15 July 2020

The NHS in England and other public sector bodies can now access free cybersecurity services, ranging from risk management to incident response.

Rolled out by NHS Shared Business Services (NHS SBS), the Cyber Security Services Framework is aservice that will provid eaccess to cybersecurity experts, offering a range of services such as consultancy, incident response and recovery, risk management and staffing.

NHS SBS said the framework addresses the Department of Health and Social Care’s cyber security agenda and will work alongside services already available from NHS Digital’s Data Security Centre.

It was developed in partnership with NHS Digital and the National Cyber Security Centre (NCSC) and has an estimated value of £250m. It is set to run until May 2022 with an option to extend for two years up to 2024.

“The launch of this new framework is par- ticularly timely as the COVID-19 pandemic has prompted a new wave of cyber-attacks and scams,” said director of procurement at NHS SBS, Phil Davies. “We welcomed the opportunity to partner with NHS Digital and look forward to continuing our collaborative relationship to ensure the agreement meets national cyber needs. Technology plays a huge part in the way the NHS deliv- ers patient care, so it is vital that healthcare providers keep data secure, whilst being prepared for and resilient against attacks.”

Davies added that the NHS and public sector have been proactive in harnessing improvements in cybersecurity since the WannaCry attacks in 2017, “but there is still more work to be done”.