NHS Digital and Microsoft buddy up for threat detection service

Microsoft will help NHS Digital protect healthcare organisations from cyber-attacks through a new partnership which makes use of the software giant’s Threat Detection Service.

Organisations that enable the service will able to receive targeted alerts about threats to their IT systems, including a full description of the problem and advice on how to fix it.

Microsoft’s Enterprise Threat Detection Service can detect issues on organisational networks and trace them all the way to individual machines and devices.

The contract for the service was agreed following a successful pilot with NHS Digital and Blackpool Teaching Hospitals Foundation Trust.

The service has already been deployed on over 30,000 machines in health and care settings in England, including hospital trusts and GP practices, NHS Digital said.

Dan Taylor, director of security at NHS Digital, said the partnership with Microsoft would “further bolster protection against cyber security issues in the NHS.”

“It is our role to alert organisations to known cyber security threats and advise them of appropriate steps to minimise risks,” Taylor said.

“This marks a step change in our capability to provide high quality, targeted alerts to allow organisations to counter these threats and ensure patients’ needs continue to be met.”

NHS Digital already provides cybersecurity support for healthcare organisations, including advice and threat intelligence services delivered through its CareCERT unit.

It has also developed a peer-to-peer alerting system dubbed the ‘Batsignal’, which provides immediate alerts about cybersecurity incidents and facilitates the sharing of information on how to respond.

Rob Bolton, director and GM for Western Europe at IT security firm Infoblox, called the partnership “encouraging”.

He added: “The NHS faces major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. However, while digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly for the good of their patients, these new technologies also introduce new cyber risk that must be mitigated.

“It’s encouraging then, that Microsoft and NHS Digital are working together on a system that will enable healthcare providers to react more quickly to threats to their IT networks and, hopefully, take the steps necessary to prevent these threats from causing any lasting damage.”

Digital Health News reported in November that NHS Digital would invest £20m in hiring expert security specialists from outside of the organisation to test and support the defences of its security operations centre.

NHS Improvement was recently told that implementing just one recommendation included in an NHS England draft report on learning from the WannaCry cyber-attack would cost £1 billion.