Cyber security

The Cyber Security Programme is working to ensure that measures are actively in place to protect NHS assets and services, including those commissioned by NHS England. The aims of the programme are:

  • To enact lessons learned from previous cyber security incidents
  • To ensure that actions related to “Critical” cyber alerts are completed
  • To provide assurance that cyber security is being considered at board level and managed as an ongoing board level risk.

The programme is working to ensure that trusts, integrated care boards and clinical commissioning support units are aware of their accountabilities and responsibilities and undertake cyber security actions, including:

  • Completing independent assessments.
  • Ensuring the outcome of cyber security assessments are acted upon, to mitigate risks
  • Ensuring that organisations register to the Respond to an NHS Cyber Alert service, act on advisories when they are issued, and submit remediation plans.

The programme workstreams will deliver outputs in relation to cyber security that assist in the management of future incidents, provide assurance on the readiness of NHS England assets and services, embed cyber security in local leadership at board level are protected for cyber security, investment is allocated to mitigate risks, and that the necessary requirements are included within relevant contracts.

Find out more

For further information, please email