Security Operations Center will enhance healthcare organization’s digital defenses

Six months after the global WannaCry ransomware epidemic, the UK’s National Health Service (NHS) has announced it will invest £20 million ($26.5 million) in a new project aimed at boosting the healthcare organization’s cyber-defenses.

The funds will be used to create a new Security Operations Center, which will provide “enhanced monitoring” of NHS systems, while offering guidance, advice, and threat intelligence to thousands of healthcare trusts, GP practices, and related entities across the UK.

The new division will also provide on-site data security assessments for NHS organizations and specialist support for any NHS group which believes it may have been affected by a cybersecurity incident.

Details of the project were outlined earlier today by NHS Digital, the national information and technology partner of the country’s state-funded medical and healthcare organization.

“The Security Operations Center will enhance NHS Digital’s current data security services that support the health and care system in protecting sensitive patient information,” said Dan Taylor, head of the Digital Security Center at NHS Digital.

According to Taylor, the partnership will allow the NHS to improve its current capabilities in ethical hacking, vulnerability testing, and forensic analysis of malicious software, while improving the organization’s ability to anticipate future vulnerabilities.

News of the new cybersecurity division comes on the heels of the global WannaCry incident, which hit hundreds of thousands of PCs around the world and affected 47 NHS trusts in May.

NHS Digital said it is currently looking for a partner to support the project by providing additional specialist expertise. The contract is tendered to run for three to five years.

“By creating a national, near-real-time monitoring and alerting service that covers the whole health and care system, the Security Operations Center will drive economies of scale, giving health and care organizations additional intelligence and support services that they might not otherwise be able to access,” Taylor said.