ROYAL PAPWORTH HOSPITAL NHS
“ This issue is really high on the agenda at Royal Papworth ,” says Raynes . “ It ’ s one of the biggest risks we face , so I ’ m always keen to get metrics coming through on the side of cybersecurity , on our posture defence and the size of any potential attack .
“ The NHS is a wide-ranging public service , so the attack surface for cyber criminals hackers is massive . This means perimeter security may be variable in places , and the health and care data set itself is a rich source of information that in the wrong hands can probably provide great insights into helping authenticate and therefore steal data .”
Of course , cyberattacks on the NHS have already taken place in recent times , with the compromise of NHS 111 and an attack on the ambulance service in 2022 .
The NHS is a highly interconnected service , so if one area of operations is targeted , it can lead to untold impacts in other areas of the organisation .
Now in 2024 , there is growing concern around the capabilities of new AI-based attacks , which have capabilities beyond the human interventions that currently exist in health and care services .
“ We need to create a rebuttal to these kinds of attacks ,” says Raynes . “ But how do you do that if you ’ re not using artificial intelligence to defend against artificial intelligence-based attacks ?
“ This cranks the pressure up on using AI in the right way to defend your organisation and grow your cyber posture . So that ’ s definitely something to be wary of .
“ I ’ m privileged and responsible as CIO to look after all of our patient data . It ’ s about being the safeguard of trust . Patients trust the NHS , so what happens if their data falls into the wrong hands ? My colleagues and I need to do everything we can to make sure we protect that trust .
“ You can ’ t just keep switching technology on for the sake of it … you ’ ve got to look at what technology you ’ re going to turn off before introducing something new ”
ANDREW RAYNES CIO , ROYAL PAPWORTH HOSPITAL NHS
“ Cybersecurity is a real issue , and organisations really need to consider what kind of investments and securities they are putting in place this year as the cyber threat becomes more real .”
Improving security and driving innovation through partnerships Indeed , driving greater security standards and ensuring adequate protection can be achieved through partnerships , and over the last year , the NHS has been working with Zivver to help improve the security standards of its emailing services .
“ Zivver has been great for flagging odd occasions when there are misdirected emails with sensitive information in them . It uses AI to help point out potentially sensitive data in an email before it is sent .
“ It puts a nice checks and balances system in place for users . We all live and work in a fast-paced environment , so this helps mitigate against any accidental incidents .”
296 March 2024