{"id":5171,"date":"2026-04-20T11:37:32","date_gmt":"2026-04-20T11:37:32","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2026\/04\/20\/ncsc-outlines-coordinated-plan-to-boost-nhs-cyber-resilience\/"},"modified":"2026-04-20T11:37:32","modified_gmt":"2026-04-20T11:37:32","slug":"ncsc-outlines-coordinated-plan-to-boost-nhs-cyber-resilience","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/04\/20\/ncsc-outlines-coordinated-plan-to-boost-nhs-cyber-resilience\/","title":{"rendered":"NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n
\n

The UK\u2019s National Cyber Security Centre (NCSC) has shared details of an ongoing coordinated plan to improve cyber resilience in the National Health Service (NHS).<\/p>\n

Over the past 18 months, government and industry organizations have deepened their collaboration to reduce cyber risk and improve detection, the agency said in a blog post published on 17 April.<\/p>\n

It pointed to several pillars underpinning this strategy:<\/p>\n

    \n
  • Piloting new tools and services through the Active Cyber Defence (ACD) 2.0 program<\/li>\n
  • Enhancing the security of the software supply chain<\/li>\n
  • Managing vulnerability disclosures and sharing threat intelligence<\/li>\n
  • Improving visibility to better understand the threat surface and deploy \u201cdefensive tradecraft\u201d<\/li>\n
  • Promoting NCSC tools and services including its Early Warning service, the Cyber Action Toolkit and the Cyber Essentials scheme<\/li>\n<\/ul>\n

    Read more on NHS security: NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers<\/em><\/p>\n

    Nicholas W.\u00a0of the NCSC\u2019s National Resilience Directorate explained how the government\u2019s Software Security Code of Practice is already being used by the NHS in procurement to better understand the cyber maturity of suppliers.<\/p>\n

    The NCSC has also partnered with a healthcare organization, using data science tools to help it understand and prioritize supplier risk. There are plans to expand this initiative, by combining data such as incident history, alert and vulnerability activity\u00a0from the NCSC Early Warning service with technical indicators including remediation patterns and exposed attack surfaces.<\/p>\n

    The NCSC highlighted how it has helped NHS England, the NHS Business Services Authority and NHS Scotland to establish internal vulnerability disclosure processes. This is in addition to its own Vulnerability Reporting Service (VRS), which has supported GP surgeries, NHS trusts, ambulance services, acute hospital trusts and health boards since 2019.<\/p>\n

    Other efforts include:<\/p>\n

      \n
    • The NHS App was the first government-sponsored app to offer\u00a0passkeys, and more organizations are set to follow suit<\/li>\n
    • Continued work on External Attack Surface Management (EASM) and deception technology experiments across the sector<\/li>\n
    • Use of analytics to identify and resolve DNS-related risks<\/li>\n
    • NCSC Threat Hunting Workshops, which bring together cyber analysts from the sector to tackle real\u2011world threats, develop defensive playbooks, and strengthen relationships<\/li>\n<\/ul>\n

      Why Cyber Resilience Is Critical for the UK Healthcare Sector<\/strong><\/h2>\n

      The need for resilience building in the UK\u2019s healthcare sector is much needed, given historic incidents.<\/p>\n

      The WannaCry campaign in 2017 cost the health service an estimated \u00a392m\u00a0($118.6m), while a more recent ransomware attack on supplier Synnovis in 2024 led to the cancellation of 1500 operations and appointments and has been linked to the death of a patient.<\/p>\n

      The NHS was also rocked by a 2022 ransomware attack which struck IT partner Advanced Computer Software Group. That\u00a0resulted in the theft of data on tens of thousands of individuals and major disruption to patient referrals, out-of-hours appointment bookings, emergency prescriptions and ambulance dispatches.<\/p>\n

      The key to the NCSC-driven plan for boosting resilience is collaboration across multiple industry and government stakeholders, said Nicholas W.<\/p>\n

      \u201cTaken together, this work shows what is possible when organizations align around a shared goal. Effort is coordinated rather than duplicated, lessons are reused, and risk is reduced across the system, not just within individual organizations,\u201d he concluded.<\/p>\n

      \u201cMost importantly, this approach offers a model for other critical sectors. Cybersecurity challenges are too complex for any one organization to tackle alone.\u201d<\/p>\n<\/p><\/div>\n

      \n

      The UK\u2019s National Cyber Security Centre (NCSC) has shared details of an ongoing coordinated plan to improve cyber resilience in the NHS.<\/p>\n

      Over the past 18 months, government and industry organizations have deepened their collaboration to reduce cyber risk and improve detection, the agency said in a blog post on Friday.<\/p>\n

      It pointed to several pillars underpinning this strategy:<\/p>\n

        \n
      • Piloting new tools and services through the Active Cyber Defence (ACD) 2.0 program<\/li>\n
      • Enhancing the security of the software supply chain<\/li>\n
      • Managing vulnerability disclosures and sharing threat intelligence<\/li>\n
      • Improving visibility to better understand the threat surface and deploy \u201cdefensive tradecraft\u201d<\/li>\n
      • Promoting NCSC tools and services including its Early Warning service, the Cyber Action Toolkit and the Cyber Essentials scheme<\/li>\n<\/ul>\n

        Read more on NHS security: NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers.<\/em><\/p>\n

        \u201cNicholas W\u201d of the NCSC\u2019s National Resilience Directorate explained how the government\u2019s Software Security Code of Practice is already being used by the NHS in procurement to better understand the cyber maturity of suppliers.<\/p>\n

        The NCSC has also partnered with a healthcare organization, using data science tools to help it understand and prioritize supplier risk. There are plans to expand this initiative, by combining data such as incident history, alert and vulnerability activity\u00a0from the NCSC Early Warning service with technical indicators including remediation patterns and exposed attack surfaces.<\/p>\n

        The NCSC highlighted how it has helped NHS England, the NHS Business Services Authority and NHS Scotland to establish internal vulnerability disclosure processes. This is in addition to its own Vulnerability Reporting Service (VRS), which has supported GP surgeries, NHS trusts, ambulance services, acute hospital trusts and health boards since 2019.<\/p>\n

        Other efforts include:<\/p>\n