemic has meant a rise in remote working and the strain on digital systems has exponentially increased, while the ability to meet in person to network and learn has decreased.

We pushed ahead with our second annual conference at the end of October, delivered entirely online. With three half-days of interactive specialist workshops, product demonstrations and talks from leading subject matter experts, early indications show it has been well received by members.

Our community is growing all the time, and as it grows, so do the benefits. Members know that they are part of a specialist team that helps cyber security at the centre, supporting us to test, review and deploy the latest resources, and to better understand their local priorities around data security.

It is a simple fact that we are better together. When one organisation is stronger, we all benefit, from the centre to the front lines, and we are always looking for new cyber professionals to join us to make that network ever more complete.

Visit the Cyber Associates Network web page for further information on member benefits and how to join.

Read more about security in the NHS

Read more on IT risk management