NHS’ supply chain security 15-20 years behind other sectors says Huggins

Cyber Security, News

  • 15 March 2023
NHS’ supply chain security 15-20 years behind other sectors says Huggins
Jordan Sollof
November 24, 2021

Following the Advanced cyber attack in August 2022, Phil Huggins has revealed to a Digital Health Rewired audience that in its current state the NHS supply chain’s “state of security is 15 to 20 years behind other sectors”.

The national chief information security officer for health and care at NHS England was speaking alongside a panel on the Cyber Security Stage on day two of Digital Health Rewired 2023 in London, in a session titled ‘Assurance, Resilience and Recovery: Lessons from the August 2022 Attack on Advanced’.

Huggins explained that “(the NHS’) supply chain has not got the attention it needs” and therefore “there’s a lot of work to do” to improve security.

Advanced cyber attack ‘worse than Covid’

Although there were no casualties as a result of the Advanced cyber attack, the impact on clinicians across the healthcare system was and continues to be enormous.

Ayesha Rahim, clinical lead for digital mental health at NHS England and chief medical information officer at Surrey and Borders Partnership Foundation Trust, was also on the panel, and spoke of the huge impact the attack had on staff.

“The date 4th August is imprinted in my brain”, Rahim said, which is when the attack first happened and was first reported. She explained that it is “quite difficult to fully convey the chaos this caused”, giving examples of staff having no idea what a patient’s background was and therefore having to do everything “blindfolded”.

Rahim said staff could not tell if it was safe to go out on visits to mental health patients due to the lack of data and information on them, and every time a person saw a staff member they were retraumatised having to explain their past over and over, including experiences of sexual abuse.

“A lot of staff described the situation as worse than Covid”, Rahim told the Rewired audience, and believes that the whole attack has “gone under the radar a little bit”.

She added: “The last mental health trust was back on this month, let that sink in.”

Also on the panel in the session was Jamie Graham, assistant director of cyber at Digital Health and Care Wales, and James Hughes, VP of sales engineering at Rubrik, the sponsors of the Cyber Security Stage.

Subscribe To Our Newsletters

Find out more

Subscribe to our newsletter

Subscribe To Our Newsletter

Prev News

NHS shouldn’t use tech risks fear to avoid embracing innovation…

Next News

Largest EPR implementation programme in UK already reporting benefits

Related News

Mike Fell: Cyber resilience is essential for the NHS shift to digital
Digital Transformation March 25, 2026

Mike Fell: Cyber resilience is essential for the NHS shift to digital

The health service cannot achieve the shift from 'analogue to digital' without cyber resilience, said NHSE's cyber chief.
NHS supplier hit by cyber attack by pro-Iran activist hackers
News March 17, 2026

NHS supplier hit by cyber attack by pro-Iran activist hackers

The supply of defibrillator products and other medical equipment to the NHS has been affected by a cyber attack by a pro-Iran group.
Digital Health Coffee Time Briefing ☕
News March 12, 2026

Digital Health Coffee Time Briefing ☕

Today's briefing includes news of a cardiovascular disease screening initiative and a fellowship to explore the application of AI in genomics.