NHS Supply Chain selects Leidos as cyber security provider

US-based IT and defence company Leidos has been appointed cyber security provider of NHS Supply Chain.

NHS Supply Chain manages the souring, delivery and supply of healthcare products, services and food for NHS trusts and healthcare organisations across England and Wales.

Under a three-year contract, Leidos will help NHS Supply Chain improve its defence capabilities, with a focus on threat and vulnerability management.

Matt Wynn, executive director for data and technology at NHS Supply Chain, said: “Our collaboration with Leidos demonstrates our intent to continue to drive forward an improved cyber security posture.

“Ensuring robust, proactive security and vulnerability management is crucial for safeguarding the wider business against external threats and helping protect the NHS.

“As well as being incredibly experienced in this business-critical field, Leidos have a deep understanding of the types of environments we will be working in where multiple collaborators work seamlessly together as a single, unified technology team.”

The partnership is part of NHS Supply Chain’s wider IT transformation efforts aimed at securing its networks against cyber threats and includes round-the-clock security operations from Leidos.

It said the partnership with Leidos was “an important building block in the transformation of IT at NHS Supply Chain,” aimed at future-proofing the systems for future technological needs and aspirations”.

Leidos’ appointment follows a flurry of cyber-attacks aimed at healthcare systems in 2024, including a high-profile ransomware attack on pathology systems provider Synnovis in June.

Rachel Million, head of cyber security at NHS Supply Chain, said: “This collaboration is a significant step in strengthening our cyber security posture.

“The importance of which has been highlighted with the Synnovis ransomware attack last summer, demonstrating the very real threats faced by the healthcare system.”

Eric Freeman, chief executive of Leidos UK & Europe, added: “Leidos brings extensive experience in delivering trusted cyber solutions.

“With decades of cyber experience and a global workforce skilled in this domain, our team utilises advanced capabilities to counter threats and secure what matters most.

“We are committed to adding value to NHS Supply Chain and supporting its essential work in delivering excellent patient care.”

The 2024 Synnovis attack prompted NHS England to put out a £4.3 million contract aimed at developing a platform for tracking security risks throughout the NHS supply chain.

Speaking at NHS Confed Expo on 12 June 2024, Mark Edwards, chief information security officer at Digital Health and Care Wales, predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.