Smart review recommends national chief information and security officer appointment

  • 1 February 2018
Smart review recommends national chief information and security officer appointment

A chief information and security officer (CISO) and and a dedicated cyber security lead should be appointed as national figureheads, according to review into WannaCry.

A soon to be published lessons learned review, authored by NHS England’s CIO Will Smart, lists 22 recommendations including the appointment of a CISO.

The review states the role will work alongside the Department of Health and Social Care, NHS England, NHS Improvement and NHS Digital “to lead on the cyber and security agenda nationally.”

“The role will lead national cyber working groups, help inform policy and drive improvements and standardisation,” the review adds.

In addition, Smart also recommends that NHS Digital appoints a dedicated cyber security lead “working across NHS England, NHS Improvement and other partners such as local government in each of the NHS England regions (North, Midlands and East, London, South East and South West).”

The role will involve working closely with the national CSIO, NHS Digital and local heads of cyber and information security.

Another recommendation included in the review is that “NHS Digital proactively publish guidance about the CareCERT service” – a service designed to offer support to health and social care organisations so they can safely respond to cyber security threats.

Smart says that in the longer term this will mean “NHS Digital should have the ability to isolate organisations, parts of the country or particular services in order to contain the spread of a virus during an incident.”

He also recommends that NHS England should work with partners to develop potential scenarios so that it can manage multiple attacks, for example if there was a terrorist bombing attack combined with a cyber attack.

Smart’s review has revealed that £21m invested in improved cybersecurity last year was “reprioritised” from funds intended to support the paperless NHS.

Subscribe To Our Newsletters

Subscribe to our newsletter

Subscribe To Our Newsletter

Related News

NHS staff to face sack or prison for unlawful patient data access

NHS staff to face sack or prison for unlawful patient data access

NHS England chief executive Sir Jim Mackey has said NHS staff face the sack or even prison if they access patient records unlawfully.
NHS backs rollout of integrated AVT as part of £10bn tech funding

NHS backs rollout of integrated AVT as part of £10bn tech funding

NHS England is rolling out AI tools across the health service, including integrated ambient voice technology, as part of £10bn tech funding.
National NHS leaders join Summer Schools 2026 speaker line-up

National NHS leaders join Summer Schools 2026 speaker line-up

Three national NHS leaders shaping the future of digital health have been confirmed for Summer Schools 2026, which takes place on 16-17 July.