This site is intended for health professionals only


DHSC announces £150m cyber security plan in the wake of NHS hack attack

The Government has promised to spend £150m on cyber security for the NHS over the next three years.

This announcement follows last year’s WannaCry cyber-attack which saw nearly 600 GP practices locked out of their systems and at least 80 NHS trusts affected.

The Department of Health and Social Care announced their plans to improve the NHS’s ‘resilience against attacks’, which includes a new ‘multi-million’ security deal with Microsoft for all health and care organisations. 

The new security deal will give NHS trusts the ability to detect threats, isolate infected machines and kill malicious processes before they are able to spread.

While £60m has already been invested in cyber security since 2017, the Government’s new £150m pledge has been made to ‘improve resilience’, and will include a new NHS Digital Security Operations Centre which will allow NHS Digital to respond to cyber-attacks faster and reduce the impact on infrastructure.

Health secretary Jeremy Hunt said: ‘We know cyber attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust… This new technology will ensure the NHS can use the latest and most resilient software available – something the public rightly expect.’

Health minister Lord O’Shaughnessy added: ‘This will give patients greater confidence in how their information is managed by the NHS.’

Microsoft UK chief executive officer Cindy Rose said: ‘The importance of helping to protect the NHS from the growing threat of cyber-attacks cannot be overstated. The introduction of a centralised Windows 10 agreement will ensure a consistent approach to security that also enables the NHS to rapidly modernise its IT infrastructure.

‘This agreement ensures NHS staff have the best tools available to help with the incredible work they do, ultimately enabling them to deliver even greater patient care.’

This news comes after MPs called the Government’s progress on NHS cyber safety ‘alarming’ earlier this month, and gave the DHSC just over two months to make progress on their list of 22 ‘lessons learned‘ from the WannaCry attack.