NHS England has shared plans for the reprocurement of the cyber operations external attack surface management system, launching a market engagement process.
The engagement intends to brief the market ahead of procurement of a solution to protect IT systems that are internet-facing against cyber threats, with the scope to be delivered as a national service to NHS organisations.
So far, NHS England has outlined how the solution should build on previous lessons learned, helping to reduce cyber risks and improve the overall understanding of security weaknesses within the NHS. It should also use “severity-based prioritisation of remediation” to address vulnerabilities and concerns, especially around exposed assets.
NHS England is hosting a webinar as a way to share plans, outcomes and timescales on the procurement process, while also notifying suppliers early so that they have the chance to “consider opportunities and offerings and respond to future more detailed requirements”. The session will provide further clarity around core requirements for the solution and help them to develop a budget ahead of publication of the opportunity in 2026.
Earlier in the year, NHS England issued guidance around cyber security, outlining ways non-executive directors can contribute to keeping their organisation safe from cyber attacks. Jamie Saunders, non-executive chair of the NHS England Cyber Security Risk Committee, stated, “Boards throughout the NHS have a key role to play in safeguarding patients from this risk.”
Latest updates from NHS England
NHS England’s most recent guidance on patient-initiated follow-ups has highlighted the role of the NHS App and digital tools in enabling patient choice, aiming to reduce operational barriers, promote consistency and support providers in “embedding PIFU as part of routine clinical practice”.
The most recent NHS England board meeting discussed the need for consistency in digital delivery, an optimal operating model to balance local delivery with national standards and noted the ongoing risks in digital, data and technology, such as cyber threats and innovation uptake. The board echo the focus of the 10-year plan on NHS App development, the single patient record, and procurement planning for 2026.
In September, the NHS England Transformation Directorate launched a survey to understand experiences of clinical systems and digital tools in general practice. The survey aims to guide national thinking and highlight priority areas for “supplier improvement, shape future investment in general practice digital systems and support ICBs to plan local improvement initiatives,” NHS England noted.
