NHS’ supply chain security 15-20 years behind other sectors says Huggins

Cyber Security, News

  • 15 March 2023
NHS’ supply chain security 15-20 years behind other sectors says Huggins
Jordan Sollof
November 24, 2021

Following the Advanced cyber attack in August 2022, Phil Huggins has revealed to a Digital Health Rewired audience that in its current state the NHS supply chain’s “state of security is 15 to 20 years behind other sectors”.

The national chief information security officer for health and care at NHS England was speaking alongside a panel on the Cyber Security Stage on day two of Digital Health Rewired 2023 in London, in a session titled ā€˜Assurance, Resilience and Recovery: Lessons from the August 2022 Attack on Advancedā€™.

Huggins explained that “(the NHS’) supply chain has not got the attention it needs” and therefore “there’s a lot of work to do” to improve security.

Advanced cyber attack ‘worse than Covid’

Although there were no casualties as a result of the Advanced cyber attack, the impact on clinicians across the healthcare system was and continues to be enormous.

Ayesha Rahim, clinical lead for digital mental health at NHS England and chief medical information officer at Surrey and Borders Partnership Foundation Trust, was also on the panel, and spoke of the huge impact the attack had on staff.

ā€œThe date 4th August is imprinted in my brainā€, Rahim said, which is when the attack first happened and was first reported. She explained that it is ā€œquite difficult to fully convey the chaos this causedā€, giving examples of staff having no idea what a patientā€™s background was and therefore having to do everything ā€œblindfoldedā€.

Rahim said staff could not tell if it was safe to go out on visits to mental health patients due to the lack of data and information on them, and every time a person saw a staff member they were retraumatised having to explain their past over and over, including experiences of sexual abuse.

ā€œA lot of staff described the situation as worse than Covidā€, Rahim told the Rewired audience, and believes that the whole attack has ā€œgone under the radar a little bitā€.

She added: ā€œThe last mental health trust was back on this month, let that sink in.ā€

Also on the panel in the session was Jamie Graham, assistant director of cyber at Digital Health and Care Wales, and James Hughes, VP of sales engineering at Rubrik, the sponsors of the Cyber Security Stage.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

NHS shouldnā€™t use tech risks fear to avoid embracing innovation…

Next News

Largest EPR implementation programme in UK already reporting benefits

Related News

Crisis communications: how to cope when the NHS is held to ransom
Opinion June 27, 2024

Crisis communications: how to cope when the NHS is held to ransom

Building a reputation in health tech can take decades, yet it can be undone by a single crisis, writes Silver Buckā€™s Sarah Bruce
Three things we must do now to prevent patient harm from digital tech
Opinion June 25, 2024

Three things we must do now to prevent patient harm from digital tech

In the wake of reports linking IT flaws to deaths of patients, and the recent cyber attack on pathology in south east London, Chris Fleming…
Surrey and Borders select Better and Avenue3 for new integrated platform
Digital Transformation May 29, 2024

Surrey and Borders select Better and Avenue3 for new integrated platform

Surrey and Borders Partnership NHS FT has selected Better to provide a new digital health platform and Avenue3 to implement a mental health patient portal.