NHS’ supply chain security 15-20 years behind other sectors says Huggins

  • 15 March 2023
NHS’ supply chain security 15-20 years behind other sectors says Huggins

Following the Advanced cyber attack in August 2022, Phil Huggins has revealed to a Digital Health Rewired audience that in its current state the NHS supply chain’s “state of security is 15 to 20 years behind other sectors”.

The national chief information security officer for health and care at NHS England was speaking alongside a panel on the Cyber Security Stage on day two of Digital Health Rewired 2023 in London, in a session titled ‘Assurance, Resilience and Recovery: Lessons from the August 2022 Attack on Advanced’.

Huggins explained that “(the NHS’) supply chain has not got the attention it needs” and therefore “there’s a lot of work to do” to improve security.

Advanced cyber attack ‘worse than Covid’

Although there were no casualties as a result of the Advanced cyber attack, the impact on clinicians across the healthcare system was and continues to be enormous.

Ayesha Rahim, clinical lead for digital mental health at NHS England and chief medical information officer at Surrey and Borders Partnership Foundation Trust, was also on the panel, and spoke of the huge impact the attack had on staff.

“The date 4th August is imprinted in my brain”, Rahim said, which is when the attack first happened and was first reported. She explained that it is “quite difficult to fully convey the chaos this caused”, giving examples of staff having no idea what a patient’s background was and therefore having to do everything “blindfolded”.

Rahim said staff could not tell if it was safe to go out on visits to mental health patients due to the lack of data and information on them, and every time a person saw a staff member they were retraumatised having to explain their past over and over, including experiences of sexual abuse.

“A lot of staff described the situation as worse than Covid”, Rahim told the Rewired audience, and believes that the whole attack has “gone under the radar a little bit”.

She added: “The last mental health trust was back on this month, let that sink in.”

Also on the panel in the session was Jamie Graham, assistant director of cyber at Digital Health and Care Wales, and James Hughes, VP of sales engineering at Rubrik, the sponsors of the Cyber Security Stage.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Crisis communications: how to cope when the NHS is held to ransom

Crisis communications: how to cope when the NHS is held to ransom

Building a reputation in health tech can take decades, yet it can be undone by a single crisis, writes Silver Buck’s Sarah Bruce
Three things we must do now to prevent patient harm from digital tech

Three things we must do now to prevent patient harm from digital tech

In the wake of reports linking IT flaws to deaths of patients, and the recent cyber attack on pathology in south east London, Chris Fleming…
Surrey and Borders select Better and Avenue3 for new integrated platform

Surrey and Borders select Better and Avenue3 for new integrated platform

Surrey and Borders Partnership NHS FT has selected Better to provide a new digital health platform and Avenue3 to implement a mental health patient portal.