'Hospitals may close' during future cyberattacks, NHS boss warns
An NHS Digital official says he's in no doubt that health services will be severely impacted by cybersecurity incidents in future.
Tuesday 10 October 2017 17:12, UK
Hospitals may have to close their doors due to future cyber incidents, the head of data security at NHS Digital has said.
Dan Taylor, who has headed the NHS cybersecurity programme for two years, told Sky News: "We're in a war here, it's an ongoing war, and we're going to lose some battles."
He stressed the importance of having "that honest conversation now" in preparation for serious incidents in future after a ransomware worm .
Only 47 out of approximately 20,000 health organisations were affected by the WannaCry ransomware worm, according to Mr Taylor - meaning "the impact was quite small" in context.
This was not to underplay the cancellation of outpatient visits and the turning away of patients from Accident and Emergency wards, but "as a dress rehearsal - as a 'lesson learned' - it was good".
He added: "It raised awareness of how cybersecurity can actually impact patient-facing services."
Mr Taylor had no doubt that health services will be severely impacted by cybersecurity incidents in the future - comparing his job to that of a doctor.
It may not be possible to prevent infection and injury both in healthcare and in cybersecurity, but expecting them and having the proper processes in place to respond was vital.
He said: "Things will go wrong, and when they do go wrong actually you need the right systems, processes and people in place to actually limit that.
"We don't know what the worst case scenario could be.
"For too long we've been too timid, where actually if we said, do you know what, in future we're going to lose a battle along the way, a hospital may have to close its doors.
"I think if we have that honest conversation now, we're much likely better to prepare ourselves for that eventuality."
NHS Digital's data security centre helps "organisations suffering from small attacks or issues on a daily basis", he told Sky News.
The team monitors the national network to block malicious traffic and sends out a weekly bulletin informing cybersecurity teams across the NHS of matters that need their attention, and in high-severity situations alerts will go out "within four hours".
In a more proactive way, it takes "feeds and intelligence from numerous international sources, from GCHQ or the National Cyber Security Centre, our partners across borders, and we're always looking for threats that are out there that could be applicable to health".
Referring to May's incident, Mr Taylor added: "The thing that hit home for healthcare providers was how digital services underpin their patient services."
But he added: "I'm sick of talking about WannaCry, I'm just going to be honest with you, because WannaCry is one attack vector that happened.
"If we focus on that one thing, then next time it happens, we'll go: 'We're really good at protecting that bit, oh but we forgot this bit' - and actually we need to think about defence in depth."
Mr Taylor said he believes the state of cybersecurity within the NHS is "improving", adding: "I think WannaCry has been a really good event for us. I know that sounds counter-intuitive, but I think sometimes it takes a wake-up call."